Privacy Policy

Your privacy is our priority at INDOSABEST LTD

Last Updated: January 06, 2026
Contents
1 Data Collection 2 How We Use Data 3 Data Sharing 4 Data Security 5 Your Rights 6 Cookies Policy

At INDOSABEST LTD, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you purchase Airtime, Data, Electricity Tokens, or Exam PINs through our platform. By using our services, you consent to the practices described in this policy.

1 Information We Collect

To provide our services effectively and comply with regulatory requirements, we collect the following types of information:

  • Personal Identifiers: Your full name, email address, phone number, and physical address for account creation and service delivery.
  • Government Identifiers: Bank Verification Number (BVN) and National Identification Number (NIN) for Know Your Customer (KYC) compliance as mandated by the Central Bank of Nigeria (CBN) and Nigerian Communications Commission (NCC).
  • Transaction Data: Details of purchases including service type, amount, recipient phone/meter numbers, and transaction timestamps.
  • Technical Data: IP address, device type, browser information, operating system, and access times used to enhance security and platform performance.
  • Financial Information: Payment method details, wallet balance, and transaction history (card details are not stored; they are processed by certified payment gateways).
Why We Request BVN and NIN

In compliance with the Nigeria Data Protection Act (NDPA) and anti-fraud regulations, we use these government identifiers solely to verify your identity and prevent unauthorized transactions. We do not store your BVN/NIN for any purpose other than identity verification, and this data is encrypted and secured.

2 How We Use Your Information

We process your personal data for the following legitimate purposes:

  • Service Delivery: Process and deliver your Data bundles, Airtime top-ups, or Electricity Tokens instantly to the correct recipient.
  • Exam PIN Generation: Generate and display WAEC, NECO, and NABTEB PINs for educational purposes.
  • Transaction Communication: Send transaction receipts, confirmations, and important service updates via email or SMS.
  • Customer Support: Respond to your inquiries, resolve issues, and provide assistance with failed transactions.
  • Legal Compliance: Meet regulatory obligations under the laws of the Federal Republic of Nigeria, including anti-money laundering (AML) requirements.
  • Platform Improvement: Analyze usage patterns to enhance user experience, improve service reliability, and develop new features.
  • Fraud Prevention: Monitor transactions for suspicious activity and protect users from unauthorized access.

3 Data Sharing & Third Parties

We do not sell your personal data. However, we share necessary information with trusted third parties under strict confidentiality agreements:

  • Payment Processors: Secure payment gateways (such as Paystack, Flutterwave) to process your transactions safely. These providers comply with PCI-DSS standards.
  • Service Providers: Telecommunication companies (MTN, Airtel, Glo, 9mobile), Electricity Distribution Companies (DisCos), and Examination Bodies (WAEC, NECO) to fulfill your orders.
  • Technology Partners: Cloud hosting services and SMS/email delivery platforms that help us operate our infrastructure.
  • Law Enforcement & Regulatory Bodies: When required by Nigerian law, court order, or to comply with legitimate regulatory requests from authorities such as EFCC, ICPC, or CBN.
Third-Party Responsibility

While we ensure our partners maintain high security standards, we are not responsible for their independent privacy practices. We recommend reviewing their privacy policies.

4 Data Security Measures

We implement comprehensive security measures to protect your information from unauthorized access, alteration, disclosure, or destruction:

SSL Encryption

All data transmitted between your device and our servers is encrypted using 256-bit SSL technology.

Secure Servers

Your data is stored on encrypted servers with restricted access and regular security audits.

Multi-Factor Authentication

Your wallet and payment details are protected by MFA and secure authentication protocols.

Data Minimization

We only collect and retain data that is necessary for providing our services.

Access Controls

Strict internal policies limit data access to authorized personnel only on a need-to-know basis.

Regular Audits

Periodic security assessments and penetration testing to identify and address vulnerabilities.

Security Disclaimer

While we employ industry-standard security measures, no system is completely immune to threats. We cannot guarantee absolute security but are committed to promptly addressing any breaches and notifying affected users as required by law.

5 Your Legal Rights

Under the Nigeria Data Protection Act (NDPA) and other applicable laws, you have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you, including transaction history and account information.
  • Right to Rectification: Request correction of inaccurate or incomplete personal information in your account.
  • Right to Erasure: Request deletion of your account and associated personal data (subject to legal requirements for record retention of transaction data for tax and audit purposes).
  • Right to Object: Object to processing of your data for marketing purposes (we will honor such requests immediately).
  • Right to Data Portability: Receive your personal data in a structured, commonly used format to transfer to another service provider.
  • Right to Withdraw Consent: Withdraw your consent for data processing at any time (this may affect our ability to provide certain services).

To exercise any of these rights, please contact our Data Protection Officer using the details provided at the end of this policy. We will respond to your request within 30 days.

6 Cookies and Tracking Technologies

Our platform uses cookies and similar tracking technologies to enhance your browsing experience and improve our services:

  • Essential Cookies: Required for the platform to function properly, including session management and authentication.
  • Functional Cookies: Remember your preferences such as language settings and login credentials.
  • Analytics Cookies: Help us understand how users interact with our platform to improve performance and user experience.

You can disable cookies in your browser settings, but please note that some features of our platform may not function properly without cookies enabled.

Managing Cookies

Most web browsers allow you to control cookies through their settings. Refer to your browser's help section for instructions on managing or deleting cookies.

Data Protection Officer

If you have concerns about your data privacy, wish to exercise your rights, or need clarification on our data practices, please reach out to our Data Protection Officer:

Email Address
support@indosabest.com
Mailing Address
Azare, Bauchi State, Nigeria
Response Time
We aim to respond to all privacy inquiries within 30 days

7 Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

  • Active Accounts: Personal data is retained while your account remains active and in good standing.
  • Transaction Records: Financial transaction data is retained for 7 years as required by Nigerian tax and accounting laws.
  • Closed Accounts: After account closure, most personal data is deleted within 90 days, except for transaction records required by law.
  • Legal Obligations: Data may be retained longer if required for legal proceedings, regulatory investigations, or dispute resolution.

8 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make significant changes:

  • We will update the "Last Updated" date at the top of this policy
  • We will notify you via email or prominent notice on our platform
  • We will seek your consent if required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a child has provided us with personal data, please contact us immediately, and we will take steps to delete such information.

Regulatory Compliance

This Privacy Policy is designed to comply with:

  • Nigeria Data Protection Act (NDPA) 2023
  • Nigeria Data Protection Regulation (NDPR) 2019
  • Central Bank of Nigeria (CBN) Guidelines
  • Nigerian Communications Commission (NCC) Regulations