Data Protection Notice (NDPA)

The data controller is Bompai Microfinance Bank Limited, Bompai Road, Nassarawa LGA, Kano State, Nigeria. Our Data Protection Officer can be reached at dpo@bompaimfb.com.

• Lawfulness, fairness and transparency.
• Purpose limitation — we only use data for the purposes disclosed.
• Data minimisation — we collect only what we need.
• Accuracy — we keep your data up to date; you can correct it at any time.
• Storage limitation — we retain data only as long as needed or required by law.
• Integrity and confidentiality — protected by technical and organisational controls.
• Accountability — we document and demonstrate our compliance.

You have the right to access, rectify, erase, restrict, object to and port your personal data, and to withdraw consent. Write to dpo@bompaimfb.com; we respond within 30 days.

In the unlikely event of a personal data breach likely to result in high risk to your rights, we will notify the NDPC and affected customers within 72 hours of becoming aware, with information on what happened, impact and remedial steps.

Cross-border transfers are made only to jurisdictions with adequate protection or under standard contractual clauses approved by the NDPC.

You may lodge a complaint with the Nigeria Data Protection Commission at info@ndpc.gov.ng if you believe your rights have been infringed.