PRIVACY POLICY

Personal Information

Information that identifies you as an individual or relates to an identifiable person, including:

• Full name
• Date of birth
• Home or other physical address
• Email address
• Phone number
• Government-issued identification (passport, national ID, driver's license)
• Biometric data (where permitted by law, such as fingerprints for authentication)
• Photographs (for identity verification)
• Nationality
• Tax identification information
• Employment information

Financial Information

Information related to your financial accounts and transactions, including:

• Bank account numbers
• Credit/debit card information
• Transaction history
• Account balances
• Payment history
• Mobile money account details
• Currency exchange transactions
• Transfer records

Identity Verification Information

To comply with anti-money laundering (AML) and know your customer (KYC) regulations across our operating jurisdictions, we collect information to verify your identity, such as:

• Copies of identification documents
• Proof of address documents
• Information about beneficial owners (for business accounts)
• Politically exposed person status
• Sanctions screening information

Device and Usage Information

Information about your device and how you use our Services, including:

• IP address
• Device type and model
• Operating system
• Browser type
• Mobile network information
• Device identifiers
• Location data (with your permission)
• App usage data
• Time and duration of service use
• Pages viewed
• Features used
• Login information
• Access times and dates

Communications Information

When you communicate with us or other users through our platform, we collect:

• Customer service interactions
• Survey responses
• User feedback
• In-app messages
• Communication preferences

Directly from You

• When you register for an account
• When you complete transactions
• When you upload verification documents
• When you contact customer service
• When you respond to surveys or promotions
• When you provide information through our app or website

Automatically

• Through cookies and similar technologies
• Through our mobile app when you use it
• Through your device when you visit our website
• Through server logs

From Third Parties

• Banks and financial institutions
• Payment processors
• Mobile money providers
• Identity verification services
• Credit bureaus (where permitted by law)
• Public databases
• Marketing partners
• Social media platforms (if you connect your social media accounts)
• Other users (such as when they send money to you)
• Business partners

Provide Our Services

• Process currency exchange and transfer transactions
• Manage your account and provide customer service
• Verify your identity and prevent fraud
• Enable features such as international transfers, currency exchange, and payments
• Complete KYC and AML checks
• Facilitate communication between users of our platform

Improve Our Services

• Understand how users interact with our Services
• Develop new products and services
• Test and debug features
• Analyze usage patterns and trends
• Conduct research and analysis

Personalize Your Experience

• Remember your preferences
• Customize content and features
• Provide personalized recommendations
• Deliver targeted offers and promotions

Marketing and Communication

• Send promotional communications about products, services, and features
• Deliver updates about our Services
• Measure the effectiveness of our marketing campaigns
• Invite you to events or surveys

Security and Compliance

• Protect our Services against fraud and unauthorized access
• Comply with legal obligations in our countries of operation
• Enforce our terms and policies
• Resolve disputes
• Protect our legal rights and interests
• Respond to legal requests from authorities
• Conduct audits

Service Providers

• Payment processors (such as banking partners in Nigeria, Ghana, Kenya, and other operating countries)
• Mobile money operators (such as MTN, Vodafone, Airtel, Orange, M-Pesa, and others across our markets)
• Identity verification services
• Cloud hosting providers
• Analytics providers
• Customer support tools
• Marketing and advertising partners
• Professional advisors (legal, accounting, etc.)

Financial Partners

• Banking institutions
• Mobile money providers
• Card networks
• Money transfer networks
• Currency exchange services

Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, your information may be transferred as part of that transaction.

Legal Requirements

We may disclose your information when we believe in good faith that disclosure is necessary to:

• Comply with laws, regulations, or legal processes
• Enforce our terms and agreements
• Protect our rights, property, or safety
• Prevent fraud or unauthorized activity
• Respond to government requests, including from regulatory authorities in Nigeria, other African countries, the US, UK, and EU

With Your Consent

We may share your information with third parties when you have given us your consent to do so.

SALE OR SHARING OF PERSONAL INFORMATION

Monirates does not sell personal information for monetary consideration. However, under laws like the CCPA/CPRA, certain sharing of personal information may be considered a “sale” or “sharing” even without monetary exchange.

We may share certain information (such as device identifiers, browsing activity, and transaction patterns) with advertising partners and analytics providers who may use this information for targeted advertising or analytical purposes. This may constitute “sharing” under certain privacy laws.

For All Users

• Access: You can request access to the personal information we have about you.
• Correction: You can request that we correct inaccuracies in your personal information.
• Account Information: You can access and update certain information through your account settings.

For Users in Nigeria and African Countries with Similar Rights

Under the Nigeria Data Protection Regulation and similar laws in other African countries where we operate, you may have rights to:

• Request information about the processing of your personal data
• Request restriction of processing
• Object to processing in certain circumstances
• Request deletion of your data in certain circumstances

For Users in the United States

Depending on your state of residence, you may have rights to:

• Request deletion of your personal information
• Request disclosure of categories of personal information collected
• Request correction of inaccurate personal information
• Opt out of the sale or sharing of personal information
• Limit the use of sensitive personal information
• Data portability (receiving your data in a structured format)
• Non-discrimination for exercising your rights

For Users in the UK and EU

You may have rights to:

• Data portability (receiving your data in a structured, commonly used format)
• Restriction of processing
• Objection to processing
• Erasure (the “right to be forgotten”)
• Withdrawal of consent
• Lodge a complaint with a supervisory authority

Your Rights Regarding Automated Decisions

Where applicable law provides (such as under GDPR or similar laws), you have the right to:

• Obtain human intervention in the decision-making process
• Express your point of view about the decision
• Contest the decision

For U.S. residents, you may have rights under state privacy laws to opt out of certain profiling activities. Please contact us to exercise these rights.

Types of Cookies We Use

• Essential Cookies: Necessary for the operation of our website.
• Analytical/Performance Cookies: Allow us to recognize and count the number of visitors.
• Functionality Cookies: Used to recognize you when you return to our website.
• Targeting Cookies: Record your visit to our website and the pages you have followed.

Cookie Consent and Choices

When you first visit our website, you will be presented with a cookie consent banner that allows you to:

• Accept all cookies
• Decline non-essential cookies
• Manage your cookie preferences
• Access our Cookie Policy for more detailed information

You can also control cookies through your browser settings and other tools. However, if you block certain cookies, you may not be able to use some features of our Services. To change your cookie preferences at any time, click on “Cookie Settings” in the footer of our website.

Privacy Team

Email: privacy@monirates.com
Address: 2055 Limestone Rd STE 200-C, Wilmington, DE 19808, USA

Data Protection Officer

Email: dpo@monirates.com

For Users in Specific Regions:

• Nigeria: nigeria-privacy@monirates.com
• UK/EU: gdpr@monirates.com
• US: us-privacy@monirates.com

NIGERIA SUPPLEMENT

In compliance with the Nigeria Data Protection Regulation (NDPR), we provide the following additional information:

• Data Controller: Information about the data controller.
• Categories of Personal Data: Specific categories collected.
• Purpose of Processing: Explicit purposes.
• Technical Methods Used for Processing: Description of methods.
• Third-Country Transfer Safeguards: Safeguards used.
• Retention Period: Specific timelines.

You have the right to request access to, rectification, or deletion of your personal data, and to lodge a complaint with the National Information Technology Development Agency (NITDA) if you believe your rights have been violated.

GHANA SUPPLEMENT

In compliance with Ghana's Data Protection Act, we inform you that:

• Data Controller: Information about the data controller.
• You have the right to request access to your personal data, object to processing, and request rectification or erasure in certain circumstances.
• You may lodge a complaint with the Data Protection Commission of Ghana.

UNITED STATES SUPPLEMENT

This U.S. Privacy Policy Supplement is provided pursuant to applicable U.S. state privacy laws including, but not limited to, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and Utah Consumer Privacy Act (UCPA).

Data Controller: Information about the data controller.

California Residents

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information:

• Right to Know: Information about collection and use.
• Right to Delete: Request deletion of data.
• Right to Correct: Correct inaccurate information.
• Right to Opt-Out: Opt-out of sale or sharing.
• Right to Limit Use of Sensitive Personal Information: Restrict use of sensitive data.

UK AND EU SUPPLEMENT

In compliance with UK GDPR and EU GDPR (where applicable), we provide the following additional information:

• Data Controller: Information about the data controller.
• Legal Bases for Processing: Contractual necessity, legitimate interests, compliance, consent.
• Automated Decision-Making: Details on human intervention.
• Data Protection Officer: Contact information.