Data Protection & Privacy Policy

Data Protection & Privacy Policy

Introduction

Last updated June 16, 2025

Routelink Integrated Systems Limited (“the Company”) is committed to protecting the privacy and security of personal data in compliance with the Nigeria Data Protection Commission (NDPC), the Nigeria Data Protection Act (NDPA) 2023, and other applicable laws. This policy outlines how we collect, process, store, and safeguard personal data belonging to customers, employees, partners, and vendors

1. SCOPE

This policy applies to:


  • Customers (subscribers, users, prospective clients)
  • Employees (current, former, job applicants)
  • Partners & Vendors (third-party service providers)
  • Any individual whose data we process

It covers all forms of data handling, including collection, storage, access, sharing, and deletion.


2. DEFINITIONS

Personal Data

Any information relating to an identifiable person (e.g., name, email, phone number, ID).


Sensitive Data

Special categories (e.g., biometrics, health records, financial data).


Data Subject

The individual to whom the data belongs.


Processing

Any operation performed on data (e.g., collection, storage, analysis).


Data Controller

The Company, which determines processing purposes.


Data Processor

A third-party processing data on our behalf


Consent

Freely given, informed agreement to process data


3. DATA PROTECTION PRINCIPLES

The Company adheres to the following principles:


1. Lawfulness, Fairness & Transparency


  • Data is processed legally, fairly, and with clear communication.

2. Purpose Limitation


  • Data is collected only for specified, legitimate purposes.

3. Data Minimization


  • Only necessary data is collected and retained.

4. Accuracy


  • Data is kept up-to-date and corrected when errors are found.

5. Storage Limitation


  • Data is retained only as long as necessary.

6. Security & Confidentiality


  • Strong safeguards prevent unauthorized access or breaches.

4. LAWFUL BASIS FOR PROCESSING

We process data based on at least one of the following:


  • Consent (freely given and withdrawable)
  • Contractual necessity (to provide services)
  • Legal obligation (required by law)
  • Legitimate interest (balanced with privacy rights)

5. DATA SUBJECT RIGHTS

Individuals have the right to


  • Access their personal data
  • Correct inaccurate data
  • Delete data (where applicable)
  • Restrict or object to processing
  • Data portability (if feasible)
  • Withdraw consent (if processing relies on it)

Request Procedure:
  • Submit a written request to info@routelinktel.com
  • The Company will respond within 30 days

6. DATA SECURITY MEASURES

To protect personal data, the Company implements:


  • Encryption for stored and transmitted data
  • Access controls (role-based permissions)
  • Regular security audits
  • Employee training on data protection
  • Secure disposal of outdated records

7. THIRD-PARTY DATA SHARING

  • Vendors/processors must sign a Data Processing Agreement (DPA).
  • Data is only shared when necessary and lawful.
  • The Company ensures third parties comply with security standards.

8. DATA BREACH MANAGEMENT

  • Report breaches to the DPO within 24 hours.
  • NDPC is notified within 72 hours if the breach is high-risk.
  • Affected individuals are informed if there’s a significant threat.

9. ROLES & RESPONSIBILITIES

A. Data Protection Officer (DPO)
  • Ensures compliance with NDPC/NDPA.
  • Conducts Data Protection Impact Assessments (DPIAs).
  • Liaises with the Nigeria Data Protection Commission (NDPC).

B. Employees & Contractors
  • Must follow this policy when handling data.
  • Report suspicious activities or breaches immediately.

C. Management
  • Approves policy updates and ensures enforcement.

10. POLICY REVIEW & UPDATES

Reviewed annually or when:


  • New laws are enacted.
  • Major changes in data processing occur.
  • Updates require management approval.

11. ENFORCEMENT & COMPLIANCE

Reviewed annually or when:


  • Violations may lead to disciplinary action, termination, or legal consequences.
  • Employees must acknowledge and adhere to this policy.

Contact Information

For data requests or concerns, contact:
Routelink Integrated Systems Limited
Email: info@routelinktel.com
Phone: (+234)8030905494, (+234)8038190914, (+234)8036288832

Personal

Elevate your financial journey without the friction. RoutePay integrates everything—spending, saving, and paying—into one intuitive experience designed around your day.

Business

A 360-degree payment engine for your brand. We handle the technical complexities of collections and payouts, giving you the freedom to focus entirely on your customers.

Company

About usContact UsPersonalBusinessGoverment

Contact

Start a Chat+234 913 444 6536sales@routepay.comGround Floor, Africa Re House, Plot 1679 Karimu Kotun St, Victoria Island, Lagos

Beyond Barriers

SocialsSocialsSocialsSocials
PrivacyTerms of UseCookies PolicyData ProtectionFor Developers

Banking services on this platform are provided by Routelink Microfinance Bank Limited (RC 8836108), located at 71a, Lagos Ikorodu road, Ikorodu Lagos state. Routelink Microfinance Bank Limited is duly licensed by the Central Bank of Nigeria.

RoutePay Fintech Limited (RC 1872221) is licensed by the Central Bank of Nigeria (CBN) as a Payment Solution Service Provider (PSSP) and is further certified by the Nigerian Communications Commission (NCC) for Value-Added Services (VAS).
Other services offered on this platform are provided by their respective providers, all of whom are duly licensed or legally permitted to operate in partnership with Routelink.

Registered Office: 4th Floor, Africa Re House, Plot 1679 Karimu Kotun St, Victoria Island, Lagos.

© 2026 RoutePay. All rights reserved.