Preamble
At Rockshield Microfinance Bank (hereinafter referred to as “the Bank”), your personal information is treated with the utmost confidentiality and care. We are committed to protecting your privacy and ensuring the highest level of security at all points of interaction with us. This Privacy Policy outlines the personal information we collect, how we use it, and how we protect it.
This policy, together with our Terms and Conditions, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By continuing to use our services, you accept and consent to the practices described in this policy.
Information We Collect and Use.

We collect information about you from various sources, including:

  • Website visits, applications, identification documents, CVs, personal financial statements, interactions with relationship managers, and other third parties (e.g., credit bureaus, payment gateways, and other financial institutions).
  • Information such as your name, address, passport details, identification numbers, biometric information, telephone number, location, occupation, assets, income, and any other necessary information.
  • Transactional account history, including account balance, payment records, and debit/credit card usage.
  • Information from third parties such as family, solicitors, friends, employers, social media pages made public by you, government agencies, regulators, supervisory or credit agencies.
  • Video footage when you visit our branches, telephone conversations when you call our contact centre lines, and geographic information when using our ATMs.

Cookies
Cookies are small text files stored on your computer or mobile devices whenever you visit a website. They are used to enhance your experience on our site by remembering your preferences and helping us analyze our website traffic.
The Bank uses cookies to improve your experience on our site. Key points about our cookies:

  • Some cookies are essential to access certain areas of the site.
  • We use analytics cookies to understand how you use our site and what content is most useful to you. Please refer to our cookie policy for more details.

Use of Personal Information
The collection and use of personal data by the Bank are guided by certain principles:

  • Data should be obtained for specified and lawful purposes and not processed in any manner incompatible with those purposes.
  • Personal data must be processed fairly, lawfully, and transparently.
  • Data should be adequate, relevant, and limited to what is necessary for processing purposes.
  • Data should be accurate and up-to-date, with measures taken to rectify or erase inaccurate data.
  • Data should not be kept longer than necessary.
  • Data should be processed in accordance with the data subject’s rights.
  • Data should be kept safe from unauthorized processing, accidental loss, damage, or destruction using appropriate technical and organizational measures.

Personal information provided to the Bank will be used with your consent or for lawful reasons, including:

  • Fulfilment of contractual obligations.
  • Compliance with legal and regulatory requirements.
  • Protection of vital interests.
  • Activities carried out in the public interest.
  • Legitimate interests of the Bank or a third party, provided these do not conflict with data protection requirements.

Your personal information is used for:

  • Updating and enhancing our records.
  • Executing your instructions.
  • Establishing your identity and assessing applications for products and services.
  • Pricing and designing our products and services.
  • Administering our products and services.
  • Managing our relationship with you.
  • Managing our risks.
  • Identifying and investigating illegal activity (e.g., fraud).
  • Contacting you in instances of suspected fraud or significant events.
  • Conducting and improving our business and your experience with us.
  • Reviewing credit or loan eligibility.
  • Preventing money laundering or terrorism financing.
  • Complying with legal obligations and assisting government and law enforcement agencies or regulators.
  • Identifying and informing you about other products or services that may interest you.
  • Processing job applications if you apply for a job with us.
  • We may also collect, use, and share your information as permitted by law.

Automated Processing
We sometimes use automated systems to help us make decisions about you, such as credit decisions or fraud checks. This processing is carried out lawfully, and you can request human review if you detect inaccuracies in your data.

Information We Share. We may share your information with:

  • The Bank’s branches and subsidiaries.
  • Regulators, government agencies, and courts when required by law.
  • External auditors.
  • Credit agencies.
  • Correspondent banks.

Strategic partners/service providers for improving our services (not for their marketing purposes).
We may also disclose your information to enforce our terms and conditions or protect our operations or users. In case of a reorganization, merger, or sale, we may transfer personal information to the relevant third party.

How We Protect Your Information?
We take appropriate technical and organizational measures to prevent loss, unauthorized access, misuse, modification, or disclosure of your information. This includes encryption, access controls, and other security measures. Our employees and third parties processing data on our behalf comply with relevant policies to ensure your data is protected.

Where We Store Your Information?
Personal information provided to us is stored on secure servers, physical locations, and cloud infrastructure (where applicable). Data may be transferred to or stored in cloud locations with globally accepted vendors. We ensure your data is handled securely in accordance with this privacy policy.

How Long We Store Your Information?
We retain your data as long as necessary for the purposes for which it was collected, considering legal, regulatory, administrative, or operational requirements. Data not retained is securely destroyed when no longer needed.

What other data privacy rights do you have?
Although not always absolute, you also have some other rights. At any point, while Rockshield Microfinance Bank Limited is in possession of or processing your personal data, you, the data subject, have the right to:

  • Access your personal information held by us.
  • Rectify inaccurate or incomplete information.
  • Withdraw consent for processing where consent was previously given.
  • Restrict or object to the processing of your data, with valid legal or operational reasons for continued processing.
  • Request data in a common electronic format or transfer to a third party.
  • Request erasure of your information, subject to valid legal, regulatory, or operational reasons for retention.

What forms of ID will I need to provide to access this?
Rockshield Microfinance Bank Limited accepts the following forms of ID (but not limited to) when information on your data is requested: International Passport, driving license, national identity card, and permanent voter card.

Maintaining Accurate Information
Keeping your account information accurate and up-to-date is crucial. You can access your account information through various means, such as account statements, SMS Banking, Social Media Banking, and Internet Banking. Notify us promptly of any inaccuracies, via our branch network or Contact Centre, with the required documentation for updates.

Applicability of This Privacy Policy
This policy applies to Rockshield Microfinance Bank and its subsidiaries.

Third-party Sites and Services
Our websites, products, applications, and services may link to third-party sites. Information collected by third parties is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.

Social Media Platforms
The Bank may interact with users on social media platforms like Facebook, Twitter, LinkedIn, and Instagram. Content you post or make available on these platforms is subject to their terms and privacy policies.

Privacy of Children
We respect the privacy of children and do not knowingly collect personal information from children under 18. We do not market to children nor allow them to open online accounts.

Promotional Messages
We may contact you with products or services that may interest you. You can opt out at any time by sending an email to dpo@rockshieldmfb.com

Privacy Policy Changes
This policy may be revised to reflect changes in the legal, regulatory, and operating environment. Revised versions will automatically apply and will be posted on this page. We will notify you of any changes, and you are encouraged to review this page periodically.

Contact
For questions, comments, or requests regarding this privacy policy, please contact us at dpo@rockshieldmfb.com or info@rockshieldmfb.com
To contact our Data Protection Officer, please address your request to “The Data Protection Officer” at No 79 Ladipo Street Matori-Mushin Lagos.

close-link