VeriScore Logo
Pricing
Legal document

Privacy Policy

Effective date: 1 May 2025 | Last updated: 1 May 2025

Overview

VeriScore Technologies Ltd (“VeriScore”, “we”, “us”, or “our”) operates the VeriScore platform, including the Capital Passport scoring system, available at veriscore.app. We are committed to protecting the personal and business data you share with us.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our platform. By accessing or using the Service, you signify your agreement to the practices described in this policy.

Plain language summary: We collect your business and personal data to build your Capital Passport score. We do not sell your data to third parties. You can request deletion of your data at any time.

Data we collect

We collect information in three primary ways: directly from you, through connected third-party data sources, and via our field verification process. This helps us verify businesses, improve platform security, and deliver better financial insights.

CategoryExamples

Identity Data

Name, date of birth, email address, gender

Business Data

Business name, CAC number, address, sector, operating period

Financial Data

Bank statements, transaction history, revenue patterns

Tax Data

TIN, FIRS filing history, VAT returns

Field Data

Physical location, outlet photos, agent observations

Usage Data

Pages visited, login timestamps, features used

How we use your data

We use the data we collect for the following purposes:

  • Generating your Capital Passport: Computing your BHS, CRS, IRS, and TRS scores from verified data inputs.
  • Identity verification: Confirming the identity of business owners and authorised representatives.
  • Platform operations: Running your account, sending notifications, and providing customer support.
  • Product improvement: Analysing aggregate usage patterns to improve scoring models and platform features.
  • Legal compliance: Legal compliance: Meeting our obligations under the Nigeria Data Protection Act (NDPA) 2023.
  • Partner reporting: Partner reporting: Where you have explicitly consented, sharing your Capital Passport with connected lenders or institutions.

We do not use your data for advertising. We do not sell or rent your personal or business data to any third party.

Data sharing

We share your data only in the following circumstances:

  • With your explicit consent: When you choose to share your Capital Passport with a lender or institution through the platform.institution through the platform.
  • With service providers: Third-party vendors who help us operate the platform (cloud infrastructure, analytics), bound by strict data processing agreements.
  • With Glued Insights: Our affiliated field research arm, for the purpose of field verification. Data shared is limited to what is necessary for verification
  • With regulators: Where required by Nigerian law, court order, or regulatory authority.
We never sell your data: Any data shared with lenders or partners requires your active, affirmative consent — not a buried checkbox.

Retention

We retain your data for as long as your account is active or as required to provide our services. Specifically:

  • Capital Passport score data is retained for a minimum of 7 years to support lender audit requirements.
  • Field verification records are retained for 5 years.
  • Account and identity data is retained until account deletion plus 90 days
  • Usage and analytics data is retained for 24 months in identifiable form, then anonymised.

You may request deletion of your account and personal data at any time. Some data may be retained longer where required by law.

Your rights

Under the Nigeria Data Protection Act 2023, you have the following rights:

  • Access:Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a machine-readable format.
  • Complaint: Object to certain types of processing, including for marketing purposes.
  • Withdrawal of consent: AWithdraw consent for data sharing with third parties at any time.

To exercise any of these rights, contact us at privacy@veriscore.app. We will respond within 30 days.

Security

We take data security seriously. Our technical and organisational measures include:

  • TLS encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • Role-based access controls with audit logging
  • Regular penetration testing and security reviews
  • Staff training on data protection obligations

No method of transmission or storage is 100% secure. If we become aware of a security breach that affects your data, we will notify you within 72 hours as required by law.

Cookies

We use cookies and similar technologies to operate the platform, remember your preferences, and understand how you use VeriScore. We use:

  • Essential cookies: Required for platform operation. Cannot be disabled.
  • Analytics cookies: Help us understand usage patterns. Can be disabled in your browser settings.
  • Preference cookies: Remember your settings and display preferences.

We do not use advertising or tracking cookies. You can manage your cookie preferences through your browser settings at any time.

Children

VeriScore is a business platform intended for adults operating registered businesses. We do not knowingly collect data from anyone under the age of 18. If you believe a minor has submitted data through our platform, contact us immediately at privacy@veriscore.app.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or via an in-platform notice at least 14 days before the changes take effect. Continued use of VeriScore after the effective date of any changes constitutes your acceptance of the updated policy.

Contact us

For questions, requests, or concerns about this Privacy Policy or your data:

  • Email: privacy@veriscore.app
  • General contact: hello@veriscore.app
  • Address: VeriScore Technologies Ltd, Lagos, Nigeria

If you are unsatisfied with our response, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC).