We may collect the following categories of information:

A. User Information

• Name, email address, phone number, and job title (during onboarding)

• Login credentials and authentication details (including 2FA configurations)

B. Transaction Data

• Transaction details, such as amounts, timestamps, payment methods, and transaction status

C. Metadata

• Metadata including device ID, IP address, browser information, and geolocation

D. Risk & Audit Data

• Risk scores, alerts, and rule-triggered events

• Audit logs of user activities within the platform

E. System & Technical Data

• Logs, performance metrics, error reports, and integration records

We use collected data to:

• Provide transaction processing, training monitoring, and reporting

• Identify suspicious or high-risk activities in real time

• Improve accuracy of fraud detection using AI and machine learning

• Maintain secure authentication and access management

• Generate compliance reports and audit logs

• Communicate with users about service updates, alerts, and support

• Ensure compliance with applicable laws and regulations

We process data under the following legal grounds:

• Contractual Necessity: To deliver services to clients and users

• Legal Compliance: To comply with financial, regulatory, and data protection requirements

• Legitimate Interests: To improve security, reduce fraud, and enhance system performance

• Consent: For optional features such as marketing communications

We do not sell personal data. However, data may be shared in the following circumstances:

• With Regulators: To comply with legal obligations and audits

• With Clients: Sharing relevant transaction and fraud insights with authorized client users

• With Service Providers: Third-party vendors that provide hosting, APIs, analytics, and integrations (e.g., payment gateways, cloud providers)

• With Law Enforcement: If required by law or to prevent fraud and security threats

We implement industry-standard security measures, including:

• End-to-end encryption of sensitive data (in transit and at rest)

• Role-Based Access Control (RBAC) to limit access to sensitive information

• Multi-layer authentication (e.g., 2FA, secure credentials)

• Regular penetration testing and vulnerability assessments

• Backup and disaster recovery procedures

• Transaction and fraud monitoring data are retained only as long as necessary for business and compliance purposes

• Audit logs are stored in line with regulatory requirements

• User accounts and data may be deleted upon request or after inactivity, subject to applicable retention laws

Depending on jurisdiction, users may have the following rights:

• Access: Request a copy of their personal data

• Correction: Update inaccurate or incomplete data

• Deletion: Request deletion of personal data where applicable

• Restriction: Limit how we process certain data

• Portability: Receive data in a structured, machine-readable format

• Objection: Opt out of certain types of data processing (e.g., marketing)

To exercise rights, users may contact us at info@Renegan.com

Renegan may process and store data on servers located in different jurisdictions. Where data is transferred internationally, we implement safeguards such as Standard Contractual Clauses (SCCs) to protect user data

Our web-based platform may use cookies and similar technologies to:

• Enhance security and authentication

• Remember user preferences and settings

• Collect analytics to improve platform performance

Users can manage cookie settings through their browser

Renegan is not intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors

We may update this Privacy Policy periodically to reflect changes in technology, law, or our practices. Updates will be posted with a revised "Last Updated" date

For questions, concerns, or requests regarding this Privacy Policy, please contact us at:

Renegan Privacy Team

Email: info@renegan.com

Phone: +234 911 036 5877

Address: 18 Primate Adejobi Crescent, Anthony, Lagos