Multigate Website
Privacy Policy

Multigate (“Multigate” “we” “us” , or “our”) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, protect, disclose, and otherwise process personal data when you (herein referred to as “Data Subject”) access our website, platform, systems, etc (collectively referred to as “Services”), or otherwise interact with us, and applies regardless of your location. In collecting this information, by law, we are required to provide you with information about us, about why and how we use your data, and about the rights you have over your data. In providing these Services, we process personal data in different capacities:

  1. As a Data Controller, where we determine the purposes and means of processing personal data; and
  2. As a Data Processor, where we process personal data strictly on behalf of our business clients and in accordance with their instructions.

By agreeing to this privacy policy, you consent to the sharing of your data with our subprocessors and partners (where applicable), but strictly and only as is necessary to provide the service you have opted into. We process personal data strictly in accordance with applicable data protection and privacy laws in the jurisdictions where we operate, including but not limited to the General Data Protection Regulation (GDPR), Nigeria Data Protection Act (NDPR), and its General Application and Implementation Directive (GAID), and the Personal Information Protection and Electronic Documents Act (PIPEDA). This Privacy Notice applies to (unexhaustively):

  1. Users of our websites or digital platform
  2. Corporate clients and their representatives
  3. Vendors, partners, and service providers
  4. Any other person whose personal data we process in connection with our Services

This Notice does not apply to third-party platforms or services that we do not control.

Who we are

We are Multigate. You can contact us by post at the address on our contact page, or by email. The contact details of our Data Protection Officer are:

The contact details of our Data Protection Officer are:

Email Address

dpo@multigate.io

Phone Number

+2349138712500

How we use your information

When you use our website

When you use our website, access our products and services, and view the information we make available, a number of cookies are used by us and by third parties to allow the website to function, to collect useful information about visitors, and to help make your user experience better. Some of the cookies we use are strictly necessary for our website to function, and we do not ask for your consent to place these on your computer. These cookies are shown below.

Email AddressPurposeFurther Information
uc _ sessionThis cookie is set by Dropbox and is used for the ' save to Dropbox ' functionality. This cookie stores user session IDs.Necessary Cookie

When you submit an inquiry via our website

In the process of submitting an inquiry or using our services, we may ask you for your name, contact information, business information, including telephone numbers, identity information, bank account details, and email address, etc where required. We use this information to respond to your query, including providing you with any requested information about our products and services. We may also email you several times after your inquiry in order to follow up on your interest and ensure that we have answered your inquiry to your satisfaction. We will do this based on our legitimate interest in providing and obtaining accurate information prior to providing services. Your inquiry is stored, processed, and may be used for marketing and communication purposes. We keep inquiry emails for two years, after which they are securely archived and kept for six years or more as strictly required by regulations, when we delete them.

Your rights as a data subject

We may collect personal data directly from you, from our corporate clients, financial institutions, identity verification providers, public regulatory databases, or fraud prevention and sanctions screening partners. Where required by law, we obtain consent before collecting or processing personal data. However, by law, you have the following rights as a data subject:

  1. You can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate.
  2. If we have asked for your consent to process your personal data, you may withdraw that consent at any time.
  3. If we are processing your personal data for reasons of consent or to fulfill a contract, you can ask us to give you a copy of the information in a machine-readable format so that you can transfer it to another provider.
  4. If we are processing your personal data for reasons of consent or legitimate interest, you can request that your data be erased.
  5. You have the right to ask us to stop using your information for a period of time if you believe we are not doing so lawfully.
  6. Finally, in some circumstances, you can ask us not to reach decisions affecting you using automated processing or profiling, etc.

To submit a request regarding your personal data by email, post, or telephone, please use the contact information provided above in the Who Are We section of this policy/notice.

Your right to complain

If you have a complaint about our use of your information, we would prefer you to contact us directly in the first instance so that we can address your complaint. However, complaints may also be reported to the Nigeria Data Protection Bureau (Address: No. 5, Donau Crescent, off Amazon Street, Maitama, Abuja, Nigeria)

Legal Basis For Processing

  1. We process personal data only where permitted under applicable law. Depending on the circumstances, processing may be based on one or more of the following lawful grounds:
  2. Consent: When you have given clear permission for us to process your data for a specific purpose (e.g., marketing). You may withdraw consent at any time by reaching out to us via dpo@multigate.io.
  3. Contract: Where processing is necessary to fulfill our contractual obligations with you or provide a service, such as managing an account or processing transactions.
  4. Legitimate Interest: Processing is needed for our legitimate business purposes (e.g., website analytics, maintaining system security, managing operations, improving our services or customer support), except where such interests are overridden by your data protection rights.
  5. Legal Obligation: When we are required to process your data to comply with laws and regulations (e.g., anti-fraud measures, sanctions screening, tax reporting, fraud, etc.).
  6. Vital or Public Interest: Where processing is necessary to comply with public interest obligations, regulatory requirements, or lawful authority.

How We Use Your Data

We may use personal data to:

  1. Provide, operate, or facilitate our financial technology services
  2. Conduct identity verification and compliance screening
  3. Detect and prevent fraud and financial crime
  4. Comply with legal and regulatory requirements
  5. Maintain secure systems and infrastructure
  6. Improve our services and technology
  7. Respond to inquiries and support requests
  8. Manage our business relationships
  9. Enforce contractual rights
  10. Defend legal claims

We do not use the information you provide to make any automated decisions that negatively impact you.

We do not sell personal data. We retain personal data only for as long as necessary to:

  1. Provide our Services
  2. Comply with legal and regulatory requirements
  3. Resolve disputes
  4. Enforce agreements
  5. Retention periods may vary depending on legal, regulatory, and operational requirements. When personal data is no longer required, it is securely deleted or anonymized.

Transfer of Personal Data

Given the cross-border nature of financial services, personal data may be transferred internationally. Where we transfer data outside your jurisdiction, we do this under a lawful basis, and we implement appropriate safeguards as permitted and required by applicable laws and regulations, including:

  1. Contractual data protection clauses
  2. Binding corporate rules
  3. Regulatory-approved mechanisms
  4. Adequacy decisions where applicable
  5. Risk assessments and supplementary safeguards

We ensure that transferred data receives a level of protection equivalent to applicable legal jurisdiction and standards.

Review and Updates

We regularly review and, if appropriate, update this privacy policy from time to time, and as our services and use of personal data evolve. If we want to make use of your personal data in a way that we have not previously identified, we will contact you to provide information about this and, if necessary, to ask for your consent.