Privacy Policy
Last Modified: July 2026
1. Introduction
BillEnvoy ("we", "us", or "our") values your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our web application, or install our mobile applications (Android and iOS). By using our services, you consent to the data practices described in this policy.
2. Information We Collect
To provide our bill payment services, we collect information that identifies you or relates to your activities on our platform:
- Personal Identifiable Information (PII): Your name, email address, phone number, and any Know Your Customer (KYC) details required by regulations (such as your BVN or NIN where applicable).
- Utility and Transaction Data: Information required to process your bills, including smartcard numbers (DStv/GOtv), prepaid meter numbers, phone numbers for airtime/data tracking, and your full transaction history.
- Device and Usage Information: IP addresses, operating system types (Android/iOS versions), unique device identifiers, browser types, and app performance metrics.
3. How We Use Your Information
We process your data to deliver a secure and reliable experience. Specifically, we use it to:
- Provision virtual bank accounts through our payment partner, Paystack, and process your wallet fundings.
- Execute automated or manual requests for airtime, data, cable TV, and electricity payments.
- Detect, prevent, and mitigate fraudulent card funding activities or the use of stolen funds.
- Send you critical transaction alerts, token delivery messages, and system update notices.
- Comply with Nigerian financial laws and anti-money laundering (AML) regulations.
4. Data Sharing and Third-Party Disclosures
We do not sell your personal information. We share data only with trusted third parties necessary to execute your transactions:
- Payment Processors: We share essential data with **Paystack** to open virtual accounts and process credit/debit card fundings securely.
- Utility Providers & Telcos: Relevant destination numbers (e.g., phone numbers or meter numbers) are sent to telecommunications companies and electricity distribution companies (DisCos) to fulfill your purchases.
- Law Enforcement: If an account is flagged for utilizing stolen cards or fraudulent funds, we will share all associated records with relevant security agencies and financial regulators.
5. Mobile App Permissions
Our native Android and iOS applications may request specific permissions to enhance functionality, such as access to your contact list (to easily select phone numbers for airtime or data top-up). These permissions are entirely optional, and data is only accessed when you explicitly initiate the corresponding feature.
6. Data Security and Storage
We implement industry-standard technical and organizational security measures, including Transport Layer Security (TLS/SSL) encryption, to protect your data from unauthorized access, loss, or alteration. While we take maximum precautions, no digital transmission over the internet can be guaranteed 100% secure.
7. Data Retention
We retain your personal data and transaction records for as long as your account remains active or as required by Nigerian financial regulatory bodies for auditing and anti-fraud monitoring purposes.
8. Contact Information
If you have questions about this Privacy Policy, your data rights, or want to request account deletion, please contact our data compliance desk at:
Email Address: [email protected]