Effective date: 1 January 2026 · Last updated: 23 February 2026
1. Introduction
Faizon ("we", "us", "our") is an AI-powered financial operations platform that automates reconciliation, document processing, credit appraisal, financial analysis, and compliance workflows for African financial institutions. This Privacy Policy explains how we collect, use, disclose, and protect information when you:
Visit or use the Faizon platform, website, API, or any associated service (collectively, the "Service").
By accessing the Service you agree to the terms below. If you do not agree, please discontinue use.
2. Definitions
“Personal Data” means any information that can identify an individual, directly or indirectly, in line with the Nigeria Data Protection Regulation (NDPR) 2019 and the EU General Data Protection Regulation (GDPR) where applicable.
“Financial Data” means bank statements, transaction records, invoices, credit reports, and any other financial documents uploaded or processed through the Service.
“Process/Processing” means any operation performed on data, whether automated or not.
“User”, “you”, “your” means any person or entity who accesses or uses the Service.
Contract: account creation, delivering purchased subscription features, processing your financial data as requested.
Legitimate interests: fraud detection, service improvement, network security, product analytics.
Legal obligation: retaining transaction records under CBN guidelines, SEC Nigeria rules, and the Companies & Allied Matters Act.
6. Data Sharing & Disclosure
We never sell your Personal or Financial Data. We only share:
With service providers (cloud hosting, AI model providers, analytics, email delivery) under written data-processing agreements prohibiting further use.
With regulators or law-enforcement when legally compelled (e.g., CBN, EFCC, SEC, NDPB).
With your explicit consent (e.g., sharing a reconciliation report with a designated third party).
In business transfers (merger, acquisition, asset sale) with notice to you and continued data protection commitments.
Aggregated, anonymised statistics for research or product improvement (cannot identify you or your organisation).
7. Financial Document Handling
Financial documents (bank statements, invoices, credit reports) are processed in memory and stored encrypted at rest using AES-256.
Documents are retained only as long as necessary to provide the Service or as required by applicable regulations.
You may delete individual documents or your entire document history at any time via the platform settings.
Processed outputs (reconciliation reports, credit appraisals, converted files) are stored in your account and accessible only to authorised users within your organisation.
8. International Transfers
Our primary servers are hosted in AWS eu-west-1 (Ireland) with backups in AWS af-south-1 (Cape Town).
Where we transfer data outside Nigeria we: execute Standard Contractual Clauses (SCCs) approved by the European Commission, verify adequate protection under NDPR guidelines, and maintain encryption in transit (TLS 1.3) and at rest (AES-256).
9. Cookies & Similar Technologies
Essential cookies keep you logged in and secure. Analytics cookies help us understand product usage (PostHog, self-hosted Plausible). Marketing cookies are off by default; you may opt in. You can manage preferences via the "Cookie Settings" link in the footer. Do-Not-Track signals are honoured.
10. Security Measures
ISO 27001-aligned information-security management system.
End-to-end encryption for all data in transit (TLS 1.3) and at rest (AES-256).
Multi-factor authentication for staff; least-privilege access controls; quarterly penetration tests.
Continuous vulnerability scanning; 24-hour incident-response team. Despite best efforts, no internet transmission is 100% secure; you should use strong passwords and keep them confidential.
11. Your Rights
Access, rectify, or erase your Personal Data — including all uploaded financial documents.
Restrict or object to processing of your data.
Receive your data in a portable format (including reconciliation reports and converted files).
Withdraw consent at any time (does not affect prior lawful processing).
Delete your account and all associated data permanently via Settings.
Lodge a complaint with the Nigeria Data Protection Bureau (NDPB) or your EU supervisory authority. To exercise rights, email privacy@faizon.ng. We respond within 30 days.
12. Data Retention
Account data is retained for the duration of your subscription plus 90 days after cancellation, after which it is permanently deleted.
Financial documents are retained as needed to provide the Service or as required by applicable regulations (maximum 7 years for audit-trail purposes under Nigerian company law).
Anonymised analytics and aggregated usage statistics are retained indefinitely for product improvement.
13. Children's Privacy
The Service is intended for professional and business use by users aged 18+. We do not knowingly collect data from children under 18. If you believe we have such data, contact us; we will promptly delete it.
14. AI & Chatbot Specifics
The Financial AI Chat is for financial analysis and operational purposes; its outputs should be reviewed by qualified professionals before acting upon them.
We log questions, uploaded documents, and responses to improve accuracy and model performance. You may delete individual threads or your entire history in Settings.
Do not enter sensitive personal data (e.g., bank account PINs, passwords, biometric data) into the Chat. If you accidentally do, notify us immediately so we can purge the data.
AI models may be hosted by Faizon or third-party providers; any third-party provider is bound by data-processing agreements that prohibit retaining or using your data beyond the immediate inference request.
15. Third-Party Links & Integrations
The Service may link to or integrate with banks, payment gateways (Flutterwave), cloud providers (AWS), or other third-party services. This Policy does not cover external sites; review their policies before submitting data.
16. Changes to This Policy
We will post material changes on this page with a "Last updated" date and, where feasible, notify you via email or in-app alert. Continued use after changes constitutes acceptance.
17. Consent Statement
By creating an account, clicking "Sign Up", or continuing to interact with the Service, you acknowledge that you have read, understood, and agree to this Privacy Policy and our Terms of Service.