Data Protection Policy

1. Core Principles & Governance

TopupNaija, operating as a product under the corporate structure of Semper Technologies Ltd (a CBN Licensed Parent), is fully dedicated to safeguarding personal records and credit data belonging to our users across Nigeria.

This document outlines our structural governance designed to ensure absolute compliance with the Nigeria Data Protection Regulation (NDPR).

2. Lawful Basis of Processing

We process consumer data (mobile numbers, meter numbers, smartcard details, emails) under strict legal bases:

• Contractual Obligations: Fulfilling instant vending purchases across the grid and cellular carriers.
• Consent: Express authorization granted by the client on entering values or filling ticketing cards.
• Regulatory Directives: Fulfilling auditing checks mandated by the Central Bank of Nigeria (CBN).

3. Technical Security Safeguards

Our core payment processing is fully decoupled. All debit card checkouts are routed securely under PCI-DSS Level 1 specifications:

• Data in Transit: Encrypted using secure Transport Layer Security (TLS 1.3).
• Data at Rest: Encrypted using military-grade 256-bit AES algorithms.
• Database isolation: Customer files are completely sandboxed to prevent unauthorized internal employee leaks.

4. Data Protection Officer (DPO)

We maintain an active compliance office tasked with auditing our software codebases, third-party carrier APIs, and server directories. Contact our DPO for any NDPR inquiries:

Email support: Loading...