Home Privacy Policy

Privacy Policy

How we collect, use, protect, and respect your personal information at GroMon Financial Services.

Effective: January 1, 2025 Last Updated: June 2025 NDPR Compliant
Introduction

Overview

Gromon Resources Managers Limited ("GroMon", "we", "our", or "us") is a licensed cooperative and financial services company registered and operating in Delta State, Nigeria. We are committed to safeguarding the privacy and personal information of every member, customer, and visitor who engages with our services.

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding your information. It applies to all services offered through our website (gromonsavings.online), mobile application, USSD platform (*7006*20*174#), and any other GroMon service channels.

By registering for or using any GroMon service, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your personal data as described herein. If you do not agree, please discontinue use of our services.

This policy is governed by the Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Act (NDPA) 2023, as issued by the National Information Technology Development Agency (NITDA).

Data Collection

Information We Collect

To provide you with financial services, verify your identity, and comply with regulatory requirements, we collect the following categories of personal data:

Category Examples How Collected
Identity Data Full name, date of birth, gender, photograph Registration form, KYC verification
Contact Data Phone number, email address, residential address Registration, profile updates
Financial Data Bank account details, BVN, savings history, loan records, transaction data Account setup, transactions, loan applications
Verification Data BVN, NIN, international passport number, utility bills KYC compliance process
Device & Usage Data IP address, device type, browser, app usage patterns, USSD session data Automatically via app/website
Communications Data Emails, support messages, call records with customer service When you contact us

We collect data directly from you, from your use of our platforms, and from authorised third-party sources such as the Nigeria Inter-Bank Settlement System (NIBSS) for BVN verification, and licensed credit bureaus.

Data Use

How We Use Your Information

We only use your personal data for specific, legitimate purposes related to delivering and improving our financial services. These include:

  • Account creation and management — to register you as a member and maintain your cooperative account.
  • Identity verification (KYC/AML) — to comply with Know Your Customer and Anti-Money Laundering obligations under Nigerian law.
  • Loan processing and assessment — to evaluate your eligibility for collateral-free loans based on your savings history and cooperative activity.
  • Transaction processing — to execute deposits, withdrawals, bill payments, airtime purchases, and fund transfers accurately.
  • Customer support — to respond to enquiries, resolve complaints, and provide assistance via phone, email, or chat.
  • Service notifications — to send account alerts, transaction confirmations, repayment reminders, and important policy updates via SMS or email.
  • Fraud prevention and security — to detect suspicious activity, protect your account, and comply with regulatory reporting obligations.
  • Product improvement — to analyse usage patterns and improve our app, USSD service, and overall member experience.
  • Marketing communications — with your consent, to inform you about new products, promotions, or cooperative updates. You may opt out at any time.
  • Legal and regulatory compliance — to meet obligations under the Central Bank of Nigeria (CBN), NDPC, and other applicable bodies.

We do not sell your personal data to third parties for commercial advertising purposes. Any sharing of data is strictly for the purpose of delivering services to you or meeting legal obligations.

Data Sharing

Sharing Your Information

GroMon does not sell, trade, or rent your personal data. We may share your information with the following categories of parties only as necessary and with appropriate safeguards:

  • Regulatory and Government Bodies — including the Central Bank of Nigeria (CBN), NDPC, FIRS, EFCC, or law enforcement agencies, where legally required or mandated.
  • Banking and Payment Partners — licensed Nigerian banks, NIBSS, payment processors, and card scheme providers required to execute your transactions.
  • Credit Bureaus — licensed credit reference agencies for the purposes of credit assessment and reporting of loan repayment behaviour.
  • Technology Service Providers — cloud hosting, data storage, SMS gateway, and app maintenance providers bound by strict data processing agreements.
  • Professional Advisors — auditors, legal counsel, or compliance consultants engaged under confidentiality obligations.
  • Business Transfers — in the event of a merger, acquisition, or corporate restructuring, your data may be transferred to the successor entity, with prior notice to you.

All third parties with whom we share data are required to maintain the same or higher standard of data protection as GroMon, in accordance with the NDPA 2023.

Security

Data Security

GroMon applies industry-standard security measures to protect your personal and financial data from unauthorised access, loss, alteration, or disclosure. Our security practices include:

  • Bank-level 256-bit SSL/TLS encryption for all data in transit across our website and mobile application.
  • Encrypted storage of sensitive financial and identity data on secured servers.
  • Multi-factor authentication (MFA) options to protect member account access.
  • Role-based access controls ensuring only authorised staff can access specific data.
  • Regular security audits, vulnerability assessments, and staff data privacy training.
  • Incident response procedures to manage and report any data breach in accordance with the NDPA 2023.

Important: GroMon will never ask you for your full PIN, password, or OTP via phone call, SMS, or email. If you receive such a request, please report it immediately to 08035745461 or gromonresourcesmanagers@gmail.com.

While we implement robust safeguards, no digital system is entirely without risk. We encourage members to use strong, unique passwords and to contact us immediately if they notice any suspicious activity on their account.

Retention

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including meeting any legal, regulatory, accounting, or reporting requirements.

  • Active account data — retained for the full duration of your membership with GroMon.
  • Financial transaction records — retained for a minimum of 7 years after the transaction date, in line with Nigerian financial regulations and tax obligations.
  • KYC and identity documents — retained for at least 5 years following the end of the customer relationship, as required by CBN AML/CFT guidelines.
  • Loan records — retained for 7 years after the loan is fully repaid or closed.
  • Marketing data — retained until you withdraw consent or request deletion.
  • Inactive accounts — if your account has been inactive for 3 years, we may archive or delete your data after providing prior notice.

Upon expiry of the applicable retention period, your data is securely deleted or anonymised so it can no longer be linked to you.

Your Rights

Your Rights Under Nigerian Law

As a data subject under the Nigeria Data Protection Act 2023, you have the following rights with respect to your personal information held by GroMon:

  • Right of Access — You may request a copy of the personal data we hold about you.
  • Right to Rectification — You may request correction of inaccurate or incomplete data.
  • Right to Erasure — You may request deletion of your data where we no longer have a lawful basis to retain it (subject to legal obligations).
  • Right to Restrict Processing — You may request that we limit how we use your data in certain circumstances.
  • Right to Data Portability — You may request a structured, machine-readable copy of data you provided to us.
  • Right to Object — You may object to processing based on our legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent — Where processing is based on your consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, contact us at gromonresourcesmanagers@gmail.com or call 08035745461. We will respond to all verified requests within 30 days. If you are dissatisfied with our response, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.

Cookies

Cookies & Tracking

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and improve our services. The types of cookies we use include:

  • Essential Cookies — required for core website functionality such as login sessions and security. These cannot be disabled.
  • Analytics Cookies — help us understand how visitors interact with our website (e.g., pages visited, time spent). Data collected is aggregated and anonymised.
  • Preference Cookies — remember your settings and preferences for a personalised experience.

You can control or delete cookies through your browser settings at any time. Note that disabling certain cookies may affect the functionality of our website. We do not use cookies for targeted third-party advertising.

External Links

Third-Party Links

Our website and app may contain links to external websites or services not operated by GroMon — for example, payment gateway pages or partner institution portals. Once you leave our platforms, this Privacy Policy no longer applies.

We are not responsible for the privacy practices or content of third-party websites. We encourage you to review the privacy policy of any external site you visit before providing your personal data.

Children

Children's Privacy

GroMon's financial services are intended for individuals who are 18 years of age or older. We do not knowingly collect or process personal data from individuals under 18 without the explicit, verifiable consent of a parent or legal guardian.

If you believe a minor has provided us with personal data without appropriate consent, please contact us immediately at gromonresourcesmanagers@gmail.com and we will take prompt steps to remove that data from our systems.

Updates

Changes to This Policy

GroMon may update this Privacy Policy from time to time to reflect changes in our services, technology, or applicable law. When we make significant changes, we will notify you via:

  • A prominent notice on our website or mobile application.
  • An SMS or email notification to your registered contact details.
  • An in-app notification upon your next login.

The "Last Updated" date at the top of this page will always reflect the most recent revision. Continued use of GroMon services after the effective date of any changes constitutes your acceptance of the updated policy.

We encourage you to review this policy periodically to stay informed about how we are protecting your information.

Contact

Contact Us About Your Privacy

If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please reach out to us using any of the channels below. We are committed to addressing your enquiries promptly and transparently.

GroMon Data & Privacy Team

We typically respond to privacy-related enquiries within 5 business days, and to formal data subject requests within 30 days.

gromonresourcesmanagers@gmail.com
08035745461  |  08064896681
GroMon House, Ekrewheri Street, Ekrrwheror Quarter,
Otokutu, Ughelli South LGA, Delta State, Nigeria
Back to top