Effective Date: 2 March 2026
This Privacy Policy explains how Echo Systems Network Ltd collects, uses, stores, shares, and protects personal data processed through EchoVerify.
EchoVerify is operated by Echo Systems Network Ltd, with registered office at Plot 903 Tafawa Balewa Way, Garki, Abuja, Nigeria.
We process personal data in accordance with applicable Nigerian law, including the Nigeria Data Protection Act (NDPA) 2023 and relevant directives or guidance issued by the Nigeria Data Protection Commission (NDPC). Where consumer rights apply, we also consider relevant obligations under the Federal Competition and Consumer Protection Act (FCCPA) 2018.
Depending on verification type, data may include identification numbers, names, date of birth, contact details, document details, images/selfies, business registration information, transaction metadata, API usage logs, and platform audit trails.
We process data to provide identity and business verification services, fraud prevention, AML/KYT workflows, platform security, billing and receipts, regulatory reporting support, and customer support operations.
Processing is carried out under lawful bases permitted by applicable law, such as contractual necessity, legal obligation, legitimate interests, and consent where required. Corporate clients are responsible for obtaining and documenting valid consent or other lawful basis before submitting data.
Data may be shared with trusted sub-processors and verification infrastructure partners strictly for service delivery, security, and compliance operations. We do not sell personal data.
Where cross-border processing is required, we implement reasonable safeguards and contractual controls in line with applicable legal requirements.
Data is retained for as long as necessary for service delivery, legal compliance, dispute resolution, fraud prevention, and audit requirements. Retention periods may vary by verification type and applicable law.
We apply administrative, technical, and organizational safeguards, including access controls, audit logging, credential protection, and environment-level controls designed to reduce unauthorized access and misuse.
Subject to legal limitations, individuals may request access, correction, deletion, restriction, or objection to processing, and may lodge complaints with the NDPC where applicable.
Our platform may use essential cookies and session technologies for authentication, security, and service reliability. Analytics and non-essential technologies are used only where configured and lawful.
EchoVerify is a B2B service and is not intended for direct use by children. Clients must ensure lawful handling where any minor-related verification is legally required.
We maintain incident response procedures and will take legally required actions where a data breach occurs, including notification steps where applicable.
For privacy requests or complaints, contact: support@echosystems.ng
We may update this Policy from time to time. Material updates will be posted on this page with an updated effective date.
This policy is provided for transparency and compliance communication and does not constitute legal advice to customers.