The Anakin Group
Effective date: 30 May 2026 · Governing law: Federal Republic of Nigeria
Effective Date: [DATE] • Version: 1.0
Governing Law: Federal Republic of Nigeria • NDPR Compliant
The Anakin Group (“Anakin”, “we”, “us”, or “our”) is committed to protecting the personal information of every person who interacts with our platform. This Privacy Policy explains what data we collect, why we collect it, how we use and protect it, and what rights you have in relation to it.
This Policy applies to all products and services within the Anakin ecosystem, including AnakinPay, Anakin Network, AnakinID, and the Anakin Credits system. It applies whether you access our services through the Anakin mobile application, website, or any other interface we operate.
This Policy is issued in compliance with the Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Act (NDPA) 2023. By using any Anakin service, you acknowledge that you have read and understood this Policy.
The data controller responsible for your personal information is:
The Anakin Group
Abuja, Nigeria
privacy@theanakin.com
theanakin.com
As data controller, we determine the purposes and means by which your personal data is processed. Where we engage third-party service providers to process data on our behalf, they do so as data processors acting under our instruction and are bound by confidentiality and data protection obligations consistent with this Policy.
We collect personal data across three categories: data you provide directly, data generated by your use of our services, and data obtained from authorised third parties to verify your identity.
We do not collect sensitive personal data beyond what is strictly necessary for identity verification and regulatory compliance. We do not collect biometric data in the form of fingerprints or facial geometry; any selfie images collected are used for liveness verification during onboarding and are not stored as biometric templates.
We process your personal data only where we have a lawful basis to do so under the NDPR and NDPA. The purposes for which we process data, and the corresponding lawful basis for each, are set out below.
Where we rely on consent as our lawful basis, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
We do not sell your personal data. We do not share your data with advertising networks, data brokers, or marketing third parties. We share your personal data only in the following limited circumstances:
We engage a small number of trusted technology vendors who provide infrastructure services essential to operating the Anakin platform. These include cloud hosting providers, SMS and OTP delivery services, and identity verification API providers. These vendors process your data solely on our instruction, are contractually bound to protect it, and may not use it for any purpose of their own.
We may disclose your data to regulators, law enforcement agencies, courts, or other public authorities where we are legally required to do so, or where disclosure is necessary to comply with a binding legal obligation, court order, or regulatory directive under Nigerian law.
We may share data with fraud prevention services or financial intelligence bodies where we have reasonable grounds to suspect fraudulent, criminal, or abusive activity, and where such sharing is required or permitted by law.
In the event of a merger, acquisition, restructuring, or sale of all or part of The Anakin Group, your personal data may be transferred to the successor entity. We will notify you in advance of any such transfer and ensure the receiving party is bound by obligations at least as protective as those in this Policy.
We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law and regulation.
When data is no longer required, we delete or anonymise it in a manner that prevents reconstruction of the original personal information.
We take the security of your personal data seriously. We implement technical and organisational measures designed to protect your data against unauthorised access, loss, alteration, or disclosure. These measures include:
No system is completely immune to security risks. While we take every reasonable precaution, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by the NDPA.
Under the NDPR and NDPA, you have the following rights in relation to your personal data. You may exercise any of these rights by contacting us at privacy@theanakin.com.
You have the right to request a copy of the personal data we hold about you and information about how it is being processed.
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
You have the right to request deletion of your personal data where it is no longer necessary for the purpose for which it was collected, where you have withdrawn consent, or where processing was unlawful. This right is subject to our legal obligations to retain certain data under Nigerian financial regulation.
You have the right to request that we restrict the processing of your data in certain circumstances, for example while a dispute about the accuracy of your data is being resolved.
Where processing is based on your consent or a contract with you, you have the right to receive your personal data in a structured, commonly used, and machine-readable format.
You have the right to object to processing carried out on the basis of our legitimate interests. We will cease such processing unless we can demonstrate compelling legitimate grounds that override your interests.
Where processing is based on consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.
We will respond to all data subject requests within thirty (30) days. In complex cases, we may extend this by a further thirty (30) days with notice to you.
Anakin services are designed for individuals who are 18 years of age or older. Users under the age of 18 may access the platform only with the verifiable consent of a parent or legal guardian, who accepts full responsibility for the minor’s use of the service and compliance with these Terms and this Policy.
By permitting a minor to use Anakin, the parent or guardian consents to the collection and processing of the minor’s personal data as described in this Policy. We do not knowingly permit minors to create independent accounts or access products restricted to adult users, including Credits Advance.
If we become aware that a minor has accessed the platform without parental consent, we will suspend that account and delete the associated personal data promptly. If you believe a minor is using Anakin without appropriate consent, please contact us at privacy@theanakin.com.
The Anakin Group is based in Nigeria and processes most of your data within Nigeria. Where we engage third-party service providers whose infrastructure is located outside Nigeria, we ensure that appropriate safeguards are in place for any transfer of personal data, in accordance with the requirements of the NDPA.
Such safeguards may include standard contractual clauses approved by the NDPC, or transfers to jurisdictions that have been determined to provide an adequate level of data protection. We will not transfer your data to a country without adequate safeguards in place.
The Anakin mobile application does not use browser cookies. We do collect certain device and usage data through the application as described in Section 2 of this Policy. This data is used solely for service delivery, security monitoring, and product improvement.
If we launch a web-based interface in the future, we will update this Policy to include a full cookies and tracking disclosure before that interface is made available.
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes, we will notify you through the app or via your registered contact details before the changes take effect.
The version number and effective date at the top of this document will always reflect the most current version. We encourage you to review this Policy periodically.
For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact our Data Protection Officer:
Data Protection Officer
The Anakin Group
Abuja, Nigeria
privacy@theanakin.com
theanakin.com
We take all privacy enquiries seriously and will respond within thirty (30) days.
End of Privacy Policy — Version 1.0
© 2026 The Anakin Group. All rights reserved.