Security & Data Protection

At Remitpro Ltd, we are fully committed to safeguarding the confidentiality, integrity, and availability of user data. Our security posture is aligned with globally recognized standards, ensuring secure and resilient services.

1. Adherence to Globally Recognized Security Standards

• We follow best practices outlined in ISO/IEC 27001 and SOC 2 Type II frameworks for information security management systems (ISMS).
• Documentation evidencing implementation of security controls (access management, incident response, encryption, etc.) is available upon request under NDA.
• Security policies and procedures are reviewed annually and are enforced across all operational environments.

2. Data Encryption Protocols

• In Transit: All data transmissions are secured using TLS 1.2 or higher, ensuring strong end-to-end encryption between client applications and servers.
• At Rest: Customer data is encrypted using AES-256, with encryption keys managed via a secure KMS (Key Management System).
• Disk Encryption Logs: Full-disk encryption is enforced on all production environments. Disk encryption status and logs are monitored continuously.
• Role-based access controls (RBAC) and multi-factor authentication (MFA) are enforced for all access to sensitive systems and data.

3. Data Localization

• In compliance with Nigeria’s data sovereignty and localization requirements:
  • All personal data of Nigerian users is stored within Nigeria.
  • We host our data on Nigeria-based data centers/cloud regions, with cloud infrastructure providers who have signed data residency contracts confirming local storage and processing.
  • Documentation such as hosting agreements and data residency certifications is available for review under NDA.

---

NDPA 2023 Compliance

Remitpro Ltd adheres strictly to the Nigeria Data Protection Act (NDPA) 2023 and relevant subsidiary regulations issued by the Nigeria Data Protection Commission (NDPC).

1. NDPC Registration

• Remitpro Ltd is registered as a Data Controller with the Nigeria Data Protection Commission (NDPC), as required under Section 44 of the NDPA 2023.
• View the DC & DP Registration Certificate

2. Published Privacy Policy

• Our publicly available Privacy Policy is fully aligned with the NDPA 2023 and includes:
  • Data subject rights (access, correction, deletion, etc.)
  • Lawful basis for processing
  • Cross-border data transfer safeguards
  • Data retention periods
  • Contact information for data rights requests

View Privacy Policy: https://www.remitpro.io/privacy-policy