Skip links
View Plans
hyMobile

Privacy Policy

Privacy Policy

PLEASE READ THESE TERMS OF USE CAREFULLY BEFORE USING OUR SERVICES OR ACCESSING OUR PLATFORMS.

INTRODUCTION

PRIVACY POLICY

hyMobile recognizes customers’ right to privacy and is committed to responsibly protecting the customer information in its custody. This privacy policy sets out how we use and protect your personal data. It serves as the standard for all hyMobile employees in the collection, use, sharing, retention, and security of personal data.

hyMobile may disclose customer data to a third party, as permitted by law, but will insist through a written agreement that the third party maintain the confidentiality and integrity of the data

1. IMPORTANT INFORMATION AND WHO WE ARE

This privacy policy gives you information about how we collect and use your personal data through your use of this website.

1.1      Collection and Use of Personal Information

hyMobile only collects information that are necessary for specified, concrete, explicit and legitimate purposes and will ensure that the information is not further processed in a manner that is incompatible with those purposes.

  1. THE TYPES OF PERSONAL DATA WE COLLECT ABOUT YOU

Personal data means any information about an individual from which that person can be identified. We may collect, use, store, and transfer different kinds of personal data about you which we have grouped as follows:

Identity Data includes first name, last name, any previous names, username or similar identifier, title, date of birth, and gender.

Contact includes billing address, delivery address, email address, and telephone numbers.

Transaction Data includes details about payments to and from you and other details of services you have purchased from us.

Technical Data includes internet protocol (IP) address, your login data, browser type, and version, time zone setting, and location, browser plug-in types and versions, operating system and platform, device ID, and other technology on the devices you use to access this website.

Profile Data includes your username and password, orders made by you, your interests, preferences, feedback, and survey responses.

Usage Data includes information about how you interact with and use our website, products and services.

Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use, and share aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals’ Usage Data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our service offering.

  1. HOW YOUR PERSONAL DATA IS COLLECTED?

We use different methods to collect data from and about you including through:

  • Your interactions with us. You may give us your personal data by filling in online forms or by corresponding with us by phone, email, or otherwise. This includes personal data you provide when you:
  1. create an account on our website;
  2. subscribe to our service or publications;
  3. request marketing communications to be sent to you;
  4. enter a competition, promotion, or survey;
  5. give us feedback or contact us; or
  6. where your information is publicly available.
  1. HOW WE USE YOUR PERSONAL DATA

LEGAL BASIS

The law requires us to have a legal basis for collecting and using your personal data. We rely on one or more of the following legal bases:

  • To perform our obligations under our contract: We collect and process your personal data to fulfil our contractual obligations when necessary.
  • Legitimate interests: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests, for example to prevent fraud and enable us to give you the best and most secure customer experience. We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests.
  • Consent: where you give us consent to the processing of your personal data for one or more specific purposes. You are at liberty to withdraw the consent and we will cease to process your personal data where there is no other basis to do so.
  • Legal obligation: We may use your personal data where it is necessary for compliance with a legal obligation that we are subject to. We will identify the relevant legal obligation when we rely on this legal basis.
  • Vital interests: We may use your personal data in order to protect the vital interests of a Data Subject or of another natural person or for the performance of a task carried out in the public interest or in exercise of official public mandate vested in hyMobile.
  1. CONSENT

Where processing of Personal Data is based on consent, hyMobile shall obtain the requisite consent of Data Subjects at the time of collection of Personal Data. In this regard, hyMobile will ensure:

  1. that the specific purpose of collection is made known to the Data Subject and the Consent is requested in a clear and plain language;
  2. that the Consent is freely given by the Data Subject and obtained without fraud, coercion or undue influence;
  3. that the Consent is sufficiently distinct from other matters to which the Data Subject has agreed;
  4. that the Consent is explicitly provided in an affirmative manner;
  5. that Consent is obtained for each purpose of Personal Data collection and processing; and
  6. that it is clearly communicated to and understood by Data Subjects that they can update, manage or withdraw their Consent at any time.
  • Valid Consent
    • For Consent to be valid,
  1. it must be given voluntarily by an appropriately informed Data Subject. In line with regulatory requirements, Consent cannot be implied. Silence, pre-ticked boxes or inactivity does not constitute Consent under the NDPR and NDPA.
    • Consent in respect of Sensitive Personal Data must be explicit.

5.2         Consent of Minors

In the unlikely event that we deal with minors, the data of minors will always be protected and legal consent obtained from minor’s representatives in accordance with applicable regulatory requirements

  1. CROSS BORDER DATA TRANSFER POLICY

We operate in Nigeria and are bound by the data protection laws of Nigeria. However, we may transfer Personal Data outside Nigeria, but only if such transfers are allowed under the NDPA, other relevant laws, or any guidelines issued by the NDPC. We will ensure that your data shall be processed ethically ensuring that same is always protected no matter the jurisdiction it is transferred to.

hyMobile will therefore only transfer Personal Data out of Nigeria on one of the following conditions:

  1. The consent of the Data Subject has been obtained;
  2. The transfer is necessary for the performance of a contract between hyMobile and the Data Subject or implementation of pre-contractual measures taken at the Data Subject’s request;
  3. The transfer is necessary to conclude a contract between hyMobile and a third party in the interest of the Data Subject;
  4. The transfer is necessary for reason of public interest;
  5. The transfer is for the establishment, exercise or defense of legal claims;
  6. The transfer is necessary in order to protect the vital interests of the Data Subjects or other persons, where the Data Subject is physically or legally incapable of giving consent.
  7. Under any other conditions as permitted by the NDPR and NDPA.
  1. DATA TRANSFER TO THIRD PARTIES

We may share your personal data with our service providers, financial institutions, vendors, affiliates, subsidiaries, parent companies, contractors, government agencies, etc. to assist us in providing, delivering, analysing, administering, improving, and personalising the content that is delivered to you as part of our services. These include third parties who assist us in performing, delivering, or enhancing certain products and services related to the delivery and operation of our services; or who provide technical and/or customer support on our behalf; or who provide application or software development and quality assurance; or who provide verification functions, who process transactions and payment requests, research on user demographics, interests, and behaviour, and other products or services. These third-party service providers may also collect personal information about or from you in performing their services and/or functions on our website or platforms. Regardless of the third party involved, any disclosure shall only be for a lawful purpose.

  1. DATA SECURITY AND PROTECTION

We understand the need for your personal data to remain secure and private and we have a committed team implementing appropriate technical and organisational security measures to protect your personal data from loss, misuse, data breaches, modification or destruction. Only authorised personnel and third parties will have access to any personal data provided by you, which is limited to the extent they need to do their job or provide their services.

However, if we becomes aware of or reasonably suspects a Personal Data Breach has occurred or that the integrity or confidentiality of Personal Data has been compromised, we will report the personal data breach to the Data Privacy Regulator within 72 hours of knowledge of such breach as required by the provisions of the NDPA.

Please note that this policy does not apply to data that is already in the public domain through no fault of ours.

  1. DATA RETENTION

HOW LONG WILL YOU USE MY PERSONAL DATA?

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including to satisfy any legal, regulatory, tax, accounting or reporting requirements unless:

  1. retention of the personal data is required or authorised by Local laws;
  2. you have consented to the retention of the personal data; or
  3. the personal data is required for historical, statistical or research purposes and provided that we have established appropriate safeguards against the personal data being used for any other purposes.

We will make sure that any personal data we no longer need, or are no longer allowed to keep, is either securely destroyed or permanently erased as soon as reasonably possible, using appropriate and effective methods.

  1. YOUR LEGAL RIGHTS

You have a number of rights under data protection laws in relation to your personal data.

You have the right to:

  • Right to Access and rectification: You have a right to request for and access your personal data collected and stored. If the data is held is incorrect or incomplete, you are entitled to request the correction or rectification in the personal data.
  • Disposal /Restrictions: You have the right to ask us to delete or destroy your information if we’re keeping it for too long or don’t have a legal reason to process it. In some cases, you can also ask us to limit how we use your Personal Data. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Right to data portability: You have a right to request for your data to be moved from hyMobile to a third party.
  • Right to object Automated Processing: You have the right to object to profiling and automated decision-making, and to opt-out of such processing. If you choose to exercise this right, we will ensure your request is respected.
  • Object to processing of your personal data. you have the right to object to us processing your personal data, on grounds relating to your particular situation, under certain circumstances (including to receiving direct marketing from us). You may also object if you believe there is no legal basis for us to process your personal data anymore.
  • Lodge Complaints: You have a right to lodge a complaint regarding the way we process your personal data.
  • Withdraw Consent: You may withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case.
  • You also have the absolute right at any time to object or opt out of marketing and unsolicited messages.

If you wish to exercise any of the rights set out above, please contact us a info@hyMobile.net

WHAT WE MAY NEED FROM YOU

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

  1. INCIDENT REPORTING AND NOTIFICATION

While we take reasonable steps to prevent or reduce the risk and impact of personal data breaches, it is not possible to eliminate this risk entirely. If we become aware of, or reasonably suspect, that a personal data breach has occurred or that the integrity or confidentiality of personal data has been compromised, we will follow our incident management policies, and procedures, for handling and reporting such breaches. In line with the requirements of the NDPA, we will report any personal data breach to the Data Privacy Regulator within 72 hours of becoming aware of it.

  1. CONTACT DETAILS

If you have any questions about this privacy policy or about the use of your personal data or you want to exercise your privacy rights, please contact us in the following ways:

Email address: info@hyMobile.net
Telephone number:

  1. COMPLAINTS

You have the right to make a complaint at any time to the Nigerian Data Protection Commission (the “NDPC”) which is mandated to oversee the implementation of the Nigerian Data Protection Regulation (the “NDPR”). We would, however, appreciate the chance to deal with your concerns before you approach the NDPC so please contact us in the first instance.

  1. CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

We keep our privacy policy under regular review. This version was last updated on [27/05/2025]. The personal data we hold about you must be accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example, a new address or email address.

  1. THIRD-PARTY LINKS

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.