Privacy Policy

This Privacy Policy explains how Crypt2P, owned and operated by Gooddeeds Technology Enterprise LTD, collects, uses, discloses, and protects your personal information in line with the Nigeria Data Protection Regulation (NDPR), the General Data Protection Regulation (GDPR), and global data protection standards.

1. Introduction

Crypt2P (“we”, “our”, “us”) is a digital asset exchange solution that enables users to buy, sell, convert, and manage cryptocurrencies and digital assets. By accessing or using the Crypt2P mobile app, website, APIs, or any related services (“Services”), you agree to the practices outlined in this Privacy Policy.

2. Data We Collect

We collect the following categories of personal data:

A. Identity Information
  • Full name
  • Date of birth
  • Gender
  • BVN (where applicable)
  • NIN (optional and only for verification when needed)
B. Contact Information
  • Email address
  • Phone number
  • Address
C. Financial Information
  • Bank account details
  • Wallet addresses
  • Transaction history
D. Device Information
  • Device type (Android, iOS, Web)
  • Device name
  • OS version
  • IP address
  • FCM push notification token
E. Usage Information
  • Login logs
  • Actions performed within the app
  • API interactions

3. How We Use Your Data

  • Account creation and identity verification
  • Fraud prevention and AML/CFT compliance
  • Transaction processing
  • Customer support
  • Push and email notifications
  • Compliance with Nigerian regulatory requirements
  • Improving platform performance

4. Legal Basis for Processing

  • Your explicit consent
  • Fulfillment of contractual obligations
  • Compliance with regulatory requirements (CBN, NDPR)
  • Legitimate business interest in fraud prevention

5. Data Protection & Security

We use industry-grade security to safeguard your information, including:

  • AES-256 encryption
  • Secure credential storage
  • Strict access governance
  • Regular security audits

6. Your Rights

You have the right to:

  • Access your personal data
  • Request corrections
  • Withdraw consent
  • Request deletion (unless restricted by regulation or AML laws)
  • Object to processing

7. Data Retention

We retain data according to NDPR and financial sector requirements:

  • Transaction records: Minimum of 7 years
  • Basic account data: As long as the account remains active
  • Device and login logs: 12–24 months

8. Disclosure to Third Parties

We may share your data with:

  • Payment partners (e.g., Paystack, 9PSB, Rubies MFB)
  • Fraud-monitoring and risk systems
  • Regulators (CBN, EFCC, NDPC) when legally required
  • Third-party analytics services (non-personal data only)

9. International Transfers

Some data may be processed outside Nigeria on secure cloud infrastructure. All transfers comply with NDPR cross-border data transfer rules.

10. Cookies & Tracking

We use cookies, device identifiers, and similar tracking technologies to enhance user experience and platform performance.

11. Updates to This Privacy Policy

We may update this Privacy Policy periodically. Any significant updates will be communicated to you through the app or website.