Unlock VIP perks with Maxim's exclusive credit card

Join Waitlist
maxim-logo
Legal
Quick links:Terms of servicePrivacy policyCookies policy
Privacy Policy for MonsterLabs Technologies Ltd.
  • Introduction
    • Trymaxim is provided by MonsterLabs Technologies Ltd (“MonsterLabs”).At MonsterLabs, we value your privacy, and we are committed to safeguarding your personal information. All personal data that you provide us will be protected and kept confidential among our affiliates, representatives, and privies. This Privacy Policy does not apply to financial institutions, credit bureaus, other data providers, other partners, or any other entities that are not affiliates of MonsterLabs. This Privacy Policy also does not apply to what any of them may do with any of your information that we provide to them (or any other information they may collect about you separately from MonsterLabs). We encourage you to review the notices of those third parties for information about their practices.Throughout the website, the terms “we”, “us” and “our” refer to MonsterLabs.This Privacy Policy explains how we collect, use, share and protect your personal data in connection with your use of our services. This Policy also sets out your rights and who you may contact for further information.You agree to this Privacy Policy by visiting our website and when you use our services.Your use of our services, and any dispute over privacy is subject to this Policy and our Terms of Service, including its applicable limitations on damages and the resolution of disputes. Our Terms of Service are incorporated by reference into this Policy.Our website is hosted in the United Kingdom and is subject to laws of England and Wales. If you are accessing our website from other jurisdictions, please be advised that you are transferring your personal information to us in the United Kingdom, and by using our website, you are agreeing to that transfer and use of your personal information in accordance with this Privacy Policy. You also agree to abide to the applicable laws of England and Wales concerning your use of the website and your agreements with us.Our website and services are not directed at you if we are prohibited by any law of any jurisdiction from making the information on our website available to you and is not intended for any use that would be contrary to local law or regulation.
  • Definitions
    • “Consent” means the consent of the data subject which must be a freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they (by a statement or by a clear affirmative action) signify their agreement to the processing of personal data relating to them;“Data controller” means the natural or legal person or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data. For the purposes of this Policy, MonsterLabs is the data controller of all personal data relating to data subjects;“Data processor” means a person or organisation which processes personal data on behalf of a data controller. This includes MonsterLabs, its employees and third-party service providers;“Data Protection Legislation” means all applicable data protection and privacy laws including, but not limited to the General Data Protection Regulation ((EU) 2016/679) (GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (PECR) and any successor legislation, Nigeria Data Protection Act 2023 and the Nigeria Data Protection Regulation 2019 (NDPR);“Data subject” means a living, identified, or identifiable individual about whom MonsterLabs holds personal data;“Personal data” means any information relating to a data subject who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that data subject;“Personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed;“Processing” means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Consent
    • Where processing of your personal data is based on consent, we shall obtain the requisite consent at the time of collection of the personal information. In this regard, you consent to the processing of your personal information when you access our website, or use our services, content, features, technologies or functions offered on our website or other digital platforms. You can withdraw your consent at any time but such withdrawal will not affect the lawfulness of the processing of your data based on consent given before its withdrawal.
    • Where your personal data is to be processed for a different purpose that is incompatible with the purpose or purposes for which that personal data was originally collected that was not disclosed to you when you first provided your consent, we will obtain your consent to the new purpose or purposes.
  • Introduction
    • You affirm that you are over 18 years old and have the right to contract in your own name, and that you have read the above authorisation and fully understand its contents.
  • Data Protection Principles
    • The Data Protection Legislation sets out the following principles with which anyone handling personal data must comply. We, our employees, agents, contractors and third-party service providers comply with the following principles when collecting or processing your personal data. All personal data must be:
    • processed lawfully, fairly, and in a transparent manner in relation to the data subject;
    • collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
    • adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed;
    • accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased, or rectified without delay;
    • kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed. Personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to implementation of the appropriate technical and organisational measures required by the Data Protection Legislation in order to safeguard the rights and freedoms of the data subject;
    • processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
  • Information We Collect
    • In providing our services to you, we collect certain non-personal and personal data about you. Our policy is to keep this information confidential and strictly safeguarded, and to use or disclose it only as needed to provide services to you, or as permitted or required by the Data Protection Legislation.We collect a variety of information from our users and visitors to our website. As described below, some information is automatically collected when you visit our website, some you provide to us when filling out a form or communicating with us, and some are provided to us by third-party integration Application Programming Interface (API).
    • Types of Information: MonsterLabs may collect the following.
      • Identifiers (for example, name, e-mail, and biometric information as further detailed below);
      • Location Information (for example, your address, country, state, or city of residence);
      • Financial Information (for example, information contained in your credit report such as credit accounts and inquiries, utility payment records, and other bank transaction information);
      • Commercial Information (for example, data relating to which of our Services you use through which creditors and the dates and times of your use);
      • Electronic Network Activity Information (for example, your device hardware model and operating system, and browser data);
      • Employment Information (for example, information about your employer and employment status, if included in your credit report);
      • Communications (for example, e-mails with you as part of providing support); or
      • Inferences that we have derived from the information we've collected (for example, we may derive location from IP address or your income based on your bank transaction data).
    • Information Collected Automatically: Whenever you use our services or visit our website, we may, as permitted by law collect certain information automatically from your browser or device Specifically, the information we collect automatically may include information like your IP address, device type, browser type, broad geographic location (e.g. country, state, or city-level location) and other technical information. We may also collect information about how your device has interacted with our websites, including the pages accessed and links clicked, and assign your set of interactions with a unique identification number. Collecting this information enables us to better understand the visitors who come to our websites, where they come from, and what content on our websites is of interest to them. We use this information for our internal analytics purposes and to improve the quality and relevance of our websites to visitors like you. Some of this information may be collected using cookies and similar tracking technology which includes information on how you can adjust your preferences and opt out at any time.
    • Information You Provide Us: We collect personal information that you provide voluntarily through our web pages and our websites. Depending on the services that are available to you, this may include when you request us to retrieve your foreign credit history and provide it to a creditor whose financial products and services you are applying for or allow us to report on your bank transaction data during your application process with a creditor, assess which creditor's products or services are right for you, or complete online forms to contact us. Depending on the foreign jurisdiction, we may be required to verify your identity, including through the collection of your biometric information. When providing this information, you give MonsterLabs the authority to act on your behalf to access, process, and transmit your information from the relevant credit bureau, creditor, or other partner that maintains and provides your financial information.
      • We collect the following personal information:
    • name, phone number, e-mail address;
    • username and password;
    • contact information;
    • financial circumstances;
    • identity information (e.g., photo ID, passport information, National ID card and nationality etc.);
    • financial information where you make any payment for our services; and
    • any other information you provide to us.
      • If we ask you to provide any other personal information not described above, the information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point that you are asked to provide your information.
    • Information provided by your credit report: The information we receive from credit bureaus that maintain your credit report varies depending on a number of factors, such as the laws in that jurisdiction, as well as what is considered industry standard. But, in general, we collect identifiers, financial information, and employment information from credit bureaus. More specifically, this may include the following types of information if it is included in your credit report:
    • identifiers and information about you, including name, email address, phone number, Social Security Number, National Insurance Number or its international equivalent, date of birth, and address information;
    • information about credit accounts, including due dates, balances owed, payment amounts and dates, transaction history, credit limit, repayment status, and interest rate;
    • information about loan accounts, including due dates, repayment status, balances, payment amounts and dates, interest rate, guarantor, loan type, payment plan, and terms;
    • information of public record such as tax liens, civil judgments, and bankruptcies;
    • hard inquiries from lenders, underwriters, and other providers of products and services for which you have applied that require credit and analytical information;
    • tax Identity Number; and employment verification
    • Information we collect from your financial account: The information we receive from the banks that maintain your financial accounts, and the data aggregators whom you give permission to access those financial accounts, varies depending on a number of factors. They include what and how information is made available by those banks, and what and how that information is then made available by the data aggregators. For purposes of this Privacy Policy, they will all be referred to as “data providers”, In cases where we offer our services directly to you, a factor may also include the MonsterLabs services you use. Depending on these factors, the information we collect may include identifiers, commercial information, financial information, and employment from your data providers. More specifically, this may include the following types of information:
    • account information, including financial institution name, account name, account type, account ownership, branch number, account number, routing number or bank codes, and sort or swift code;
    • information about an account balance, including current and available balance;
    • information about credit accounts, including due dates, balances owed, payment amounts and dates, transaction history, credit limit, repayment status, and interest rate;
    • information about loan accounts, including due dates, repayment status, balances, payment amounts and dates, interest rate, guarantor, loan type, payment plan, and terms;
    • information about investment accounts, including transaction information, type of asset, identifying details about the asset, quantity, price, fees, and cost basis;
    • identifiers and information about the account owner(s), including name, email address, phone number, date of birth, and address information;
    • information about account transactions, including amount, date, payee, type, quantity, price, location, involved securities, and a description of the transaction; and
    • employment and qualifications, including information about your employer, in limited cases where you've connected your payroll accounts or provided us with your pay stub information.
  • Using Your Personal Data
    • We primarily collect your personal data to ensure that we provide the most efficient service to you, monitor the use and improve our website and other legitimate interests. Your information will solely be used and disclosed for the following purposes:
    • to help us verify your identity;
    • to carry out our obligations ensuing from any contracts entered into between you and us;
    • to provide you with the products, services and information you request from us;
    • to assist you with enquiries and improve our customer service;
    • to assist us in carrying out marketing analysis and customer profiling (including transactional information), conduct research, including creating statistical and testing information;
    • to allow us to communicate with you in any way (including e-mail, telephone, visit, and text or multimedia messages);
    • for our billing and account purposes;
    • to help prevent and detect fraud or loss;
    • to update our records;
    • to make recommendations and suggestions to you about services offered by us unless you have previously asked us not to do so;
    • to send you service or support messages, such as updates, security alerts, email notifications and /or newsletters;
    • to conduct investigations and risk assessments; and
    • for compliance with legal and regulatory obligations.
    • Employees, agents, contractors, or other parties working on behalf of MonsterLabs shall collect your personal data only to the extent required for the performance of their job duties and only in accordance with this Policy. Excessive personal data must not be collected.
    • Employees, agents, contractors, or other parties working on behalf of MonsterLabs shall process your personal data only when the performance of their job duties requires it. Your personal data held by MonsterLabs cannot be processed for any unrelated reasons.
  • Data Accuracy
    • Your personal data must be accurate and kept up to date. In this regard, MonsterLabs shall ensure that any data it collects and/or processes is accurate and not misleading in a way that could be harmful to you; make efforts to keep your personal data updated where reasonable and applicable; and make timely efforts to correct or erase your personal data when inaccuracies are discovered.
  • Data Retention
    • We will retain your information for as long as your account is active or as needed to provide you with our services, comply with our legal and statutory obligations or verify your information with a financial institution.MonsterLabs is statutory obligated to retain the data you provide us with in order to process transactions, ensure settlements, make refunds, identify fraud and in compliance with laws and regulatory guidelines applicable to us, our banking providers. Therefore, even after closing your account with MonsterLabs, we will retain certain data in order to comply with these obligations.MonsterLabs shall not keep personal data for any longer than is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed. In the case of your financial data, the purpose for which the data was collected is to provide you with our services. Unless MonsterLabs is statutory bound to retain for a longer period of time or receives a valid request to erase your data, the data is retained for stated period of time after you actively stop using our services or products. This allows your record to be maintained.
  • Other information we collect from other sources
    • We may receive your information directly from the relevant creditor or other third party, including identity verification services, affiliate marketing partners, and other service providers. For example, creditors may provide us with information such as your full name, address, and phone number for our purposes of supporting your application by retrieving your foreign credit history or reporting on your bank transaction data upon your request (if available in your jurisdiction). Service providers may return us a verification result derived from your biometric information, and affiliate marketing partners may provide us with your personal information to confirm your use of our services.
  • Data Confidentiality
    • Your information is regarded as confidential and will not be divulged to any third party, except under legal and/or regulatory conditions. You have the right to request copies of any and all information we keep on you, if such requests are made in compliance with applicable laws and other relevant enactments. While we are responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorized officers of MonsterLabs.
  • Disclosures
    • We will not sell, publish, or disclose to third parties your personal data collected on our website, through our servers or otherwise obtained by us, other than to provide our services and as set forth in this Policy. We may share generic aggregated demographic information not linked to any personally identifiable information regarding visitors and users with our business partners, trusted affiliates, professional advisers and advertisers for the purposes outlined above. We may share your information with these third parties for those limited purposes if you have given us your permission and in compliance with the Data Protection Legislation.
    • We may request and provide personal data about you from and to third parties to provide our services. We may share personal data with service providers, affiliates, partners, and other third parties where it is necessary to provide the products and services, or for any other purposes described in this Privacy Policy.
    • Your personal data may be provided as necessary to the following categories of recipients: security, insurance, professional advisory (including legal, accounting and auditing advice), banking, payment processing, facilitating credit arrangements, credit reporting, fraud checks, data storage, information processing, marketing, online communications technology services, and other trusted third parties with whom we have an agreement for the protection of your information, or government/regulatory/law enforcement agencies pursuant to legally binding order.
    • We will notify you as soon as we become aware of a harmful data breach which may result in a risk of your rights and freedom.
    • You have the right to request an erasure of your data at any time.
    • We will notify you if we are transferring your data.
    • You may request at any time that we halt further dissemination of your data or cease to use your data.
    • If you submit content in a public forum or a social media post, or use a similar feature on our website, that content is publicly visible.
    • We may disclose Personally Identifiable Information if required to do so by law or in the good faith belief that such action is necessary to (a) conform with the requirements of the law or comply with legal process served on us, or (b) act in urgent circumstances to protect the personal safety of users of our service or members of the public.
    • To the extent practicable and legally permitted, we will attempt to advise you prior to any such disclosure, so that you may seek a protective order or other relief limiting such disclosure.
  • Transfer of Personal Data
    • Third Party Processor
      We may engage the services of third parties in order to process your personal data. The processing by such third parties shall be governed by a written contract with MonsterLabs to ensure adequate protection and security measures are put in place by the third party for the protection of your personal data in accordance with the terms of this policy and the Data Protection Regulation.
    • International Transfers
      We have offices and facilities in the United Kingdom, and Nigeria. To operate our business and provide you with our services, we may send your personal information to our other offices and outside of your country. Your personal information may be subject to the laws of the countries where we send it. When we send your information outside of your country of origin or residence, we shall ensure your personal information is protected, and only send your information to countries that have strong data protection laws.
    • Transfer of Personal Data of US Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside the United States of America (US), MonsterLabs shall put adequate measures in place to ensure the security of such data. In particular, MonsterLabs shall, among other things, conduct a detailed assessment of whether there are issued regulations confirming that country in question ensures adequate level of protection.
    • Transfer of your personal data to a country outside the US would be in accordance with the relevant laws on the transfer of personal data between the US and the foreign country. MonsterLabs will therefore only transfer your personal data out of the US on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside the US shall be provided to you upon request.
    • Transfer of Personal Data of Canada Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside Canada, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, conduct a detailed assessment of whether there are issued regulations confirming that country in question ensures adequate level of protection.
    • Transfer of your personal data out of Canada would be in accordance with the provisions of the Personal Information Protection and Electronic Documents Act (PIPEDA) 2000. We will therefore only transfer your personal data out of Canada on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where the you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Canada shall be provided to you upon request.
    • Transfer of Personal Data of Ghana Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside Ghana, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, conduct a detailed assessment of whether there are issued regulations confirming that country in question ensures adequate level of protection.
    • Transfer of your personal data out of Ghana would be in accordance with the provisions of the Data Protection Act 2012 (Act 843). We will therefore only transfer your personal data out of Ghana on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where the you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Ghana shall be provided to you upon request.
    • Transfer of Personal Data of South Africa Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside South Africa, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, conduct a detailed assessment of whether there are issued regulations confirming that country in question ensures adequate level of protection.
    • Transfer of your personal data out of South Africa would be in accordance with the provisions of the Protection of Personal Information Act (Act 4 of 2013) (POPIA). We will therefore only transfer your personal data out of South Africa on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where the you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside South Africa shall be provided to you upon request.
    • Transfer of Personal Data of Morocco Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside Morocco, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, obtain authorization from the National Commission and conduct a detailed assessment of whether there are issued regulations confirming that country in question ensures adequate level of protection.
    • Transfer of your personal data out of Morocco would be in accordance with the provisions of the Law No 09-08, 2009 and its implementation Decree n° 2-09-165, 2009. We will therefore only transfer your personal data out of Morocco on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where the you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Morocco shall be provided to you upon request.
    • Transfer of Personal Data of India Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside India, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, conduct a detailed assessment of whether there are issued regulations confirming that country in question ensures adequate level of protection.
    • Transfer of your personal data out of India would be in accordance with the provisions of the Digital Data Protection Act, 2023. We will therefore only transfer your personal data out of India on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where the you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside India shall be provided to you upon request.
    • Transfer of Personal Data of Kenya Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside Kenya, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, obtain the approval of the Data Protection Commissioner and conduct a detailed assessment of whether there are issued regulations confirming that country in question ensures adequate level of protection.
    • Transfer of your personal data out of Kenya would be in accordance with the provisions of the Data Protection Act, 2019. We will therefore only transfer your personal data out of Kenya on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where the you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Kenya shall be provided to you upon request.
    • Transfer of Personal Data of Nigerian Citizens to a Foreign Country
    • Where your personal data is to be transferred to a country outside Nigeria, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, conduct a detailed assessment of whether the said country is on the Nigerian Data Protection Bureau (NDPB) Whitelist of Countries with adequate data protection laws.
    • Transfer of your personal data out of Nigeria would be in accordance with the provisions of the Nigeria Data Protection Act 2023. We will therefore only transfer your personal data out of Nigeria on one of the following conditions:
    • your explicit consent has been obtained;
    • the transfer is necessary for the performance of a contract between you and MonsterLabs;
    • the transfer is necessary to conclude a contract between MonsterLabs and a third party in your interest;
    • the transfer is necessary for reason of public interest;
    • the transfer is for the establishment, exercise or defense of legal claims;
    • the transfer is necessary in order to protect your vital interests or the interests of other persons, where the you are physically or legally incapable of giving consent.
    • Provided, in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
    • We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Nigeria shall be provided to you upon request.
  • Your Rights
    • Subject to certain limitations and exceptions, you are entitled to the following principal rights under the Data Protection Legislation:
    • you have the right to be notified if we are transferring your personal information;
    • you have the right to object to the processing of your personal data;
    • you have the right to file a complaint against a data processor with the relevant authority;
    • you have the right to request an erasure of your personal data at any time;
    • you have the right to request that we rectify inaccurate personal information;
    • you may request at any time that we halt further dissemination of your data or cease to use your personal information; and
    • you have the right to request for copies of your personal information.
  • Website Security
    • We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures such as secure sockets layer (SSL) to safeguard and secure the information we collect online. We use encryption tools when accepting and transmitting delicate visitor information through our website. Some of the other safeguards we use are firewalls and physical access controls to our data centres, and information access authorization controls.
  • Training
    • We shall ensure that employees who collect, access and process your personal data receive adequate data privacy and protection training in order to develop the necessary knowledge, skills and competence required to effectively manage the compliance framework under this policy and the Data Protection Legislation with regard to the protection of personal data. On an annual basis, we shall develop a capacity building plan for our employees on data privacy and protection in accordance with the Data Protection Legislation.
  • Use of Cookies
    • We use cookies to identify you as a user and make your user experience easier, customise our services, content and advertising; help you ensure that your account security is not compromised, mitigate risk and prevent fraud; and to promote trust and safety on our website. Cookies allow our servers to remember your account log-in information when you visit our website, IP addresses, date and time of visits, monitor web traffic and prevent fraudulent activities. If your browser or browser add-on permits, you have the choice to disable cookies on our website; however, this may limit your ability to use our website.
  • The Data We Retain
    • We will retain your information for as long as needed to provide you with our services, comply with our legal and statutory obligations or verify your information with a financial institution.We are statutory obligated to retain the data you provide us with in order to process transactions, ensure settlements, make refunds, identify fraud and in compliance with laws and regulatory guidelines applicable to us.
  • Data Breach Management Procedure
    • In the event where there is any accidental or unlawful destruction, processing, loss, alteration, unauthorized disclosure of, or access to your personal data, we shall:
    • notify you within 24 hours of the occurrence of the data breach;
    • properly investigate the breach and take the necessary steps to mitigate such breach;
    • identify remediation requirements and track the resolution of such breach; and
    • notify the Information Commissioner's Office or any other regulatory authority, where necessary.
  • Links to Third Party Websites
    • Our website may contain links to third-party websites or services that are not owned or controlled by us.
    • We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. You further acknowledge and agree that we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such websites or services.
    • We strongly advise you to read the terms and conditions and privacy policies of any third-party websites or services that you visit.
  • Limitation of Liability
    • We exercise reasonable efforts to safeguard the security and confidentiality of your personal data; however, we will not be liable for unauthorised disclosure of personal data that occurs through no fault of ours.
  • Changes to this Privacy Policy
    • Changes may be made to this Privacy Policy from time. Whenever such changes are made, we will notify you. These changes will take effect immediately after you have been notified.
  • Contact Us
    • If you would like more information or you have any comments or questions on our Privacy Policy, please contact us at techsupport@trymaxim.comThis policy is effective as of 1st November 2023.Last updated: 1st November, 2023.
Think Credit, Think Maxim
Join the growing community of businesses that trust Maxim to unlock the power of data-driven credit assessments.