Security and compliance, independently verified.
MaiGuard Sentinel Limited is certified to ISO/IEC 27001:2022 for information security and files its data-protection audit returns under Nigeria's NDP Act, 2023. Independent audits — not self-assessment — stand behind how the platform is built.
Certifications
Independently audited and certified.
MaiGuard is certified to ISO/IEC 27001:2022 for information security management and files its data-protection audit returns under the NDP Act, 2023.
ISO/IEC 27001:2022
CertifiedInformation Security Management System
Independently certified that MaiGuard operates a risk-based information security management system to the ISO/IEC 27001:2022 standard — covering people, processes and technology across the platform.
- Issuer
- Accredited certification body
- Scope
- International
- Year
- 2025
NDP Act, 2023
AcknowledgedData protection compliance audit
Annual data-protection compliance audit returns filed with the Nigeria Data Protection Commission and acknowledged for 2025 under the Nigeria Data Protection Act, 2023.
- Issuer
- Nigeria Data Protection Commission (NDPC)
- Scope
- Nigeria
- Year
- 2025
Data protection by design
How we meet our obligations.
The audit confirms what we file. These are the controls that stand behind it, every day.
Data residency
Customer and personal data is processed in regions appropriate to your tenancy, with an Africa-first deployment posture.
Encryption in transit and at rest
Traffic is protected with modern TLS, and stored data is encrypted at rest across our managed infrastructure.
Retention and deletion
Personal data is kept only as long as the service needs it, then deleted on a defined schedule. See our Data Retention Policy.
Access controls
Least-privilege access, scoped API keys, and audit trails govern who can reach data and what they can do with it.
Breach notification
Documented incident response procedures align with the notification timelines set out under the NDP Act, 2023.
Data subject rights
We support access, correction, and deletion requests, and process personal data only on a lawful basis.
Documentation
Read the detail.
Every policy behind our compliance posture, in plain language.