Privacy Policy

1. Introduction

This Privacy Policy describes how Maiguard Sentinel Limited (“we”, “us”, “our”), trading as MaiGuard, collects, uses, discloses, and otherwise processes personal information in connection with MaiGuard—our multi-tenant B2B platform for transaction risk scoring, fraud prevention, and related compliance-oriented monitoring—and our websites, marketing, and support activities. Maiguard Sentinel Limited is a registered subsidiary of Lyrisoft Technologies Limited.

MaiGuard is primarily used by business customers (“Tenants”). Tenants may send us information about their customers, payers, or users (“End Users”). Depending on the context, Maiguard Sentinel Limited may act as a controller (e.g. for our own account and website data) or as a processor / service provider on behalf of a Tenant (e.g. for data Tenants submit to score transactions). Section 2 explains this distinction.

By using our Website, creating a Tenant account, or otherwise interacting with us as described below, you acknowledge the practices in this Policy, to the extent permitted by law.

2. Who is responsible for your information?

If you are an End User and wish to access, correct, or delete personal information, please contact the organization that uses MaiGuard (the Tenant). We will support that Tenant’s lawful instructions.

3. Scope

This Policy applies to:

• The MaiGuard cloud service (APIs, dashboards, integrations);
• MaiGuard websites and landing pages that link to this Policy;
• Sales and marketing communications where we act as controller;
• Customer support interactions with Tenants and authorised contacts.

It does not govern Tenants’ own products or websites, which are subject to those organizations’ privacy notices.

4. Personal information we collect

We collect or receive categories of information depending on your relationship with us.

4.1 Tenant account and billing

• Identity and contact: name, email, phone, job title, company name.
• Account credentials: authentication data (passwords are stored hashed); optional security settings (e.g. passkeys) where enabled.
• Billing and tax: billing address, payment-related references, transaction history with Maiguard Sentinel Limited (processed partly by payment providers).

4.2 Service usage and configuration

• Technical identifiers: API keys (stored in non-reversible form where applicable), device or session identifiers you provide.
• Configuration: rules, lists, webhooks, integration settings, audit of changes.
• Operational data: timestamps, request metadata, error logs, security logs.

4.3 Data Tenants submit about End Users (service data)

To provide scoring and monitoring, Tenants may transmit payloads that can include, for example:

• Transaction attributes (amount, currency, identifiers);
• User or customer identifiers (e.g. external userId);
• Network or device context (e.g. IP address, user agent, device fingerprint references);
• Location or behavioural telemetry where permitted and sent by the Tenant;
• AML- or fraud-related metadata (e.g. counterparty, corridor, product category) as described in integration documentation.

We do not control what Tenants send. Tenants are responsible for lawful collection, notices, and minimisation. We process such data only to provide the service, secure it, and meet legal obligations.

4.4 Website, cookies, and similar technologies

• Usage data: pages viewed, referrer, approximate location derived from IP, browser type.
• Cookies and similar technologies: as described in our Cookie Policy, cookie banner, and site settings where applicable.

4.5 Support and communications

• Support tickets: messages, attachments, diagnostic information you choose to send.
• Marketing: preferences, campaign engagement, unsubscribe records.

4.6 Sensitive categories

Tenants should avoid sending special-category or highly sensitive data unless strictly necessary and lawful. If we receive such data without a valid basis, we may delete it or reject processing per our policies and contract.

5. How we use personal information

We use personal information to:

1. Provide and improve MaiGuard (hosting, scoring, dashboards, integrations, troubleshooting).
2. Secure the service (abuse detection, authentication, monitoring, incident response).
3. Operate our business (billing, accounting, contracts, analytics in aggregate form).
4. Communicate (service notices, support, optional marketing with consent or soft opt-in where allowed).
5. Comply with law (tax, lawful requests, regulatory obligations).
6. Enforce terms (fraud prevention relating to our customer relationship, debt recovery).

5.1 Legal bases (Nigeria, Africa, and other applicable laws)

MaiGuard is designed for African businesses and their users. We primarily process personal data in line with Nigerian data protection law (including the Nigeria Data Protection Act and related frameworks) and, where relevant, comparable laws in other African countries in which Tenants or End Users are located.

Typical lawful grounds include:

• Contract: providing MaiGuard, onboarding Tenants, and billing;
• Legitimate interests: securing the service, preventing abuse, and improving the platform, balanced against privacy rights;
• Consent: where required for marketing or non-essential cookies and similar technologies;
• Legal obligation: tax, regulatory, and lawful requests.

Processor processing of End User data is governed by our DPA and the Tenant’s legal basis toward End Users under their local law (including other African jurisdictions).

6. Disclosure of personal information

We may disclose personal information to:

• Subprocessors who assist our hosting, storage, email, support, analytics, or security (listed or updated per our DPA / subprocessor notice).
• Professional advisers (lawyers, auditors) under confidentiality.
• Authorities when required by law or to protect rights, safety, and integrity of the service.
• Corporate transactions (merger, acquisition) with appropriate safeguards.

We do not sell personal information for monetary consideration. If applicable law in your country characterises certain disclosures differently or gives you opt-out or similar rights, we honour those requirements as described in this Policy and in our DPA.

7. International transfers

We host and process data primarily for African operations, including in Nigeria and other countries where we or our subprocessors operate to deliver the service. Personal data may move across borders within Africa or to other regions where our vendors are located, in line with Nigerian and other applicable African cross-border rules.

Where a transfer requires additional safeguards under the law that applies to you (for example, standard contractual clauses or other mechanisms), we implement those as described in our DPA.

8. Retention

We retain personal information for as long as necessary for the purposes above. Retention periods for categories of data (transactions, logs, backups, billing, etc.) are summarised in our Data Retention Policy (see related documents below) and may be further specified in your order form or DPA.

9. Security

We implement technical and organisational measures appropriate to the risk, including access controls, encryption in transit, segregation of tenant data, logging, and vendor reviews. No method of transmission or storage is 100% secure.

10. Your privacy rights

Rights depend on where you are. For many users in Nigeria and across Africa, depending on applicable law, you may have the right to:

• Access a copy of your personal information;
• Rectify inaccurate data;
• Erase data (“right to be forgotten”), subject to exceptions;
• Restrict or object to certain processing;
• Data portability;
• Withdraw consent where processing was consent-based;
• Lodge a complaint with a data protection regulator (for example, in Nigeria, the Nigeria Data Protection Commission (NDPC), where the law allows).

How to exercise rights

• If we are the controller for your data (e.g. Tenant admin): contact us at privacy@maiguard.com with your request.
• If you are an End User: contact the Tenant first; we will work with them under our DPA.

We may need to verify your identity before fulfilling requests.

11. Other jurisdictions

MaiGuard is focused on Africa. If you are in the United States, the European Economic Area, the United Kingdom, Switzerland, or elsewhere, extra privacy rules or transfer requirements may apply to you or to your Tenant’s use of the service. We comply with those where they apply and set out cross-border and processing details in our DPA. For any request, contact privacy@maiguard.com.

12. Automated decision-making

MaiGuard enables Tenants to apply rules and models that may produce automated risk scores or decisions about transactions or users. Maiguard Sentinel Limited provides the tooling; Tenants decide how to use outputs (e.g. block, review, allow). End Users seeking human review or contesting a decision should contact the Tenant, which is responsible for local legal requirements (including rules on automated processing or profiling under Nigerian, other African, or applicable foreign law).

13. Children

MaiGuard is not directed at children. We do not knowingly collect personal information from children below the age of digital consent in your jurisdiction. If you believe we have, contact privacy@maiguard.com.

14. Third-party links

Our websites may link to third-party sites. We are not responsible for their privacy practices. Read their policies before providing information.

15. Changes to this Policy

We may update this Policy from time to time. We will post the updated version with a new “Last updated” date and, where required, provide additional notice (e.g. email or dashboard notice for material changes).

16. Contact us

Maiguard Sentinel Limited (trading as MaiGuard), a registered subsidiary of Lyrisoft Technologies Limited
2 Otunba McMadu Close, Lagos

Privacy inquiries: privacy@maiguard.com

17. Related documents

• Cookie Policy
• Data Retention Policy — available to Tenants
• Data Processing Agreement (DPA) — available to Tenants