DenyList Privacy Policy


At DenyList, we are committed to keeping your personal details private. We treat the privacy of our users very seriously and we take appropriate security measures to safeguard your privacy. This Privacy Policy explains how we protect and manage any Personal Data that you share with us and that we hold about you, including how we collect, process, protect and share that data.

Privacy & Cookies

At DenyList, we are committed to keeping your personal details private. We make simple –but strong statements about privacy so you can be clear about our commitment to you. We treat the privacy of our users very seriously and we take appropriate security measures to safeguard your privacy. This Privacy Policy explains how we protect and manage any Personal Data that you share with us and that we hold about you, including how we collect, process, protect and share that data.

BVN and Other Identification Documents/Information

At DenyList, we’re committed to respecting your privacy and protecting your identification details.

DenyList is an independent database and therefore requests for information and personal details directly from users. During registration, verification, listing or search, you may be required to provide personal identification documents, including Bank Verification Number (BVN).

As is clearly stated on our website, the BVN option is optional. Users can enjoy a seamless experience with/without taking the option to provide personal or third-party BVN details. We are committed to maintaining the standard to make BVN optional on our platform until we are compelled otherwise by governing laws instituted by the federal government in individual countries where DenyList is in operation.

DenyList does not change, amend or amplify identification documents and BVN submitted by users. For accountability, our systems automatically encodes BVN details into a non-readable alphabetical format before it is stored for records purposes only.

DenyList does hereby declare that it has no role in the assessment/issuance of Bank Verification Number. DenyList will not be liable or responsible for any claim resulting in the delay, processing, rejection, or compromise of BVN submitted to our database.

DenyList takes every precaution in handling documents submitted by users. The handling of documents is also subject to unforeseen events and circumstances outside DenyList control. It cannot be attributable to any act or failure to take preventive action by DenyList. Such events and circumstances will not include any industrial action against DenyList or any of its subcontractors.

DenyList is committed to managing user information with the highest standards of information security. We use the best computer safeguarding technology such as firewalls and data encryption. We also enforce very limited physical access to our database and files, and only authorize admins who require it to provide the best services to you.

Do not share your personal information with anyone. No employee of DenyList will ever ask you for your BVN, or any information you already have in your profile, so any email or correspondence requesting such information should be treated as unauthorized and suspicious and forwarded to DenyList ([email protected])

You are responsible for maintaining adequate security and control of any IDs, passwords, personal identification numbers (PINs), BVN, or any other codes that you use to access any DenyList services.

It is further clarified that in no event shall DenyList or its representatives be liable for any direct, indirect, punitive, incidental, special, consequential damages or any damages due to issues involving BVN or other personal identity documents or information.

The user agrees that the preceding limitation of liability is an agreed allocation of risk between the parties. This limitation of liability is and shall be an integral part of this disclaimer.

It is understood that when a user submits identity documents, BVN, and related documents during registration, verification, listing, or search, the user has understood the Terms of Use and Privacy Policy details, as mentioned herein.



How We Obtain Your Personal Data

Information Provided by You : You provide us with Personal Data when you register to use our services on our website. This includes your name, current and previous addresses, date of birth, email address, payment/card details and your password. We use this information in order to manage, provide and administer our services to you.

We may also keep information contained in any correspondence you may have with us by post, email, or Secure Message. We may also record telephone calls, but only if we tell you at the start of the call and not otherwise for the purpose of quality customer relations. If we do not record a telephone conversation with you, we may keep brief details of the contents of your call on our files.

Each time you visit our website we obtain information about the device you use to access our services, your location and your IP address.

Information we get from other sources

Third Party Product Providers we work in association with: We work closely with a small number of third-party service providers to bring you a range of quality and reliable services like payment transactions and security. For example, to subscribe for a package or conduct a search, we will need to have a way to process payments.

The relevant third-party provider will use your details to process your payments and carry out their obligations arising from any applicable laws. In some cases, they will be acting as a Data Controller of your information and therefore we advise you to read their Privacy Notice.

These third-party product providers will share your information with us which we will use in accordance with this Privacy Notice.

Please be reassured that we will not release your information to third parties beyond the DenyList network for them to use for their own purposes.

How We Use Your Personal Information

Your Personal Data is used to administer and manage your account with us. Your IP address, details of the device you use and your location are used to help identify you, to prevent fraudulent use of our services, to diagnose problems with our servers, and to administer our website.

We do not share your Personal Data with any third party, other than for necessary purposes and for the purposes of fraud prevention.

To help prevent abuse of our services and fraud, we share information about you and the use of our services (but not your Credit/Debit card data) with trusted service providers and fraud prevention agencies strictly to enable them and us to detect, prevent and otherwise address unlawful or suspected fraudulent internet activity on our own websites and on websites owned and operated by others.

When you give us personal information, we take steps to ensure it is treated securely. All sensitive information (such as credit/debit card details and BVN) is encrypted and protected. The lock icon in the address bar of our website is an indication that you are on a secure page.

We also take extra measures to protect your sensitive data - which are always saved in non-readable and non-transmittable formats in our database.

However, non-sensitive details (your email address and name) are transmitted usually over the Internet, which can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.

Once we receive your information, we make our best effort to ensure its security on our systems.

You are solely responsible for keeping your account details and password safe. Do not share your password with anyone.

We have security measures in place to take reasonable precautions to protect the loss, misuse and alteration of the information under our control. These include the issue and use of passwords, powerful encryption and computer firewalls to guard against hacking. No data transmission over the internet can be entirely secure, so we cannot guarantee the security of your Personal Data when in transit between you and us.

From time to time we may have to suspend services whilst we investigate any attempted breach of security. You are obligated, under the Terms and Conditions you agree to abide by when you use our services, to report any suspected breach to us immediately. We also take reasonable security measures to protect your Personal Data in storage. Your Payment/Card details are used to enable us to manage your subscription with us.

Do We Use Your Personal Data for Marketing Purposes?

We do not sell or rent your personal information to third parties for their marketing purposes without explicit consent. Consent can be given in a number of ways: in writing or through an action(s). You can consent to the use of your personal data by responding to a request for consent when you click an approval/confirmation link or fill a form for authorization. As it concerns both parties, consent can be withdrawn at any time, as long as it is clearly communicated. Consent cannot be coerced or compelled by force, threat, deception or intimidation.

However, we may use your data and other information we collect from other companies to improve and personalize DenyList services, content, and advertising.

By agreeing to this Privacy Policy and Terms of Use; and using DenyList services, you give us consent to use your data for marketing and advertising purposes without prior notice.

If you wish to opt out of receiving such messages from us, you can do so at any time by clicking on the appropriate link at the footer of each email or sending an email to [email protected]

Links to Other Websites

Our website contains links to other websites. DenyList is not responsible for the privacy practices or the content of such websites. Sharing Information : We will keep information about you confidential. We will only disclose your information with other third parties as explained in this Privacy Policy, or with your authority or your express consent, with the exception of the following:

Categories of Third Parties
  • Regulatory authorities to comply with any legal and regulatory issues and disclosures;
  • Fraud prevention agencies for the purposes of investigating suspected fraud and fraud prevention;
  • Email or mail service providers who provide a fulfillment service for us, on the understanding that they will keep information confidential;
  • Anyone to whom we may transfer our rights and duties under any agreement we may have with you; and
  • Legal or crime prevention agencies and/or to satisfy any regulatory request if we are under a legal duty to do so
How long do you keep information about me?

We keep information in line with our data retention policy. The retention periods are in line with the length of time we need to keep your Personal Data in order to manage and administer our services to you.
The retention periods vary to take into account our need to meet any legal, statutory and regulatory obligations and can vary for individual customers and for different reasons. In general, we do not keep information for longer than we deem necessary. In the absence of any compelling reason not to do so, your Personal Data will be removed from our databases within ten years after the date of closure of your account with us. In all cases our need to use your Personal Data is reassessed on a regular basis and information that is no longer required is disposed of.

Subject Access Requests

The General Data Protection Regulation (GDPR) grants you the right to access particular Personal Data that we hold about you. This is referred to as a Subject Access Request. The General Data Protection Regulation (GDPR), agreed upon by the European Parliament and Council in April 2016, replaced the Data Protection Directive 95/46/ec in Spring 2018 as the primary law regulating how companies protect EU and foreign citizens' personal data. It requires the consent of subjects for data processing as aforementioned. We are also in compliance with the Nigeria Data Protection Regulation (NDPR) of 2019 as amended. The NDPR covers transactions intended for the processing of personal data and to actual processing of personal data and person(s) residing in Nigeria or residing outside Nigeria but of Nigerian descent.

Section 2.1(d) of the NDPR requires that personal data should be secured against all foreseeable hazards and breaches such as theft, cyber-attack, viral attack, dissemination, manipulations of any kind, damage by rain, fire or exposure to other natural elements.

We shall respond promptly to any Subject Access Request received, and always within one month from the point of receiving the request and all necessary information from you. Our formal response shall include details of the Personal Data that we hold about you, including the following:

  • Sources from which we acquired the information;
  • The purposes for processing the information, and
  • Persons or entities with whom we are sharing the information.


Right to data portability
You have the right to receive your Personal Data which you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller without hindrance from us.

Right to object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of Personal Data concerning you, including any personal profiling; unless this relates to processing that is necessary for the performance of a task carried out in the public interest or an exercise of official authority vested in us. We shall on longer process the Personal Data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of you, or the establishment, exercise or defense of legal claims.

Right to not be subject to decisions based solely on automated processing
Other than our online authentication process, which is an essential part of our fraud prevention procedures, we do not carry out any automated processing which may lead to an automated decision based on your Personal Data.

Other rights under the NDPR

The NDPR protects the right if a data subject objects to the processing of his or her data for marketing purposes. The NDPR also specifies that the data controller must provide a mechanism for objection to the data subject. Section 2.8 of the NDPR. The NDPR provides the following rights for individuals:

  • The right to be informed/information
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling


  • Invoking your rights : If you would like to invoke any of the above Data Subject Rights with us, please contact our Data Protection Officer on [email protected]

    Accuracy of information

    In order to provide the highest level of customer service possible, we need to keep accurate Personal Data about you. We take reasonable steps to ensure the accuracy of any Personal Data or sensitive information we obtain. We ensure that the source of any Personal Data or sensitive information is clear and we carefully consider any challenges to the accuracy of the information. We also consider when it is necessary to update the information such as name or address changes, and you can help us by informing us of these changes when they occur.

    Policy changes

    This Privacy Policy is regularly reviewed. This is to make sure that we continue to meet the highest standards and to protect your privacy. We reserve the right, at all times, to update, modify or amend this Policy. We suggest that you review this Privacy Policy from time to time to ensure you are aware of any changes we may have made. We will not significantly change how we use information that you have already given to us without either your prior agreement or as otherwise permitted under the General Data Protection Regulation (GDPR).

    If you have a complaint

    If you have a complaint not addressed in our FAQs and Terms and Conditions or if you have a complaint which specifically relates to the use of your Personal Data or sensitive information then please write to the Data Protection Officer on [email protected]

    OUR CAVEATS

    • The organizations and individuals agree to bear the sole responsibility for any data that they upload.
    • DenyList requests details such as name, phone number, email address, gender, BVN (optional), Govt. Issued identification (optional) when listing an individual/organization.
    • Before submitting a listing, DenyList requires you to provide personal information and a government-issued ID as part of its verification process.
    • Individuals who submit listings must agree to have their details published alongside the listings they submit.
    • DenyList DOES NOT store credit/debit card details and cleartext BVN details of users.
    • DenyList reserves the right to delete any entry without prior notice.
    • DenyList does not take part in any conflict resolution process but honours a court/police/arbitration order to delete a listing after resolution.


    Opting out of marketing communications

    You have the following options if you do not wish to receive future marketing communications from us. Please note that we may still be required to notify you from time to time of any significant changes to our terms and conditions, even after you express a preference not to receive marketing communications.

    Information about Cookies

    A cookie is a small text file stored on your browser. We use a minimal number of cookies to support your use of our website. We classify these as being Strictly Necessary, Performance, Referral or Advertising cookies.

    What Do We use Cookies for?

    We use cookies and similar technologies to distinguish you from other users of the website. This helps us to provide you with a good experience when you browse the website and also allows us to personalize and improve the website. Our cookies are not used to collect information which (by itself) allows us to identify who you are. But if you separately tell us who you are, we may link your identity to the cookies we put on your device so that we can see how you are using the website. We use that information in accordance with the privacy notice that we give you when you tell us who you are. DenyList makes use of cookies in order to provide the best experience to users. We require consent from users through a notice that requires user action. The cookie policy is a declaration to users that cookies are active on our website. When you click the agree/ok button on the notice page, you consent to activate cookies for better user experience.

    What Cookies Do We Use?

    We use the following kinds of cookie:
    • Strictly necessary cookies: These are cookies that are required for the operation of the website. They include, for example, cookies that enable you to log into secure areas of the website.
    • Analytical/performance cookies: These cookies allow us to recognize and count the number of visitors and to see how visitors move around the website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. They also allow us to tell if you have reached our website from one of our advertising partners so that we can meet our contractual commitments to that partner.
    • Functionality cookies: These are used to recognize you when you return to our website. This enables us to personalize our content for you, greet you by name and remember your preferences.
    • Targeting cookies: These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.