Legal · v2.0 · Updated 14 May 2026

Privacy Policy

This policy explains what personal data Timpbills collects, why we collect it, how we keep it safe, and the choices you have. We've written it in plain language, and it's binding on us.

01Our promise

At Timpbills, we treat your personal data the way we'd want ours treated. We collect only what we need to run the service, keep it secure, and never sell it to third parties for marketing. Full stop.

This Privacy Policy applies to all use of the Timpbills app, website and any related services operated by Timpbills Technology Limited, a company registered in Nigeria (referred to as “we”, “us” and “our”).

The short version:we collect data to run the service, keep it secure, and comply with Nigerian financial regulation. We don't sell your data. You can request a copy, correction or deletion at any time.

02Data we collect

We collect three categories of personal data:

Information you give us

  • Your full legal name, phone number, email address and password (at sign-up).
  • Date of birth, gender, address and identification documents (for KYC tier upgrades).
  • Bank account details and card information (for funding your wallet).
  • Messages you send via in-app chat, the contact form, email or phone.

Information we collect automatically

  • Device data: device type, operating system, app version, unique identifiers.
  • Usage data: screens viewed, features used, transactions initiated, error reports.
  • Network data: IP address, network operator, approximate location.

Information from third parties

  • KYC verification results from our identity-verification partners.
  • Transaction confirmations from mobile networks, DisCos and cable TV providers.
  • Fraud-detection signals from our banking and processing partners.

03How we use your data

We use your data for these purposes only:

  • To run the service: process payments, deliver airtime/data/electricity tokens, send receipts, provide customer support.
  • To keep you safe: detect and prevent fraud, money laundering and unauthorised access; verify your identity.
  • To comply with the law: meet Know-Your-Customer (KYC), Anti-Money-Laundering (AML) and other regulatory obligations.
  • To improve the product: analyse anonymised usage patterns to fix bugs and design better flows.
  • To communicate: send transactional alerts, important service updates, and, only if you opt in, marketing about new features.

04Sharing your data

We share data only with parties who help us run the service, and only the minimum data they need. These include:

  • Our licensed banking partner that holds wallet balances.
  • Mobile networks, DisCos, cable TV providers and other billers when you transact with them.
  • Identity verification, fraud detection and SMS/email delivery providers.
  • Cloud infrastructure providers (encrypted at rest, in-region where possible).
  • Regulators, law enforcement and courts where we are legally required to do so.
We do not sell your personal data to advertisers, data brokers or any third party for their own marketing purposes.

05Cookies & tracking

Our website uses a small number of cookies and similar technologies for:

  • Strictly necessary: keeping you signed in, remembering your preferences.
  • Analytics: measuring traffic so we know which pages are useful (we use privacy-respecting analytics with IP anonymisation).

You can manage cookies through your browser settings. The mobile app uses similar device identifiers, which you can reset from your operating system's privacy controls.

06Data security

We protect your data using industry-standard measures:

  • Transport encryption (TLS 1.2+) for all data in motion.
  • Encryption at rest for sensitive data including identity documents and card details.
  • PCI-DSS compliance for card processing.
  • Biometric and PIN authentication on every transaction.
  • 24/7 monitoring, intrusion detection and regular penetration testing.
  • Strict internal access controls; staff only see data they need for their role.

Despite our best efforts, no system is perfectly secure. If we ever suffer a data breach that affects you, we will notify you and the relevant regulator without undue delay, in line with Nigerian law.

07Data retention

We keep your personal data for as long as your account is active. After you close your account, we keep most data for 7 years to satisfy financial-records-retention obligations under Nigerian law, then delete it.

Some anonymised analytics may be retained indefinitely, as it can no longer be linked back to you.

08Your rights

Under the Nigeria Data Protection Act 2023 and other applicable laws, you have the right to:

  • Access: request a copy of the personal data we hold about you.
  • Correction: ask us to fix any inaccurate or incomplete data.
  • Deletion: request deletion, subject to our legal retention duties.
  • Object: opt out of marketing communications at any time.
  • Portability: request your data in a structured, machine-readable format.
  • Lodge a complaint: with the Nigeria Data Protection Commission (NDPC).

To exercise any of these rights, write to privacy@timpbills.com. We respond within 30 days.

09Children's privacy

Timpbills is not for children. We do not knowingly collect data from anyone under 18 years of age. If we learn that we have collected such data, we will delete it.

10International transfers

Your data is primarily stored on infrastructure located within Nigeria. Where data is transferred outside Nigeria (for example, to certain cloud regions or specialist analytics providers), we ensure adequate safeguards are in place, including contractual protections and data-residency commitments from our providers.

11Updates to this policy

We may update this Privacy Policy from time to time. The “Updated” date at the top of this page reflects the most recent revision. Where changes are material, we'll notify you in the app and by email at least 14 days before they take effect.

12Contact us

For any privacy question, request or complaint, please get in touch:

  • Email: privacy@timpbills.com
  • Data Protection Officer: dpo@timpbills.com
  • Phone: +234 703 867 1205
  • Address: Abuja, Nigeria