INFINITSWAP COMPLIANCE
Back to Terminal

Privacy Policy

Effective Date: February 11, 2026

1. Introduction

At Infinite 69Trading Services Limited ("Infinitswap"), we operate as a global technology platform with a focus on African financial infrastructure. We are committed to protecting your privacy and processing your personal data in strict accordance with the following regulatory frameworks:

  • Nigeria: Nigeria Data Protection Act (NDPA) 2023
  • South Africa: Protection of Personal Information Act (POPIA) 2013
  • Ghana: Data Protection Act, 2012 (Act 843)
  • Tanzania: Personal Data Protection Act, 2022

2. Information We Collect

To provide a secure and efficient technology interface, we collect the following categories of information:

  • Identity Data: Full name, date of birth, gender, and government-issued identification (BVN, NIN, Passport, or National ID) required for regional KYC verification.
  • Contact Data: Email address, physical billing address, and verified telephone number.
  • Financial Instruction Data: Bank account details, digital wallet addresses, and transaction amounts.Note: We do not store full card primary account numbers (PAN) or CVV codes.
  • Technical Data: IP address, device telemetry, browser metadata, and usage patterns collected via secure cookies.

3. Legal Basis for Processing

We process your data based on the following legal grounds recognized across our jurisdictions:

  • Contractual Necessity: To route instructions to our licensed settlement partners.
  • Legal Obligation: To comply with regional Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) mandates.
  • Legitimate Interest: For fraud detection, system security, and infrastructure optimization.
  • Consent: For any processing activities where you have provided explicit opt-in authorization.

4. Data Sharing and Cross-Border Transfers

As a technology layer, we do not settle funds. Consequently, your data must be shared with:

  • Licensed Financial Partners: Regulated Payment Service Providers (PSPs) and banks (e.g., partners regulated by CBN, SARB, BoG, or BoT).
  • Regulatory Authorities: Law enforcement or government bodies across Nigeria, Ghana, Tanzania, and South Africa when required by law.

Cross-Border Transfers: We ensure that any data moved across national borders is protected by Standard Contractual Clauses (SCCs) and robust encryption, ensuring a level of protection equivalent to the data's country of origin.

5. Data Retention

In accordance with financial industry standards in our operating regions, we are legally obligated to retain KYC and transaction instruction data for a minimum of five (5) to seven (7) years following the termination of a user relationship or the last successful transaction.

6. Data Security

We implement industry-leading technical measures, including:

  • Encryption: TLS 1.3 for data in transit and AES-256 for data at rest.
  • Access Control: Strict multi-factor authentication (MFA) for all internal infrastructure access.
  • Audits: Regular third-party penetration testing and vulnerability assessments.

7. Regional Data Subject Rights

Depending on your jurisdiction, you hold specific rights over your data (e.g., NDPA Section 34, POPIA Section 23):

  • Access & Correction: The right to see and correct your data.
  • Objection: The right to object to processing for direct marketing.
  • Erasure: The right to request data deletion, subject to mandatory financial retention laws.
  • Portability: The right to receive your data in a structured, machine-readable format.

8. Contact Our Data Protection Officer

For inquiries or to exercise your rights across any of our jurisdictions, please contact our Data Protection Officer (DPO):

Email: privacy@infinitswap.ai

Global Headquarters: 17, Onyeneke Chukwu Street, Achara Layout, Enugu, Nigeria.

Authorized Data Controller: Infinite 69Trading Services Ltd.

Dispute Resolution Desk

infinitswap@gmail.com

+234 907 960 7916

Mon-Fri: 9am - 5pm WAT

Infinitswap Internal Regulatory Document // Ref: 2026-COMP-V1