Back to Home

Privacy Policy

Last Updated: January 8, 2026

1. Introduction

Setubills ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our virtual top-up services.

By using our services, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Personal Information

When you register for an account, we collect:

  • Name: Your full name for account identification
  • Email Address: For account verification, communication, and password recovery
  • Phone Number: For account verification, transaction notifications, and support
  • Username: Your unique account identifier
  • Password: Encrypted and hashed using industry-standard algorithms (bcrypt)
  • Transaction PIN: 4-digit PIN for transaction authorization (encrypted)
  • Address: Optional, for account verification and compliance purposes

2.2 Transaction Information

We collect and store transaction data including:

  • Transaction type (airtime, data, bills, etc.)
  • Recipient phone numbers or account numbers
  • Transaction amounts and dates
  • Transaction status and reference numbers
  • Payment methods used
  • Wallet balance and transaction history

2.3 API and Developer Information

For API users, we collect:

  • API keys and access tokens
  • API request logs (IP addresses, timestamps, request types)
  • Webhook URLs for transaction notifications
  • Integration details and usage statistics

2.4 Technical Information

We automatically collect:

  • Device Information: Browser type, operating system, device model
  • IP Address: For security, fraud prevention, and geolocation
  • Cookies and Session Data: For maintaining logged-in sessions and preferences
  • Usage Data: Pages visited, features used, time spent on platform
  • Log Files: Server logs including access times, error logs, and system events

2.5 Referral Information

If you participate in our referral program:

  • Referral codes and links
  • Referred user information (username, registration date)
  • Referral earnings and payout history

3. How We Use Your Information

3.1 Service Delivery

  • Process transactions and deliver purchased services
  • Maintain and manage your account
  • Send transaction confirmations and receipts
  • Provide customer support and resolve disputes
  • Process refunds and handle failed transactions

3.2 Security and Fraud Prevention

  • Verify your identity and prevent unauthorized access
  • Detect and prevent fraudulent activities
  • Monitor for suspicious transaction patterns
  • Enforce our Terms of Service
  • Comply with legal and regulatory requirements

3.3 Communication

  • Send account notifications and security alerts
  • Provide customer support responses
  • Send promotional offers and service updates (with consent)
  • Conduct surveys and gather feedback

3.4 Platform Improvement

  • Analyze usage patterns and user behavior
  • Improve service quality and performance
  • Develop new features and services
  • Troubleshoot technical issues

4. Data Sharing and Disclosure

4.1 Service Providers

We share data with trusted third parties who assist in operating our platform:

  • Payment Processors: To process wallet funding and withdrawals
  • Network Providers: MTN, Glo, Airtel, 9Mobile for airtime/data services
  • Cable TV Providers: DSTV, GOTV, Startimes for subscription services
  • Utility Companies: For electricity bill payments
  • SMS Gateways: For sending transaction notifications and OTPs
  • Cloud Hosting: For data storage and platform infrastructure

All third parties are contractually obligated to protect your data and use it only for specified purposes.

4.2 Legal Requirements

We may disclose your information when required by law or to:

  • Comply with legal processes (court orders, subpoenas)
  • Enforce our Terms of Service
  • Protect our rights, property, or safety
  • Respond to regulatory inquiries
  • Cooperate with law enforcement investigations

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity with prior notice.

4.4 Aggregated Data

We may share anonymized, aggregated statistics that do not identify individuals for:

  • Industry analysis and reporting
  • Marketing and promotional purposes
  • Platform performance metrics

5. Data Security

5.1 Security Measures

We implement comprehensive security measures including:

  • Encryption: 256-bit SSL/TLS for data transmission, AES-256 for data at rest
  • Password Protection: Bcrypt hashing with salt for password storage
  • Session Security: Secure session management with CSRF tokens and HTTP-only cookies
  • Access Controls: Role-based access and principle of least privilege
  • Firewall Protection: Network-level security and DDoS protection
  • Regular Audits: Penetration testing and security assessments
  • Monitoring: 24/7 system monitoring for security threats

5.2 Data Retention

  • Account Data: Retained while your account is active plus 7 years for compliance
  • Transaction Records: Retained for 7 years for audit and regulatory requirements
  • Log Files: Retained for 90 days for security monitoring
  • Session Data: Expires after 30 minutes of inactivity

6. Your Privacy Rights

6.1 Access and Control

You have the right to:

  • Access: Request copies of your personal data
  • Rectification: Update or correct inaccurate information
  • Deletion: Request deletion of your account and data (subject to legal retention requirements)
  • Portability: Request your data in a portable format
  • Restriction: Request limitation of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests

6.2 Marketing Communications

You can opt out of marketing emails by:

  • Clicking "unsubscribe" in any promotional email
  • Updating preferences in your account settings
  • Contacting our support team

Note: You cannot opt out of essential service communications (transaction confirmations, security alerts).

6.3 Cookie Management

You can manage cookies through your browser settings. See our Cookie Policy for details.

7. Cookies and Tracking

We use cookies for:

  • Essential Cookies: Session management, authentication, security
  • Preference Cookies: Remember your settings and preferences
  • Analytics Cookies: Understand usage patterns (no personally identifiable data)

For comprehensive cookie information, please review our Cookie Policy.

8. Third-Party Links

Our platform may contain links to external websites (network providers, payment gateways). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

9. Children's Privacy

Our services are not intended for users under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately for removal.

10. International Data Transfers

Your data is primarily stored on servers located in Nigeria. If data is transferred internationally, we ensure adequate safeguards are in place through:

  • Standard contractual clauses
  • Data processing agreements
  • Compliance with applicable data protection laws

11. Data Breach Notification

In the event of a data breach affecting your personal information, we will:

  • Notify affected users within 72 hours of discovery
  • Provide details about the breach and data affected
  • Outline steps taken to mitigate harm
  • Offer guidance on protective measures
  • Report to relevant regulatory authorities as required

12. Compliance

This privacy policy complies with:

  • Nigeria Data Protection Regulation (NDPR) 2019
  • General Data Protection Regulation (GDPR) principles
  • Central Bank of Nigeria (CBN) data protection guidelines
  • Nigerian Communications Commission (NCC) regulations

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be communicated through:

  • Email notification for material changes
  • In-dashboard announcements
  • Updated "Last Modified" date on this page

Continued use after changes constitutes acceptance of the updated policy.

14. Contact Us

For privacy-related questions, requests, or concerns, contact our Data Protection Officer:

  • Email: setubillsinfo@gmail.com
  • Phone: 09134512038
  • Address: 18 God Grace Avenue Abule Ogunru Mowe, Ogun State

Response Time: We will respond to privacy requests within 30 days.

By using Setubills, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.