Data Policy
Effective: March 2026
Last reviewed and updated: April, 2026
Introduction
At Stabyl Inc. ("Stabyl," "we," "us," or "our"), safeguarding your personal information is a top priority. This Data Policy outlines our practices for collecting, using, disclosing, and protecting your personal data in accordance with the Nigeria Data Protection Act 2023, the Nigeria Data Protection Regulation (NDPR) 2019, and international best practices including the General Data Protection Regulation (GDPR) where applicable.
Information We Collect
We may gather the following categories of personal information:
Name and Contact Details: Your name (or authorized representative's name), email address, phone number, mailing address, and similar contact data.
Identity and Verification Information: Government-issued identification documents, corporate registration documents, proof of address, and related verification data collected as part of our KYC process.
Financial Information: Bank account details, wallet addresses, transaction history, and settlement records.
Business Information: Business name, registration number, nature of business, and details of authorized signatories or representatives.
Usage Data: Information automatically collected when you access our Services, including IP address, browser type and version, pages visited, time and date of visits, time spent on pages, unique device identifiers, and other diagnostic data.
Cookies and Tracking Data: Data collected via cookies, pixel tags, and similar technologies. You can configure your browser to refuse cookies, but doing so may affect your ability to use certain features of the Services.
Other Information: Any additional details you voluntarily provide in connection with your use of the Services.
How We Collect Your Information
Your personal information may be collected through the following channels:
Platform Usage: Information gathered via cookies and similar technologies during your use of the Stabyl website, APIs, and dashboard.
Onboarding and Forms: Data collected when you complete registration, KYC verification, or other forms online or in person.
Direct Interactions: Information gathered during phone calls, emails, video conferences, or in-person interactions with our team.
API Integrations: Data transmitted through API connections between your systems and the Stabyl platform.
Third-Party Sources: Information received from partner financial institutions, identity verification providers, blockchain analytics services, and regulatory databases.
How We Use Your Information
Certain account information (such as name and business details) may be made available to other Stabyl users with whom you transact, as necessary to facilitate the transaction. Your wallet addresses, bank account numbers, and other sensitive financial information will not be revealed to counterparties except with your express permission or as required by law, regulation, or court order.
If you use third-party platforms to access or integrate with Stabyl via our API, we may share relevant account information with those platforms to facilitate the integration, subject to your authorization.
Sharing Information with Third Parties
We may use your personal information for the following purposes:
To deliver, operate, and improve our stablecoin liquidity and settlement services.
To verify your identity, conduct KYC checks, and prevent fraud, money laundering, and terrorist financing.
To process transactions, execute settlements, and manage your account.
To enhance our products, services, and user experience.
To fulfill legal, regulatory, and compliance obligations.
To communicate with you regarding your account, transactions, and the Services.
To conduct risk assessment and security monitoring.
Sharing Your Information
Data Security
We employ robust technical and organizational safeguards to protect your personal information from unauthorized access, disclosure, modification, or destruction. These measures include:
Encryption: Secure data encryption both in transit and at rest.
Access Controls: Strict role-based access restricted to authorized personnel only.
Continuous Monitoring: Ongoing system monitoring and threat detection.
Incident Response: Established procedures for identifying, managing, and responding to data security incidents.
While we strive to use commercially acceptable means to protect your data, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.
Data Retention
Your personal information will be retained only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal and regulatory obligations (including AML record-keeping requirements), or to resolve disputes and enforce our agreements. When your data is no longer required, it will be securely deleted or anonymized.
Your Rights
Subject to applicable law, you have the following rights regarding your personal data:
Access: Request access to the personal data we hold about you.
Rectification: Request correction of inaccurate personal data.
Erasure: Request deletion of your personal data in certain circumstances, subject to legal and regulatory retention requirements.
Restriction of Processing: Request that we limit the processing of your personal data under specific conditions.
Data Portability: Request the transfer of your personal data in a structured, commonly used, machine-readable format.
Objection: Object to the processing of your personal data based on your particular situation.
To exercise any of these rights, please contact us using the details provided below. We will respond to your request within the timeframe required by applicable law.
Contact Us
Stabyl, Inc.
Registration Address: 131 Continental Dr, Suite 305, City of Newark, County of New Castle, Delaware 19713 U.S.A.