kylr
Wallet Sign in

Privacy policy

Last updated: June 14, 2026

What data we collect

When you complete a verification, kylr may collect your name, date of birth, email, phone number, identity document images, and a selfie. We also collect technical metadata such as IP address and browser details for fraud detection and system security.

Why we collect it

We process this information solely to verify identity on behalf of the business that requested the KYC check. We do not use your data to train AI models, build consumer profiles, or sell it to third parties.

How long we keep it

By default, verification records are held for 90 days after a final decision unless a business policy or legal requirement calls for a different retention window. After that period, images and PII fields are removed securely.

How we protect it

  • PII fields are encrypted at rest using AES-256.
  • Documents and selfies are stored in private buckets and served only through 15-minute signed URLs.
  • All traffic is transmitted over TLS and never over plain HTTP.
  • Every access to a sensitive record is logged with an immutable audit trail.
  • Access is role-based and least-privilege by design.

Your rights

Under the Nigeria Data Protection Regulation (NDPR), you can request access to your data, request correction of inaccurate data, or ask for deletion. You can submit a deletion request directly through our deletion request form, or email privacy@kylr.io.

Consent

Before any data is submitted through the kylr KYC flow, you are asked to provide explicit, informed consent. You can withdraw consent at any time, but doing so means we can no longer verify your identity for the requesting business.