Built on Trust. Governed by
Compliance.
At Richion, compliance is not a checkbox — it is the foundation upon which every product decision is made
Our Regulatory Standing
Company name
Richion Digital Services Limited
RC Number
RC 7055476
Date of Incorporation
17 July 2023
Governing Act
Companies and Allied Matters Act (CAMA) 2020
Registered Address
Registered Address
CAC Status
Active
TIN
31464161-0001
The Laws and Standards We Are Governed By
Richion Digital Services Limited operates within a comprehensive compliance framework aligned to the following regulatory instruments and standards
Nigeria Data Protection Regulation (NDPR) 2019 — Governing all personal data processing activities. Richion has a designated Data Protection Officer (DPO) and maintains a full Data Protection Policy.
Nigeria Data Protection Act (NDPA) 2023 — Supplementing the NDPR with updated statutory requirements for lawful data processing.
Central Bank of Nigeria (CBN) Guidelines on Electronic Banking, Consumer Protection, and Cybersecurity — Governing our financial services operations, electronic payment security, and customer protection obligations.
Anti-Money Laundering / Counter-Financing of Terrorism (AML/CFT) Requirements — We conduct full KYC (Know Your Customer) verification for all users in compliance with applicable CBN AML/CFT guidelines. User transactions are monitored for suspicious activity.
Companies and Allied Matters Act (CAMA) 2020 — Governing our corporate recordkeeping, governance structure, and statutory obligations.
Federal Competition and Consumer Protection Act (FCCPA) 2018 — Governing consumer rights and fair dealing obligations.
National Information Technology Development Agency (NITDA) Cybersecurity Framework — Providing standards for IT security practices applicable to Nigerian technology companies.
Payment Card Industry Data Security Standard (PCI DSS) — Applied to the extent of our operations involving the processing, storage, or transmission of cardholder data.
Your Security Is Our Priority
Richion employs a defence-in-depth security architecture, designed to protect customer data and financial assets at every layer of our platform. Our security practices include:
256-bit AES Encryption at Rest — All personal and financial data stored by Richion is encrypted at rest using AES-256 industry-standard encryption.
TLS 1.2+ Encryption in Transit — All data transmitted between our platform and customers is encrypted using TLS 1.2 or higher. Older protocols are prohibited.
Multi-Factor Authentication (MFA) — Required for access to all critical internal systems, and available as an option for customers.
Firewalls & Intrusion Detection — Network firewalls, intrusion detection systems, and endpoint security controls are deployed across all production infrastructure.
Regular Security Audits & Penetration Testing — Independent security assessments and penetration tests are conducted at least annually.
Real-Time Transaction Monitoring — Automated systems flag suspicious or anomalous activity in real time.
Secure Backup & Disaster Recovery — All critical data is backed up with defined Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO) in accordance with our Business Continuity Plan.
Access Controls — Data access is restricted to authorised personnel on a strict need-to-know basis. Credentials are revoked immediately upon staff departure.
Your Data. Protected. Always
Richion is fully committed to protecting the personal data of all users, merchants, and employees in accordance with the NDPR and NDPA. We maintain a full Data Protection Policy and have a designated Data Protection Officer (DPO) who oversees all data protection matters. We collect only the data necessary to deliver our services (data minimisation), retain data only for as long as legally required, and never sell or rent your personal information to third parties. All third-party processors are bound by Data Processing Agreements.
Key Customer Data Rights (NDPR / NDPA)
Right to access your personal data
Right to correct inaccurate data
Right to request deletion of your data (subject to legal retention obligations)
Right to data portability
Right to withdraw consent at any time
Right to lodge a complaint with the National Data Protection Commission (NDPC)
To exercise any of these rights, contact our DPO at: support@richionstore.com