MelonGram Logo

Privacy Policy

Last updated: April 29, 2026

1. Introduction

MelonGram Limited respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, share, store, protect, transfer, and retain personal data when you use MelonGram’s website, mobile application, remittance platform, customer support channels, or related services.

MelonGram provides digital cross-border money transfer services, initially enabling customers in the United Kingdom to send money to recipients in Nigeria.

This Privacy Policy applies to customers, beneficiaries, website and app users, people who contact us, and individuals involved in support, complaints, compliance checks, fraud reviews, or regulatory enquiries.

2. Who We Are

Company name: MelonGram Limited
Company number: 16930867
Website: melongram.com

Registered office:

167-169B Great Portland Street
5th Floor
London
W1W 5PF
United Kingdom

Data privacy: dataprivacy@melongram.com
Compliance: compliance@melongram.com
Support: support@melongram.com

For the activities described in this Privacy Policy, MelonGram Limited is responsible for deciding how and why personal data is used.

3. Our Role and the Role of Service Providers

MelonGram acts as the main data controller for personal data we collect when you register, complete onboarding, provide KYC information, request a transfer, add a beneficiary, contact support, or use our platform.

To complete a MelonGram transfer, we may work with regulated and specialist service providers. For example:

  • identity verification and screening providers may help verify your identity, documents, selfie checks, sanctions status, PEP status, and fraud risk;
  • UK payment or banking partners may help collect, confirm, refund, or reconcile customer funds;
  • Nigerian payout partners, banks, or wallet providers may receive the beneficiary and transaction details needed to complete the payout;
  • technology, hosting, monitoring, communication, and support providers may help us operate the platform securely and reliably.

MelonGram works with approved third-party providers to support the delivery of our UK-to-Nigeria remittance service. These providers may support identity verification, compliance screening, payment collection, payout processing, fraud prevention, platform security, customer communications, hosting, monitoring, reconciliation, and customer support.

Where a third-party provider processes personal data on MelonGram’s behalf, it may only use that data for the agreed service and in line with our instructions, contracts, confidentiality requirements, security controls, and applicable data protection law.

Some third-party providers may also have their own legal or regulatory responsibilities. For example, regulated payment, banking, payout, identity verification, compliance, screening, or fraud prevention providers may need to process limited personal data to confirm payments, complete payouts, verify identity, screen for sanctions or PEP status, prevent fraud, keep required records, or respond to lawful requests.

Where a third-party provider is separately responsible for how it uses your personal data, we will provide further information where required by law or where it is necessary to help you understand your rights.

4. About Our Service

MelonGram operates a digital money cross-border remittance platform.

Our services may include customer onboarding, identity verification, KYC checks, customer due diligence, sanctions and politically exposed person screening, fraud checks, transfer initiation, payment collection, payout to beneficiaries through regulated partners, transaction tracking, customer support, complaints handling, transaction monitoring, reconciliation, and compliance reporting.

MelonGram does not currently provide anonymous accounts, cash pickup services, physical branch services, card issuing, cryptoasset services, or unrelated high-risk financial products.

5. Personal Data We Collect

We collect personal data that is necessary to provide our services, meet legal obligations, prevent fraud, protect customers, and operate securely.

The personal data we may collect includes:

Identity and contact data

name, date of birth, nationality, residential address, email address, phone number, identity document details, identity document images, selfie or facial image, liveness check result, biometric verification result where applicable, and verification status.

Customer profile data

customer account ID, profile details, login history, account status, verification level, risk rating, transaction limits, and account restriction records where applicable.

Financial and transaction data

bank account details used to fund transfers, payment references, payment confirmations, refunds, reversals, payment status, reconciliation records, amount sent, currency, exchange rate, amount to be received, transfer reference, payout status, receipts, failed or refunded transactions, and compliance review outcomes.

Beneficiary data

beneficiary name, bank account or wallet details, phone number where required, country of payout, payout institution details, relationship to you where required, and transfer history connected to that beneficiary.

Compliance and screening data

customer due diligence records, sanctions and PEP screening results, fraud screening results, source of funds, source of wealth where required, purpose of transfer, expected activity, risk scores, manual review notes, suspicious activity assessments, and regulatory reporting records.

Technical, device, and usage data

IP address, device type, device ID, browser type, operating system, app version, login data, session data, approximate location from IP address, security signals, error logs, usage activity, and authentication logs.

Support, communications, and preference data

emails, support tickets, complaint records, documents or screenshots you provide, our responses, resolution records, marketing preferences, consent records, opt-in or opt-out records, and campaign engagement data.

KYC and identity verification information may be collected directly through MelonGram’s platform and may also be processed by approved verification, compliance, or screening providers where necessary.

6. How We Collect Personal Data

We collect personal data:

  • directly from you when you register, complete onboarding, request a transfer, add a beneficiary, contact support, or respond to a compliance request;
  • automatically when you use our website, mobile app, or services;
  • from third parties involved in identity verification, sanctions and PEP screening, fraud prevention, payment collection, payout processing, public records, regulatory checks, law enforcement requests, or professional support.

When you provide beneficiary details, you should ensure that the information is accurate and that you have a lawful reason to provide it to us for the purpose of completing the transfer.

7. How and Why We Use Personal Data

We use personal data only where we have a lawful reason to do so and only for purposes connected to providing, securing, monitoring, and complying with our remittance service.

We may use your personal data to:

  • use the details you provide during registration to set up, verify, secure, and maintain your MelonGram customer profile;
  • confirm your identity and complete KYC, customer due diligence, sanctions, PEP, and fraud checks;
  • share the minimum necessary beneficiary and transaction details with regulated payout channels so the transfer can be completed;
  • provide transfer receipts, payment status updates, security alerts, and customer support;
  • monitor transaction value, frequency, behaviour, and risk indicators to detect suspicious or unusual activity;
  • comply with AML, counter-terrorist financing, sanctions, fraud prevention, tax, accounting, record keeping, and regulatory obligations;
  • prevent scams, fraud, account misuse, unauthorised access, identity theft, or unlawful activity;
  • reconcile customer funds received, refunds, reversals, failed transfers, and beneficiary payouts;
  • respond to complaints, support issues, legal claims, regulator requests, court orders, or law enforcement requests;
  • fix service errors, improve transfer tracking, reduce failed payments, strengthen security controls, and improve the reliability of the MelonGram platform;
  • send service messages and, where permitted, optional marketing or product updates.

The lawful bases we may rely on include performance of a contract, legal obligation, legitimate interests, consent where required, and substantial public interest where special category data is processed for financial crime prevention, fraud prevention, identity verification, or regulatory compliance.

8. Biometric Data, Automated Checks, and Manual Reviews

As part of identity verification, we may process facial images, selfie images, liveness check results, or biometric verification results.

We use this information to confirm that you are a real person, verify that your identity document belongs to you, prevent impersonation and fraud, comply with KYC and AML obligations, and protect customers and the financial system.

We may also use automated tools to help verify identity, assess risk, detect fraud, monitor transactions, and protect the platform. These checks may include sanctions and PEP screening, fraud scoring, device risk checks, transaction velocity monitoring, transaction pattern analysis, duplicate account detection, and unusual behaviour detection.

Automated checks may flag an account or transaction for manual review. A flagged account or transaction may be delayed, restricted, declined, or subject to additional checks. Where required, significant decisions may be reviewed by trained staff.

We do not use biometric data for advertising, unrelated profiling, or sale to third parties.

9. Who We Share Personal Data With

We share personal data only where necessary, lawful, and proportionate.

For a MelonGram transfer, personal data may need to be shared across the remittance journey, including for onboarding, payment collection in the United Kingdom, compliance screening, fraud prevention, payout in Nigeria, customer support, reconciliation, and regulatory reporting.

We may share personal data with:

  • regulated payment and banking partners that help collect, confirm, refund, or reconcile customer funds;
  • regulated payout partners, banks, or wallet providers that help complete beneficiary payouts in Nigeria;
  • identity verification providers that help verify documents, selfies, liveness checks, and customer identity;
  • screening, compliance, and fraud prevention providers that help perform sanctions, PEP, AML, fraud, and transaction risk checks;
  • technology, hosting, cloud, customer support, communication, monitoring, and security providers that help operate and protect the MelonGram platform;
  • professional advisers, including legal, audit, accounting, insurance, and consultancy advisers;
  • regulators, law enforcement agencies, courts, tax authorities, financial intelligence units, or other competent authorities;
  • relevant parties in connection with a merger, acquisition, investment, restructuring, sale, or transfer of business assets.

We describe third parties by category so customers understand the types of organisations that may receive personal data. Where required by law, contract, regulator request, or customer rights request, we may provide further information.

Where required, we apply safeguards such as due diligence checks, written contracts, confidentiality obligations, data protection terms, security requirements, restricted access, incident notification obligations, sub-processor controls, and ongoing monitoring.

10. International Data Transfers

Because MelonGram provides cross-border remittance services from the United Kingdom to Nigeria, personal data may be transferred outside the United Kingdom.

For example, beneficiary and transaction details may need to be transferred to regulated payout channels in Nigeria so that the transfer can be completed. Data may also be processed by compliance, fraud prevention, technology, professional support, or public authority recipients where necessary.

Where personal data is transferred internationally, we use appropriate safeguards required by applicable law. These may include contractual protections, security controls, transfer risk assessments, data minimisation, access restrictions, encryption, and secure transmission.

We transfer only the personal data necessary for the relevant purpose.

11. Data Security

We take the security of personal data seriously and use appropriate technical and organisational measures to protect it.

These measures are designed to reduce the risk of unauthorised access, accidental loss, misuse, alteration, disclosure, or destruction of personal data. They may include encryption, secure authentication, role-based access controls, least-privilege access, audit logging, access reviews, secure credential and key management, system monitoring, backups, incident response procedures, vendor security checks, staff confidentiality obligations, staff training, segregation of duties, and controlled change management.

Access to personal data is limited to authorised personnel and approved third-party providers who need it for legitimate business, service, compliance, security, or regulatory purposes.

Although no digital service can be guaranteed to be completely secure, we maintain safeguards, monitor for risks, and take appropriate action where a security issue is identified.

12. Data Retention

We retain personal data for seven years, unless a longer retention period is required or permitted by law, regulation, court order, regulatory request, dispute, investigation, audit, fraud prevention requirement, or legitimate business need.

The seevn-year period may apply from the end of our business relationship with you, the closure of your customer profile, or the completion of the relevant transaction, depending on the type of record and legal requirement.

This retention period supports AML compliance, counter-terrorist financing compliance, sanctions compliance, fraud prevention, regulatory reporting, accounting and audit obligations, complaints handling, transaction reconciliation, legal claims, and dispute management.

When personal data is no longer needed, we securely delete, anonymise, or archive it in line with our retention procedures.

13. Your Rights

Depending on applicable law, you may have the right to access personal data we hold about you, ask us to correct inaccurate or incomplete data, ask us to delete your data in certain circumstances, restrict or object to certain processing, request data portability, object to direct marketing, withdraw consent where processing is based on consent, request human review of certain automated decisions, and complain to a data protection authority.

Your rights are not absolute. We may need to keep or continue processing certain information for AML, fraud prevention, legal, accounting, regulatory, complaints, or dispute purposes.

To exercise your data protection rights, contact us at dataprivacy@melongram.com.

For compliance-related enquiries, contact us at compliance@melongram.com.

For general support, contact us at support@melongram.com.

Where another organisation is also responsible for certain processing activities, we may direct your request to that organisation or work with them to respond, where appropriate.

14. Marketing and Cookies

We may send you marketing communications where permitted by law. You can opt out at any time by using the unsubscribe link in a marketing email, changing your preferences in the app where available, contacting customer support, or emailing dataprivacy@melongram.com.

Even if you opt out of marketing, we may still send service messages, including transaction updates, receipts, security alerts, legal notices, customer profile notices, compliance requests, and service availability messages.

Our website, app, and platform may use cookies, SDKs, pixels, analytics tools, and similar technologies to operate the service, keep sessions secure, remember preferences, detect fraud, prevent unauthorised access, measure performance, improve user experience, and support marketing where permitted.

Strictly necessary cookies are required for the service to work. Non-essential cookies are used only where permitted by law and, where required, with your consent.

15. Children, Accuracy, Fraud Prevention, and Incidents

MelonGram services are intended for adults aged 18 and above. We do not knowingly provide remittance services to children or knowingly collect children’s personal data for customer profiles.

You must provide accurate, complete, and up-to-date information. Providing false, incomplete, or misleading information may result in delayed transfers, rejected transfers, additional verification, customer profile restrictions, closure of your profile, or reports to regulators or authorities where required by law.

We may process and share personal data where necessary to prevent, detect, investigate, or report fraud, scams, money laundering, terrorist financing, sanctions breaches, identity theft, unauthorised access, misuse of the platform, suspicious transactions, or other unlawful activity.

If we become aware of a personal data breach or security incident, we will assess it promptly. Where required, we will investigate the incident, contain and remediate the issue, notify affected individuals, notify the relevant regulator, document the incident, review root causes, and improve controls where necessary.

16. Complaints and Contact

If you are unhappy with how we use your personal data, please contact us first so we can investigate and try to resolve the matter.

Data privacy: dataprivacy@melongram.com
Compliance: compliance@melongram.com
Support: support@melongram.com

MelonGram Limited

Company number: 16930867
Website: melongram.com

Registered office:

167-169B Great Portland Street
5th Floor
London
W1W 5PF
United Kingdom

You also have the right to complain to the relevant data protection authority.

In the United Kingdom, this is the Information Commissioner’s Office.

In Nigeria, this may be the Nigeria Data Protection Commission, where applicable.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal or regulatory updates, changes to our services, changes to our partners, changes to our technology, changes to our operating model, or improved transparency.

Where changes are material, we may notify you through the app, website, email, or another appropriate channel.

Start your first transfer today

Sending money across borders doesn't have to be complicated. With MelonGram, you get clear rates, fast delivery, and a platform designed for peace of mind.

Humon Illustration