Effective date: [Effective date]
SERVORAPRISE ECOSYSTEM — OVERVIEW
Summary: We collect and use personal data to provide and improve Services, to meet legal obligations (KYC/AML), to provide customer support, and for security and fraud prevention. This policy explains what we collect, why, how long we keep it, and your rights.
1. Data Controller
Servora Enterprise Limited is the data controller.
Contact: privacy@servoraprise.com
Address & phone: See company contact above.
2. NDPR & Legal Basis
We process personal data in line with the Nigeria Data Protection Regulation (NDPR).
For processing we rely on:
• Legitimate interests (service provision, fraud prevention)
• Contractual necessity (to perform a contract)
• Legal obligation (KYC/AML compliance)
• Consent (marketing, non-essential cookies)
3. Categories of Personal Data Collected
- Identity & contact: name, email, phone, postal address.
- Verification / KYC: ID numbers, government IDs, selfies for face-match, proof of address (required for Vendor Exchange, escrow, some POS operations).
- Transaction data: transaction records, payment history, invoices.
- Device & usage: IP address, device ID, browser, cookies, logs, analytics.
- Content & uploads: files you upload (for example when using Social media's links).
- Support communications: chats, emails, call records where necessary for quality.
4. How We Use Your Data
- Provide and operate Services, process transactions, deliver products.
- Verify identity & comply with KYC/AML and other laws.
- Security, fraud detection, and investigations.
- Customer support and dispute resolution.
- Marketing and updates (where you consent).
- Improve products and analytics.
5. Cookies & Similar Technologies
We use cookies and similar technologies. Essential cookies are required for core functions. Non-essential cookies require consent; you may accept or reject them via our cookie banner/CMP. See our Cookie Policy for details and granular controls. (We follow ICO/PECR/GDPR best practice for consent).
6. Sharing Data with Third Parties
We share data with service providers who perform services for us (payment processors, hosting, analytics), with law enforcement or regulators when required, and with third parties in connection with mergers or business transfers. We require vendors to protect your data.
7. International Transfers
If we transfer data outside Nigeria, we will use appropriate safeguards.
8. Retention
We keep personal data for as long as needed to provide Services, meet legal obligations (AML/CFT), resolve disputes and enforce agreements. For KYC records the minimum retention follows CBN guidance and statutory periods.
9. Security
We maintain reasonable technical and organizational measures to protect personal data. See our Security Policy and Data Breach Response Policy for more detail. In the event of a qualifying breach we will notify affected data subjects and/or NITDA as required by NDPR.
10. Your Rights
Where applicable you may: access, correct, export, restrict, or erase your personal data; withdraw consent for processing relying on consent; lodge a complaint with NITDA. Contact privacy@servoraprise.com to exercise rights. We will respond per NDPR timelines.
11. Children
Services are not directed at children under 18. We do not knowingly collect personal data of children without consent of a parent/guardian.
12. Changes to this Privacy Policy
We may update this Policy; material changes will be posted with effective date.
13. Contact / DPO
Data Protection Contact: privacy@servoraprise.com (or DPO contact if appointed). You can also lodge complaints with NITDA in Nigeria.
Key Policies