Privacy Notice.

1. Introduction

Zuvy (“We” or “Us”) is a tech solution platform that provides invoicing services to clients where clients can create and send invoices of amounts due to their customers. Customers can either pay the amount due immediately or select to pay at a later date. For Customers who have opted to pay at a later date, the platform also provides for loan service to them to settle the money due to the clients. This Privacy Notice (“Notice”) guides your use of our Website: https://zuvy.co/ (“the Website”) and your rights regarding our collection, use, storage and protection of your personal data when you visit, access, browse through and/or use our Website. Your privacy is important to us.

2. Your personal data that we process

Personal data means any information about an individual from which that person can be directly or indirectly identified. We do not consider personal data to include information that has been made anonymous such that it does not identify a specific user.

In connection with our services, we collect personal and financial information from you while you use our products, services, and websites when you create an account or sign into our Website. We may ask you to provide us with certain personal data directly to contact or identify you, and some automatically for our Website to function effectively. We also collect personal data when you participate in discussion boards, answer specific questions on our website, provide us with feedback, participate in surveys, and when you report a problem) and from third-party sources.

The personal data we obtain are:

• Your name;
• Your email address;
• Contact number;
• Your home address;
• Your Business name
• Company Location;
• Company’s official email
• Your work email address;
• Your Contact number;
• Your passport photograph;
• Financial information (including, but not limited to, Bank Verification Number (BVN), credit history, card details etc.);
• Your Login email address and password;
• The domain name of the Internet service provider (ISP);
• The Internet protocol address used to connect your device to the Internet;
• Data that we obtain from other sources;
• Additional personal data may be gotten from third-party applications and other identification/verification services. (For example, from your financial institution, our background screening providers, a Credit Bureau, or law enforcement agencies, etc.)

3. Cookies

Cookies are tools used to collect information from you when you automatically visit our website. We use cookies to improve user experience on our Website, and information about the usage is specified in our Cookie Notice.

4. Lawful Bases for processing data

We are required to process your data under at least one of these lawful bases:

1. Legitimate interest: Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided your rights and interests do not outweigh those interests.
2. Consent: You have given explicit consent for us to process your data for a specific purpose.
3. Contract: If your data processing is necessary for a contract you have with us or because we have asked you to take specific steps before entering into that contract.
4. Legal obligation: If the processing of your data is necessary where there is a statutory obligation on us.

5. Purpose of processing your data and the lawful basis

We collect your data to:

guard against potential fraud and money laundering. enhance data security. identify your device when you access your account Send you informative updates on money and finance run a credit check on you to determine your credit-worthiness.	Legitimate interest, Contract
process statistical data to improve our business. enable us to send targeted advertisements to you.	Legitimate interest
enable us to send targeted advertisements to you (if you are a new customer). access your device. subscribe to our newsletter.	Consent
enable us to send targeted advertisements to you (if you are a new customer). access your device. subscribe to our newsletter.	Consent
to enable you to carry out transactions. communicate with you. provide our services. notify you of any changes to our service, solving issues via live chat support, phone or email, including any bug fixing. enable registered users to log in to our mobile App.	Contract
fulfil our Know Your Customer (KYC) obligation. fulfil legal requirements where the processing of your data is necessary for the fulfilment of our statutory obligation.	Legal Obligation
guard against potential fraud and money laundering. enhance data security. identify your device when you access your account. Teach you about money and finance run a credit check on you to determine your credit-worthiness.	Legitimate interest, Contract
process statistical data to improve our business. enable us to send targeted advertisements to you.	Legitimate interest
enable us to send targeted advertisements to you (if you are a new customer). access your device. subscribe to our newsletter.	Consent

Your rights as a data subject

As a data subject, the law vests you with certain rights. They include the right to:

1. access personal data we hold about you by requesting a copy of the personal data we hold about you;
2. rectify such information where you believe it to be inaccurate;
3. restrict the processing of your data in certain circumstances;
4. object to the processing of your data where we intend to process such data for marketing purposes;
5. where feasible, receive all personal data you have provided to us—in a structured, commonly used, and machine-readable format—and to transmit the information to another data controller;
6. request the erasure of your data (also known as the right to be forgotten);
7. withdraw your consent to the processing of your personal data; and
8. lodge a complaint with a relevant authority where you have reason to believe that we have violated the term(s) of this Privacy Notice. (You may complain or seek redress from us within 30 days from the time you first detected the alleged violation.).
You may seek to exercise any of the above rights at any time by sending us an email via hello@zuvy.co. The supervisory authority is the Nigeria Data Protection Bureau (NDPB), and the complaint can be sent via email at info@ndpb.gov.ng

Who we share your data with

We may share your data with the following third parties:

• Google: We use various Google APIs and services on our Website. Read Google’s privacy notice here.
• Financial institutions that we partner with to create and offer a product jointly may only use this information to market our related products unless the customer has given consent for other uses.
• Credit bureaus and collection agencies to report account information, as permitted by law.
• Banking partners as required by credit/debit card association rules for inclusion on their list of terminated merchants.
• Current and future Zuvy subsidiaries and affiliated entities that provide services, including payment processing services or conduct data processing on our behalf, or for data verification, data centralisation and/or logistics purposes
• Law enforcement, government officials, or other third parties - We may disclose your data pursuant to a subpoena, court order,when we need to do so to comply with law or credit/debit card rules; or when we believe, in our sole discretion, that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our User Agreement.
• Legal/Regulatory Authority – We may disclose your data if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, audit, or to protect the safety of any person, to address fraud, security or technical issues

Note that if you wish to prevent your device’s operating system from sharing your Personal Data with Zuvy or with the third parties mentioned for profiling purposes, you can do so by setting up your device appropriately – namely, by changing the privacy settings on your device to disable/restrict any advertising tracking features. Please see the following links for more information on this:

• iOS Devices: Here
• Android Devices: Here

8. Retention of your data

Your personal data or any other information collected will be stored for as long as necessary to fulfil the purposes described in this Notice. However, we will also retain data subject to relevant provisions of applicable laws, resolve disputes, and enforce our legal agreements and policies. We delete your data for targeted marketing purposes once you unsubscribe from our marketing communications. Please note that your data may be retained for a more extended period, notwithstanding your request to remove your data, where there is a legal requirement to do so.

9. How your data is stored

We store and process your data. We protect your data using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls, and information access authorisation controls. Where there is an actual or suspected data breach capable of causing harm to your rights and freedoms, we will notify you without undue delay and use our best effort to remedy the violation within one (1) month from the date we notify you.

10. International transfer of data

To achieve the purposes described in this Notice, we may transfer your data to countries that may not offer an adequate protection level or not considered to have sufficient law by the National Information Technology Development Agency (NITDA). Where personal data is to be transferred to a country outside Nigeria, we shall put adequate measures to ensure data security.

Our data transfers to the countries that do not offer an adequate protection level are subject to the conditions under the Nigeria Data Protection Regulation (NDPR). We will therefore only transfer Personal Data out of Nigeria on one of the following conditions:

• Your consent has been obtained;
• The transfer is necessary for the performance of a contract between Us and you or implementation of pre-contractual measures taken at your request;
• The transfer is necessary to conclude a contract between Us and the third party in your interest;
• The transfer is necessary for the reason of public interest;
• The transfer is for the establishment, exercise or defence of legal claims;
• The transfer is essential to protect your vital interests or other persons, where the Data Subject is physically or legally incapable of giving consent.
To obtain any relevant information regarding any transfers of your Personal Data to third countries (including the appropriate transfer mechanisms), please contact us.

11. Marketing and communications

We only send marketing communications to you with your consent. You may choose to opt out of our marketing emails by clicking on the ‘unsubscribe’ button at the bottom of the page.

12. Security of your data

We are very particular about preserving your privacy and protecting your data. We deploy all reasonable and appropriate technical and organisational measures to keep your data safe. However, we cannot completely guarantee the security of any information you transmit via our Website, as the internet is not an entirely secure place. We are committed to doing our best to protect you.

13. Complaints

If you are concerned about an alleged breach of data protection law or any other regulation by us, you can contact the Data Protection Officer (DPO) via hello@zuvy.co. The DPO will investigate your complaint and provide information about how your complaint is handled. Please be informed that you may complain to the relevant data protection authority where your complaints are not satisfactorily addressed.

14. Changes to this notice

We update our privacy notice from time to time. We will notify our users when we change it, and visitors will know this by checking the last date of update on this page whenever you visit.

15. Contact Us

If you have any questions relating to this Notice, your rights under this Notice, or are not satisfied about how we manage your personal data, kindly reach our Data Protection Officer at hello@zuvy.co.