Privacy Policy

This Privacy Policy explains how Securemarts Ltd. ("Securemarts", "we", "us" or "our") collects, uses, shares, and protects information when you use our website, mobile applications, and related services (the "Services").

Data Controller: Securemarts Ltd. (Registered Address: CAC/IT No.: 183640 Address: Opposite Adura Bakare Secretariat, Zaira Road - Funtua, Katsina State - Nigeria) Email: info@securemarts.com (General), support@securemarts.com (GDPR, Remedial Action, DPA, EU & US), info@securemarts.com (NDPR).

We collect the following categories of data: Account & Profile Data (name, business name, email, address, password hash, URL branch details); Customer/Vendor Data (name, phone, intermediary-level customers, payment status listings); Records (sales data, invoices, payments, expense records, vouchers, purchase orders, reports, audit logs, cost/price vouchers); Device Data (from app usage, mobile token, device diagnostics); Communications (support forum emails, WhatsApp/SMS re: notifications (via payment processors, Discourse, Mailing list, Helpdesk); Cookies (e.g., login state, preferences, usage stat plugins, stripe).

We collect the following categories of data: Account & Profile Data (name, business name, email, address, password hash, URL branch details). Customer/Vendor/Item Name, Phone, intermediary-level customers, payment status listings of sales (invoices, payments), purchase (expense records/vouchers, purchase orders), operations, audit logs and cost/price (vouchers). We also collect non-identifying info such as (login sessions) and analytical info like search logs (also from support tickets). Off-site sync data created offline on your device is stored locally and synced securely when you reconnect.

(a) Directly from you during sign-up, profile updates, support chats, or in-app forms.

(b) Automatically via cookies, SDKs, or logs when you access the Services (from both servers, PagesKPI/Mailersend, SDKs: WhatsApp and Stripe processing activities).

(c) From third parties with your prior consent / prompt engagement. We do NOT scrape emails or social profiles nor sell-user-data or trade commercial lists to others, for arbitrary sales or funding or financing. Lawful Processing: N/A. Nigeria's Nigeria Data Protection Act, 2023 (NDPA); General Data Protection Regulation (GDPR & NDPA compliance). We use the following lawful bases:

We process data to provide / operate / improve our service: account creation, authorization, invoicing, reports, communications (support forum emails, WhatsApp/SMS via third party for notifications). Interests include: Prevent / Detect fraud, Improved / Lawful detection services account operations, Legal Obligations / Legitimate Interest Compliance (Legitimate Interest: RBI, SEBI, MIFACA/FAFT, fraud detection, and fees, app-setup account services). Legitimate Interest / Legal Obligation (or Customer support ticket/or feature request) via forum-and online registration services. We do not use personal data for secondary marketing. You can withdraw this via Mailinglist or contact us at in app settings or by contact@us in link at bottom (My settings).

We do not use personal data promiscuously. We do NOT do any profiling, automated decision making or to build/train models not purely related with service improvement. We only use personal data for no more than this service, compliance & fraud protection. You can control these via our Cookie Policy (for details, see our dark one if needed).

Our Services are intended for business users. We do not knowingly process data of persons under 18 years. If you believe a minor has provided data, contact support@securemarts.com for prompt removal.

We use cookies/Caches for authentication, session continuity, analytics, and fraud protection. You can control cookies in your browser; see our Cookie Policy for details (we can dark one if needed).

We share data only as needed, under strict safeguards. Under/with encryption/payments & provision settlement (incl. Trypayment processors/Stripe/bank + Hosting/Google GCP / Vercel or AWS), Support and Documentation/WhatsApp & Discord or Slack, Analytics/Mixpanel (E.G. Churn, CRD, OTF & Service delivery)

Regulatory & Disclosure: We share disclosure/or reporting/reporting with Nigeria's Data Protection Commission (NDPC), where we are subject. GDPR & DPA or a lawful request. We do not sell-or-trade data or use names beyond our service. Standard Contractual Clauses, NIC re-groups.

We do not use sell-or-trade data or use names beyond our service (such as re-useable info with privacy protections).

Your data may be processed or stored within Nigeria. Where data leaves Nigeria, we implement adequate safeguards (e.g. Standard Contractual Clauses). If subject to NDPC or GDPR, you retain your rights. We ensure we comply with NDPC cross-border transfer guidelines.

We secure data as by using appropriate technical and organizational measures. Encryption in transit (TLS 1.2+), Encryption at rest (AES-256 or equivalent), Access control (limited for personnel / Access security system and control (Network-auth, Account/Lock-off after repeated logins), Network & infrastructure: we secure firewall and monitoring. Network-related authentication with Google & Oauth for access).

Because no technology has perfect security, be sure to safeguard your credentials. If you suspect a personal data breach that may pose a risk to you, we will notify you, and if legally obliged we'll also contact enforcement within 72 hours, consistent with NDPC and GDPR rules.

We retain data only as necessary for the purposes described, legislative/legal requirements, tax records Or to establish legal or in assistance, legal purposes. On account closure: you may retain or transfer your data, to you request, erasure, or request, delete-on-demand subject to any retention/legal basis. On account closure: you can request deletion, or we will either anonymize/purge or de-identify data unless legal basis requires a longer period.

Subject to NDPA and other applicable laws, you may: Access (or copy): Notify resource of your data + deletion copy. Rectify mistakes: correct or update inaccurate data. Erase data or withdraw consent (subject market purposes). Object meaningful purposes or processing restrict (e.g. stop marketing). We do not impose fees on rights requests. You can withdraw marketing consent via in-app settings.

OR also contact [via request our address/subject /DPA or opt-out] At First: Data related offices is stored, but stored in secure platforms or your device only. Detailed contact methods we will send automatic email updates/auto marketing. You may unsubscribe or contact +234. We encourage users with concerns prompt complaint to contact regulator or relevant jurisdiction. Zara Naira: Terumo, Kano State - Nigeria. Federal/NDPB: Nigeria Data Protection Commission. [Contact: E-post as required, Section 16-34.]. Please direct re: complaints about data handling.]

For merchants and customers (the people you do business through), you (the merchant) are responsible for having a lawful purpose/e consent for our data. In that instance, you are a data processor. We act as a platform facilitating your operations only, not promiscuously.

We send product updates, tips and offers only with your consent for all or limited marketing or by law. You can unsubscribe via links or in-app settings.

Our website/app may contain links to third-party sites. Their privacy practices are not governed by this Policy. Please read their policies before providing data.

We may update this Policy to reflect legal, technical, or business changes. We'll post updates here and, where appropriate, notify via email. Continued use signifies your acceptance.

For access, corrections, queries, DPA or complaints: