Loading…
Yandaz Nigeria - Master Privacy & Data Policy

Privacy Policy

Official Data Governance Framework | Federal Republic of Nigeria | Issued March 2026
This Master Privacy Policy outlines the rigorous standards maintained by Yandaz Nigeria Limited ("Yandaz," "the Platform," "we," "us," or "our") in the management of user data. Operating within the digital economy of Nigeria, we prioritize the protection of your "Sensitive Personal Data" in accordance with the Nigeria Data Protection Act (NDPA), 2023. By utilizing yandaz.com.ng, you authorize the processing of your data as detailed in this legal framework.

Strategic Policy Roadmap

1. The Data Controller

Yandaz Nigeria Limited acts as the primary Data Controller for all information processed via our mobile and web applications. We are fully registered with the Nigeria Data Protection Commission (NDPC) as a Data Controller of Major Importance. Our data operations are overseen by a dedicated Data Protection Officer (DPO) based in Lagos, ensuring local accountability for every byte of information we hold.

2. Data Taxonomy (What We Collect)

Our collection protocols are tiered to ensure we only hold what is necessary for the security and efficiency of the Nigerian marketplace.

2.1 Personal Identifiers

KYC & Identity: To combat marketplace fraud, we collect your full legal name, a verified Nigerian phone number, and email. For "Pro" sellers, we require National Identification Number (NIN) verification or CAC (Corporate Affairs Commission) registration details to ensure business legitimacy.

2.2 Digital Footprint

  • Geospatial Data: We collect precise GPS coordinates (with permission) or IP-based location data to show you relevant listings in your specific state (e.g., Lagos, Abuja, Port Harcourt).
  • Hardware Telemetry: We record device identifiers (IMEI/UUID), browser fingerprints, and network signal strength to detect "Bot" activity and account takeovers.
  • Communication Logs: We store transcripts of messages sent through our in-app chat to protect users from "advance fee fraud" (419) and other malicious activities.

3. Nigerian Data Sovereignty

In line with the NDPA 2023, Yandaz prioritizes the storage of sensitive data within Nigerian territory where feasible. Where data is transferred across borders (e.g., for global cloud redundancy), we ensure the destination country has "Adequate Data Protection Laws" or that we have implemented Standard Contractual Clauses (SCCs) to maintain a Nigerian level of security.

4. Algorithmic Processing & AI Safety

We leverage Machine Learning and Artificial Intelligence to keep the platform safe for the Nigerian public:

Anti-Fraud Shield Automated Verification: Our systems use AI-driven facial recognition to match "Selfie" uploads against Government IDs. This process is strictly for identity verification and prevents "Identity Theft" within the community.

Content Moderation: Every ad posted undergoes an automated scan for prohibited items (firearms, illicit substances, or stolen property). If an ad is rejected by the AI, you have the right to request a Human Review by our Nigerian moderation team.

5. Data Security & Integrity

Yandaz employs "Defense-in-Depth" strategies. All data is encrypted at rest using AES-256 and in transit via TLS 1.3. We conduct quarterly vulnerability assessments and penetration testing to ensure our defenses against cyber threats remain impenetrable.

Under Section 25 of the NDPA, we process data based on:

  • Consent: Explicitly given by you for marketing and non-essential cookies.
  • Contractual Obligation: Necessary data to provide the Yandaz marketplace service.
  • Legal Compliance: Data required by Nigerian law enforcement or tax authorities.
  • Public Interest: To maintain the safety and integrity of the Nigerian digital ecosystem.

7. Third-Party Data Custodians

We only share data with vetted partners who adhere to the Yandaz Security Protocol:

  • Infrastructure: Google Cloud Platform (GCP) and Amazon Web Services (AWS) for secure hosting.
  • FinTech: Paystack, Moniepoint, and OPay for processing secure Nigerian transactions.
  • ID Verification: NIMC-certified partners for verifying National Identity Numbers.

8. Your Statutory Rights

As a Nigerian data subject, you hold the following absolute rights:

  1. The Right to Portability: Request a digital copy of your data in a structured format.
  2. The Right to Rectification: Demand the immediate correction of inaccurate profile information.
  3. The Right to Erasure: "The Right to be Forgotten"—requesting the permanent deletion of your data from our servers.
  4. The Right to Withdraw Consent: Revoking permissions for marketing at any time.

9. Data Lifespan & Retention

Data is retained only as long as your account remains active. If an account is dormant for 24 months, we initiate an automated "Data Archival" process. Note: We retain "One-Way Hashed" identifiers of banned users to prevent repeat offenders from re-registering.

Copyright 2026 © Created By Yandaz.com All Rights Reserved.

Top