π Privacy Policy
We are committed to protecting your personal data in line with NDPR and GDPR-aligned principles. Here's exactly what we collect and why.
π Our Commitment: We are committed to protecting your privacy. We never sell your personal data to third parties. This policy explains exactly what we collect, why, and your rights.
We collect the minimum data necessary to provide our services. Here is a breakdown:
| Data Type | Examples | Source |
|---|---|---|
| Account data | Name, email, encrypted password | Registration form |
| Profile data | Photo, bio, location, WhatsApp number | Profile settings |
| Order data | Products ordered, payment confirmations | Your orders |
| Referral data | Referral codes and relationships | Referral system |
| Usage data | Pages visited, features used, session duration | Automated collection |
| Technical data | IP address, browser type, device info | Automated collection |
We do not intentionally collect data from users under 16 years of age.
We use your data for the following purposes:
- To create and manage your account
- To process your orders and deliver products
- To manage and track JT Coins rewards
- To send important service notifications (order updates, security alerts)
- To prevent fraud and enforce our Terms of Service
- To improve the platform and your experience
- To respond to your support requests
- To comply with Nigerian legal obligations
We will never use your data for unsolicited marketing without your consent.
We do not sell your data. We only share data with the following trusted service providers as necessary to operate the platform:
- Google Firebase β Authentication and database storage (encrypted)
- Cloudflare Pages β Secure hosting and CDN
- Google Analytics β Anonymous usage statistics only
- Nigerian authorities β Only when required by law
All third-party service providers are contractually bound to handle your data with the same level of protection we apply.
Under NDPR and GDPR-aligned principles, you have the following rights:
To exercise any of these rights, email techjoro@gmail.com with your request. We will respond within 30 days.
We implement industry-standard security measures to protect your data:
- SSL/TLS encryption for all data in transit (HTTPS)
- BCrypt password hashing β passwords are never stored in plain text
- Secure Google Firebase authentication infrastructure
- Rate limiting to protect against brute-force attacks
- Regular security reviews and updates
In the event of a data breach that may affect your rights, we will notify you and the relevant authorities within 72 hours as required by law.
We retain your data for the following periods:
- Account data: Anonymised within 30 days of account deletion
- Order history: Retained for 7 years for tax and legal compliance
- Usage logs: Deleted after 90 days
- Support communications: Retained for 2 years
If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us: