Privacy Policy

Last updated: July 17, 2026

1. Information We Collect

We collect information you provide when you create an account (name, email, password), payment information processed securely through Paystack/Stripe, content you upload (courses, events, products), usage data (pages visited, features used), and device/browser information for security purposes. We never store raw card numbers — all payment data is handled by our certified payment processors.

2. How We Use It

We use your data to: operate and improve the platform; process transactions and send receipts; communicate service updates, security alerts, and promotional offers (you can opt out at any time); detect and prevent fraud; comply with legal obligations; and provide customer support. We do not sell your personal data to third parties.

3. Data Sharing

We share data with: payment processors (Paystack, Stripe) to complete transactions; email service providers to send transactional emails; analytics providers to understand platform usage (data is anonymised); and law enforcement when legally required. All third-party processors are contractually bound to handle your data with the same level of protection we provide.

4. Cookies

We use essential cookies (required for login and security), preference cookies (to remember your settings), and analytics cookies (to understand how users interact with the platform). You can disable non-essential cookies in your browser settings. Note that disabling cookies may affect platform functionality.

5. Your Rights

You have the right to: access your personal data; correct inaccurate data; request deletion of your account and associated data; export your data in a portable format; and opt out of marketing communications. To exercise these rights, contact us at privacy@vendo.africa or use the account settings page.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where we are required to retain it for legal or financial compliance purposes (e.g. transaction records, which we keep for 7 years per Nigerian financial regulations).

7. Security

We implement industry-standard security measures including TLS encryption for data in transit, bcrypt password hashing, CSRF protection on all forms, rate limiting on authentication endpoints, and regular security audits. Despite our efforts, no internet-based service is 100% secure. Please use a strong, unique password.

8. Contact Us

For privacy-related questions, contact our Data Protection Officer at: privacy@vendo.africa. We aim to respond to all requests within 5 business days.