top of page

Privacy Policy

Effective date: Monday, October 13, 2025.

Data Collection

Information We Collect.


We collect both personal and non-personal information from users of the Platform, including but not limited to:

  1. Personal Identifiable Information (PII): Name, email address, phone number, billing information, and payment details.

  2. Technical Information: Browser type, device identifiers, operating system, IP address, and usage analytics gathered through cookies and tracking tools.

  3. Transactional Information: Order history, subscriptions, and records of purchases or consultations.


How Information Is Collected.


Information is obtained through:

  1. Website contact forms, checkout pages, and scheduling systems (e.g., Calendly).

  2. Third-party payment processors (e.g., Stripe, Paystack, Flutterwave, or similar).

  3. Analytics platforms such as Google Analytics and cookie-based tracking technologies.

  4. Google Forms and direct email correspondence used for order fulfillment and client onboarding.


Purpose of Data Collection.


We process data for the following legitimate business purposes:

  1. To fulfill orders, deliver purchased services, and maintain customer accounts.

  2. To communicate with clients regarding bookings, updates, or support requests.

  3. To manage payments and prevent fraud.

  4. To improve website performance, marketing effectiveness, and user experience.

  5. To comply with legal, tax, and regulatory obligations.


Legal Basis for Processing.

Data is processed under the lawful bases of contract performance, legitimate interest, and user consent as applicable under the Nigeria Data Protection Regulation (NDPR), General Data Protection Regulation (GDPR), or other relevant privacy laws.



Data Retention.

Personal information is retained only for as long as necessary to fulfill the purposes outlined in this policy or as required by law, after which it will be securely deleted or anonymized.



Data Sharing and Third Parties.

We may share limited data with trusted third parties who assist in payment processing, scheduling, analytics, marketing, and data storage. All third-party processors are contractually bound to comply with data-protection standards equivalent to this policy.



Cookies.

Cookies are small text files stored on your device when you visit a website. They help recognize your browser or device, remember preferences, and improve user experience. Cookies can be session cookies (deleted when you close your browser) or persistent cookies (remain until manually deleted or expired). By using the Platform, you consent to the use of cookies. You may disable cookies through your browser settings, though some functions may become unavailable.



Data Security.

We implement reasonable administrative, technical, and physical safeguards to protect user data. However, no method of transmission or storage is completely secure; therefore, we cannot guarantee absolute security.



User Rights.

Users have the right to access, correct, update, or request deletion of their personal data. Requests may be made via support@smepantry.com.
Users in jurisdictions with specific privacy rights (e.g., the EU or California) may also request data portability or restriction of processing.

Sensitive Data, KYC and AML Compliance

Collection of Sensitive Information.
 

In addition to the personal and technical data described above, we collect and process sensitive information strictly for regulatory, compliance, and identity-verification purposes. This may include:

  • Bank Verification Numbers (BVN), national ID numbers, international passport numbers, or other government-issued identifiers.

  • Business registration documents, shareholder details, and company incorporation records.

  • Banking information and proof of address required for Know-Your-Customer (“KYC”) and Anti-Money-Laundering (“AML”) procedures.


Purpose of Collection.

Sensitive data is collected exclusively to:

  1. Verify client identity and conduct due-diligence screening in compliance with applicable financial regulations.

  2. Facilitate banking, tax, or regulatory filings necessary to deliver services such as company formation or global compliance management.

  3. Prevent fraud, financial crimes, or misuse of our services.


Data Handling and Confidentiality.


All sensitive data is handled with the highest degree of confidentiality and is stored in encrypted form on secure servers or cloud environments. Access is limited only to authorized personnel with a legitimate business need.



Data Sharing.


We DO NOT sell, rent, or share client data with any third parties for marketing, advertising, or unrelated commercial purposes. Data may only be disclosed:

  • To regulatory authorities or financial institutions where legally required.

  • To verified partners or service providers directly involved in fulfilling the contracted service (e.g., international company registrars, IP offices, or banks), under strict confidentiality obligations.

  • When compelled by court order or law enforcement, in accordance with due process.


Client Consent and Revocation.


By engaging our services, clients expressly consent to the collection and processing of their information for compliance and verification purposes.

Clients may withdraw consent where continued processing is not legally required by submitting a written request to legal@smepantry.com.

Data Retention, Deletion, and International Transfer

Data Retention.


We retain client and user data only for as long as is necessary to fulfill the purposes for which it was collected, including to:

  1. Deliver contracted services and maintain client accounts.

  2. Comply with applicable laws, regulations, and professional obligations (including AML and tax-record-keeping requirements).

  3. Resolve disputes, enforce agreements, and maintain accurate business and compliance records.

Retention periods vary depending on data type, but sensitive financial and KYC records are typically retained for five (5) to seven (7) years from the date of collection or the termination of the client relationship, whichever is later, unless a longer period is required by law.



Data Deletion and Anonymization.

Upon expiration of the retention period or receipt of a verified deletion request, personal and sensitive data will be:

  1. Securely deleted, anonymized, or aggregated to prevent identification of individual clients.

  2. Removed from active systems and backup environments.

Requests for data deletion may be submitted in writing to support@smepantry.com, and will be processed within 30 business days, subject to any legal obligations requiring continued retention.



Archival of Transactional Records.

For compliance and audit purposes, financial and regulatory documentation (e.g., invoices, filings, or proof of payment) may be archived in encrypted form even after service completion, solely for statutory or legal-defense reasons. Access is restricted to authorized compliance officers.



Cross-Border Data Transfer.

Given the global nature of our operations, client information may be stored or processed in multiple jurisdictions, including locations outside the Client’s country of residence.

When transferring data internationally, we ensure that:

  1. Adequate safeguards (such as Standard Contractual Clauses, data-processing agreements, or equivalent adequacy mechanisms) are implemented.

  2. All third-party processors or partners receiving such data maintain privacy and security standards consistent with this Policy and applicable law.

By using our Services, the Client consents to such transfers and acknowledges that data may be processed by personnel or systems located in other countries.



Data Portability.

Upon written request, and subject to applicable laws, we will provide clients with a copy of their personal data in a commonly used, machine-readable format for transfer to another service provider.

We may charge a reasonable administrative fee for repeated or excessive requests.



Suspension or Refusal of Requests.

The Company reserves the right to deny or delay deletion or transfer requests where doing so would:

  1. Contravene legal or regulatory obligations,

  2. Impede ongoing investigations, or

  3. Jeopardize the rights or freedoms of others.

Modifications and Effective Date

Modifications to Terms.

The Company reserves the right to amend or update these Terms, including the Privacy and Refund Policies, at any time and at its sole discretion. Updates will be posted on the Platform with the revised “Effective Date.” Continued use of the Platform or Services after such changes constitutes acceptance of the revised Terms.



Severability.

If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.



Entire Agreement.

These Terms constitute the entire agreement between the parties regarding the subject matter herein and supersede all prior or contemporaneous communications, proposals, or representations, whether oral or written.



No Waiver.

Failure by the Company to enforce any right or provision of these Terms shall not constitute a waiver of such right or provision.



Contact Information.

For questions, complaints, or legal notices, please contact:

SME Pantry Ltd

Attn: Legal & Compliance Department
Email: legal@smepantry.com



Effective Date.

These Terms of Service, Privacy Policy, and Refund Policy were last updated and are effective as of Monday, 13 October 2025.

bottom of page