Privacy Policy

This Privacy Policy explains how AgboFinder Wellness Services Limited (RC [RC-NUMBER]) — the operator of AgboFinder (“we”, “us”, “our”) — collects, uses, shares, and protects your personal data when you use the Service. We are the data controller for that data.

We are committed to handling your data responsibly and in accordance with the Nigeria Data Protection Act 2023 (NDPA) and, for users in the European Union and United Kingdom, the EU General Data Protection Regulation (GDPR) and UK GDPR. If you do not agree with this policy, please do not use the Service.

We collect the following categories of personal data:

• Account & profile — name, email, phone number, password (hashed), roles, language, avatar, and profile details.
• Verification (KYC) — for vendors and practitioners: business details, NAFDAC/CAC registrations, government ID, selfies, certificates, and bank details for payouts.
• Health-related inputs — symptoms you search, remedies you save, wellness journals, and similar entries. This may constitute sensitive (special-category) data about your health.
• Transactions — orders, deliveries, amounts (processed in kobo), and limited payment-related metadata handled by our payment processor.
• Content — recipes, reviews, questions, answers, and edit suggestions you submit.
• Device & usage — IP address, device/browser type, pages viewed, and interactions, collected partly through cookies and similar technologies.
• Communications — messages you send us, including via the Contact page and support.

We use personal data to:

• provide, operate, secure, and improve the Service (performance of a contract and our legitimate interests);
• verify vendors and practitioners and prevent fraud (legal obligation and legitimate interests);
• process orders, payments, and payouts (performance of a contract);
• personalize content and surface relevant safety information (consent / legitimate interests);
• communicate with you, including service and (where permitted) marketing messages (consent / legitimate interests);
• comply with law and enforce our terms (legal obligation / legitimate interests).

We use cookies and similar technologies to run the Service, remember your preferences, and (with your consent) measure usage. You control non-essential cookies through our consent tool and your browser. For full details, see our Cookie Policy.

We do not sell your personal data. We share it only as needed:

• Vendors — order and delivery details required to fulfil your purchases;
• Service providers — hosting, media storage (e.g. Cloudinary), analytics (with consent), payment processing, and communications, under contracts that protect your data;
• Legal & safety — authorities or third parties where required by law or to protect rights, safety, and the integrity of the Service;
• Business transfers — in connection with a merger, acquisition, or reorganization, subject to this policy.

We are based in Nigeria. Some of our service providers may process data outside your country, including outside Nigeria or the EU/UK. Where we transfer personal data internationally, we use appropriate safeguards (such as adequacy decisions or standard contractual clauses) consistent with the Nigeria Data Protection Act 2023 (NDPA) and the EU General Data Protection Regulation (GDPR) and UK GDPR.

We keep personal data only as long as necessary for the purposes described in this policy, including to provide the Service, meet legal, tax, and accounting obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we delete or anonymize it.

We use technical and organizational measures to protect your data, including encryption in transit, access controls, and storage of authentication tokens in secure, httpOnly cookies rather than in the browser. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Subject to applicable law, you have the right to access, correct, delete, restrict, or object to the processing of your personal data, to data portability, and to withdraw consent at any time (without affecting prior processing). EU/UK users have these rights under the EU General Data Protection Regulation (GDPR) and UK GDPR; Nigerian users have equivalent rights under the Nigeria Data Protection Act 2023 (NDPA).

To exercise your rights, contact our Data Protection contact at dpo@agbofinder.com. We may need to verify your identity. We aim to respond within the timeframes required by law.

The Service is intended for users aged 18 and over. We do not knowingly collect personal data from children. If you believe a child has provided us data, contact privacy@agbofinder.com and we will take appropriate steps to delete it.

We do not make decisions that produce legal or similarly significant effects about you based solely on automated processing. Where we use automated tools (for example to surface safety warnings or rank content), they support — but do not replace — human oversight for significant decisions.

We may update this Privacy Policy from time to time. We will update the “Last updated” date and, for material changes, provide additional notice where appropriate. Please review it periodically.

For privacy questions or to exercise your rights, contact privacy@agbofinder.com (or our Data Protection contact at dpo@agbofinder.com), or write to AgboFinder Wellness Services Limited, Yaba, Lagos, Nigeria.

If you are not satisfied, you may lodge a complaint with the Nigeria Data Protection Commission (NDPC). EU/UK users may also complain to their local data-protection supervisory authority.