Introduction
LoyaOne Technologies Limited ("LoyaOne, "We", "Us" or "Our") is the owner and operator of LoyaOne, an application and any other software, online platform, website, mobile or tablet application or domains used to provide our services ("Platform").
LoyaOne is a loyalty rewards and referral platform that helps businesses develop reward programs to enhance customer retention ("Services").
This Privacy Notice ("Notice") governs your use of our Platform and your rights regarding our collection, use, storage, and protection of your data. Your privacy is important to us.
Your Personal data that we process
Personal data means any information about an individual from which that person can be directly or indirectly identified. While using the Platform, we may ask you to provide us with certain personal data directly to contact or identify you, and some automatically for our application to function effectively. We also collect personal data through your use of our services or from third-party sources. The personal data we obtain include:
- Your name
- Your email address
- Contact number
- Location
- The IP address used to connect your device to the internet for identification purposes
- Login email address and password
- Name of the internet service provider (ISP)
- Date and time of visit
- Web pages visited, duration and frequency of visit
- Payment information such as amount paid/received, payment methods, etc.
Cookies
Cookies are tools used to collect information from you when you visit our website automatically. We do not use any cookies on our website. Whenever we decide to use Cookies, we will provide you with a Cookies Notice.
Purpose of processing your data and the lawful basis
We collect your data to:
Purpose of Processing | Lawful Bases |
---|---|
| Legitimate Interest Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided your rights and interests do not outweigh those interests. |
| Contract If your data processing is necessary for a contract, you have with us or because we have asked you to take specific steps before entering into that contract. |
| Consent |
We may also process your data to fulfill legal requirements where needed. | Legal obligation If the processing of your data is necessary where there is a statutory obligation on us. |
To prevent fraud and crime on our platform | Legitimate Interest |
Your rights as a data subject
As a data subject, the law vests you with certain rights—they include the right to:
- Access personal data we hold about you by requesting a copy of the personal data we hold about you
- Rectify such information where you believe it to be inaccurate
- Restrict the processing of your data in certain circumstances
- Object to the processing of your data where we intend to process such data for marketing purposes
- Not to be subject to a decision solely based on automatic processing of data except as allowed under the relevant law
- Where feasible, receive all personal data you have provided to us—in a structured, commonly used, and machine-readable format—and transmit the information to another data controller
- Request the erasure of your data (also known as the right to be forgotten)
- Withdraw your consent to the processing of your personal data
- Lodge a complaint with a relevant authority, where you have reason to believe that we have violated the term(s) of this Privacy Notice. (You may complain or seek redress from us within 30 days from the time you first detected the alleged violation.)
You may seek to exercise any of the above rights at any time by sending us an email at: dpo@reeddi.com
The regulatory authority is the Nigeria Data Protection Commission and complaints can be sent via email at dpo@ndpc.gov.ng
Who we share your data with
We can share your data with the following third parties:
- The businesses/companies registered on our platform that you engage with directly or indirectly
- LoyaOne's subsidiaries and affiliated entities that provide services, including conducting data processing on our behalf, or for data verification, data centralisation and logistics purposes
- Affiliated entities that provide payment processing services on our behalf
- Google: because we use various Google APIs and services on our application/website
- Legal and Regulatory Authority – We disclose your data if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, audit, or to protect the safety of any person, to address fraud, security or technical issues
Retention of your data
Your personal data or any other information collected will be stored for as long as necessary to fulfill the purposes described in this Notice. However, we will also retain data subject to relevant provisions of applicable laws, resolve disputes, and enforce our legal agreements and policies. We delete your data for targeted marketing purposes once you unsubscribe from our marketing communications.
Please note that your data may be retained for a more extended period, notwithstanding your request to remove your data, where there is a legal requirement to do so.
How your data is stored
We protect your data using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls, and information access authorisation controls.
Where there is an actual or suspected data breach capable of causing harm to your rights and freedoms, we will notify you without undue delay and use our best effort to remedy the violation within one (1) month from the date we notify you.
International transfer of data
To achieve the purposes described in this Notice, we may transfer your data to countries that may not offer an adequate protection level or are not considered to have sufficient law by the National Information Technology Development Agency (NITDA). Where personal data is to be transferred to a country outside Nigeria, we shall put adequate measures to ensure data security.
Our data transfers to countries that do not offer an adequate protection level are subject to the conditions under the Nigeria Data Protection Act (NDPA). We will therefore only transfer Personal Data out of Nigeria on one of the following conditions:
- Your consent has been obtained
- The transfer is necessary for the performance of a contract between Us and you or the implementation of pre-contractual measures taken at your request
- The transfer is necessary to conclude a contract between Us and the third party in your interest
- The transfer is necessary for reasons of public interest
- The transfer is for the establishment, exercise or defense of legal claims
- The transfer is essential to protect your vital interests or other persons, where the Data Subject is physically or legally incapable of giving consent
To obtain any relevant information regarding any transfers of your Personal Data to third countries (including the appropriate transfer mechanisms), please contact us.
Marketing and communications
We may send direct marketing messages to your e-mail address when you have given us permission to do so. We may personalise direct marketing messages using information on how you use LoyaOne's services, such as how frequently you use the LoyaOne app and your preferences.
If you no longer wish to receive direct marketing messages, please click the "Unsubscribe" link in the footer of one of our emails, or opt-out in the profile section of the page.
Security of your data
We are very particular about preserving your privacy and protecting your data. We deploy all reasonable and appropriate technical and organisational measures to keep your data safe. However, we cannot completely guarantee the security of any information you transmit via our application as the internet is not an entirely secure place. We are committed to doing our best to protect you.
Complaints
If you are concerned about an alleged breach of privacy law or any other regulation by us, you can contact us through our customer support at hello@loyaone.com or via dpo@reeddi.com
You can also reach us at our office address at: No. 32B, Okunola Aina Street, OASIC Estate, Maryland, Lagos State
Changes to this notice
We take our responsibilities with your data seriously. LoyaOne will continue to make changes to this privacy notice as part of our commitment to protecting your privacy and affording you even more transparency.
We will notify users when we change it, and visitors will know this by checking the last date of update on this page whenever you visit.
Contact us
If you have any questions relating to this Notice, you can reach us at: hello@loyaone.com
Office Address: 32B, Okunola Aina Street, Maryland, Lagos State