Privacy Policy

Last updated: 14 June 2026

1. Who We Are

Jobivo ("we", "our", "us") is a Nigerian online marketplace that connects customers with skilled professionals and artisans. Our platform is accessible at jobivo.ng. When this policy refers to "the platform" we mean our website, web app, and any related services.

We are committed to protecting your personal data in accordance with the Nigeria Data Protection Regulation 2019 (NDPR) and the Nigeria Data Protection Act 2023 (NDPA).

2. Information We Collect

2a. Information you give us

  • Account details: full name, email address, phone number, password (stored hashed)
  • Profile information: profile photo, bio, service categories, location (state/city)
  • KYC documents: government-issued ID (NIN, Driver's licence, Voter's card, or passport), selfie, BVN (optional)
  • For company accounts: CAC Certificate of Incorporation, director NIN, company details
  • Booking details: job descriptions, addresses, dates, prices, communications with the other party
  • Payment information: processed through Paystack — we do not store card numbers
  • Reviews and ratings you submit
  • Communication preferences: your chosen notification channels (WhatsApp, email, SMS)

2b. Information collected automatically

  • Log data: IP address, browser type, pages visited, timestamps
  • Device information: device type, operating system
  • Essential cookies and local storage for session management and preferences

3. Lawful Basis for Processing

Under the NDPR and NDPA, we process your personal data on the following lawful bases:

  • Contract performance: Processing necessary to provide our marketplace services, process bookings and payments
  • Legal obligation: KYC verification, fraud prevention, financial record-keeping under Nigerian law
  • Legitimate interests: Platform security, fraud detection, improving our services
  • Consent: WhatsApp and SMS notifications, optional BVN verification, marketing communications — you may withdraw consent at any time

4. How We Use Your Information

  • To create and manage your account
  • To verify your identity through KYC checks
  • To facilitate bookings between customers and professionals
  • To process payments and manage escrow transactions
  • To send booking confirmations, updates, and notifications via email and WhatsApp (where consent is given)
  • To resolve disputes between parties
  • To detect and prevent fraud, abuse, or violations of our Terms of Service
  • To improve the platform and develop new features
  • To comply with applicable Nigerian law and regulatory requirements

5. How We Share Your Information

We do not sell your personal data. We share information only in the following circumstances:

  • Between booking parties: When a booking is made, the customer and professional share their name, phone number, and job address with each other as required to complete the service.
  • Paystack: Payment data is processed by Paystack (RC 1283393), a PCI-DSS compliant Nigerian payment processor. Paystack's privacy policy applies to data they process.
  • Supabase: Our database infrastructure is hosted by Supabase Inc. (United States). Data transferred to Supabase is protected by contractual safeguards and Supabase's SOC 2 Type II certification. See Section 6 for cross-border transfer details.
  • Dojah: KYC verification (NIN, BVN, CAC) is processed by Dojah Technologies Limited, a Nigerian NIBSS-licensed identity verification provider. Documents are processed in Nigeria and not retained beyond verification.
  • Meta (WhatsApp): Where you consent to WhatsApp notifications, your phone number and message content are transmitted through Meta's WhatsApp Cloud API.
  • Legal obligations: We may disclose information if required by Nigerian law, court order, NITDA, or other government authority.
  • Safety: We may share information to protect the safety of any person.

6. Cross-Border Data Transfers

Some of our service providers are located outside Nigeria. Specifically, Supabase Inc. processes and stores data on servers in the United States. We ensure adequate protection for such transfers through:

  • Data processing agreements with each sub-processor
  • Selecting providers with recognised security certifications (SOC 2, ISO 27001)
  • Limiting data shared to what is strictly necessary for service delivery

Sensitive biometric and identity data (NIN, BVN, selfies) is processed exclusively by Dojah Technologies Limited within Nigeria and is not transferred abroad.

7. Data Retention

We retain account data for as long as your account is active. After account deletion, we retain transaction records for seven (7) years to comply with financial record-keeping requirements under Nigerian law. KYC documents are deleted within 90 days of account closure unless retention is required by law. Communication preference records are deleted with your account.

8. Your Rights Under the NDPR / NDPA

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and personal data (subject to legal retention obligations)
  • Portability: Request your data in a structured, machine-readable format
  • Withdraw consent: Withdraw consent for optional processing (e.g. WhatsApp notifications, BVN) at any time via Settings
  • Object: Object to processing of your data for purposes beyond contract performance
  • Complaint: Lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng

To exercise any of these rights, contact our Data Protection Officer at privacy@jobivo.ng. We will respond within 30 days.

9. Nigeria Data Protection Regulation (NDPR) Compliance

Jobivo is committed to full compliance with the Nigeria Data Protection Regulation 2019 (NDPR) issued by the National Information Technology Development Agency (NITDA) and the Nigeria Data Protection Act 2023 (NDPA).

  • We have appointed a Data Protection Officer (DPO) responsible for overseeing data protection compliance
  • We conduct periodic data protection impact assessments for high-risk processing activities
  • We maintain a record of our data processing activities as required by law
  • We file annual data protection compliance audits with the NDPC as required
  • We implement privacy by design and by default in our platform development

10. Security

We use industry-standard security measures including HTTPS/TLS encryption in transit, encrypted database storage at rest, role-based access controls, and regular security reviews. Payment data is handled exclusively by Paystack under PCI-DSS standards — we do not store card details. No system is completely secure; we encourage you to use a strong password and to log out on shared devices.

11. Cookies

We use essential cookies only — for authentication sessions and user preferences. We do not use third-party advertising cookies or tracking pixels. You can manage cookie preferences via the banner shown on your first visit. Disabling essential cookies will prevent you from signing in to the platform.

12. Children

Jobivo is not intended for anyone under the age of 18. We do not knowingly collect data from minors. If you believe a minor has registered, please contact us immediately at privacy@jobivo.ng.

13. Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top and notify registered users by email for material changes. Continued use of the platform after changes constitutes acceptance of the revised policy.

14. Contact & Data Protection Officer

For privacy-related questions or to exercise your data rights, contact our Data Protection Officer: