At Ricki, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data.By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and share your information as described in this Privacy Policy.

INFORMATION WE COLLECT/ HOW WE ACCESS YOUR INFORMATION

At the time we ask for your personal information, we will make clear the personal information we are requesting from you as well as the reasons for doing so.

Your full name, a username, your email address, and your phone number must be provided in order to register on the site.

If you get in touch with us directly, we might learn more about you, including your name, email address, phone number, the message and/or attachments you send us, and any other details you decide to us.

You will need to enter your bank account information, including the bank name, account name, and account number, in order for payments to be processed.

You also need to upload a image of a giftcard carry out any transaction on our app/ website. (Note that all your images are hosted on http://res.cloudinary.com)

HOW WE USE YOUR INFORMATION

We make use of the data we gather in a variety of ways, including:

a) Develop new products, services, features, and functionality

b) Facilitate transaction efficiently

c) Expand, personalise, and improve our website

d) Recognize and analyse how you use our website

e) Communicate with you, either directly or via one of our partners, for a variety of reasons, such as customer support, to give you website updates and other information, and for marketing and promotional purposes.

g) Emails to you

h) Track down and stop fraudulent activity

WILL YOUR INFORMATION BE SHARED WITH ANYONE? 

We only disclose information with your permission, as required by law, to deliver services to you, safeguard your rights, or carry out contractual duties.

We might need to share your personal information with other Third-Party Service Providers or process your data.

Examples may include email delivery, hosting services, payment processing, data analysis, customer support, and marketing initiatives. We do not disclose, sell, rent, or exchange any of your information with other parties for their marketing needs unless specifically stated in this policy.

WHO WILL YOUR INFORMATION BE SHARED WITH?

Cloudinary

To ensure our mobile app and website has optimized retrieval speed, design and display of graphics on various end devices, we use Cloudinary service, it is a content delivery network (CDN). Cloudinary ltd operates the service the company is located 3400 Central Expressway, Suite 110, Santa Clara, CA 95051, USA.

For Clarity and Simplicity, all images Users upload on our website and mobile app is being uploaded to and hosted on https//res.cloudinary.com

For information on user data protection by cloudinary visit https://cloudinary.com/privacy

HOW LONG WILL WE RETAIN YOUR INFORMANTION?

We will only keep your personal information for as long as it is reasonably necessary to:

a) provide our services to you;

b) archive information to identify and look into fraudulent transactions;

c) fulfil our legal obligations under financial or anti-money laundering laws;

d) satisfy any tax, accounting, or reporting requirements; and

e) If we reasonably believe that there is a chance of litigation over our relationship with you

In a nutshell: Unless otherwise required by law, we retain your information for as long as required to achieve the goals specified in this privacy statement.

Your personal information will only be kept by us for as long as it is required to fulfil the goals outlined in this privacy statement. No requirement in this policy calls for us to keep your personal data for a longer period than the time a user has an account with us. If we no longer need to process your personal data for any legitimate business purpose, we will either delete it or, if that is not possible, we will make it anonymous (for example, because your personal information has been stored in backup archives),

SECURE DATA HANDLING PROCEDURE

In a nutshell, we work to safeguard your personal data using a system of administrative and technical security controls.

To ensure the protection of any personal information we process, we have put in place the necessary organisational and technical security measures. Please keep in mind, however, that we are unable to ensure that the internet is completely secure. Although we will do our best to protect your personal information, you bear all risks associated with sending personal information to or from our Services. You should only use secure environments to access the services.

THE CCPA'S PRIVACY RIGHTS (DO NOT SELL MY PERSONAL INFORMATION)

Consumers have the following rights under the CCPA, among others: Request that businesses who collect their personal data disclose the categories and particular categories of personal data about their customers that they have gathered.

Demand that whatever personal information a company possesses about a customer be deleted.

Ensure that a company selling customer data does not sell the customer's data again.

We have one month to react to any requests you might make. Contact us if you want to make use of any of these rights.

Data

Personal data or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may store and process all or part of your personal data in Nigeria and elsewhere in the world where our facilities or our service providers are located.

Further details are provided below.

Identity Data

Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, gender, signature, billing address, delivery address, email address, BVN etc.

We may collect, use, process, store and transfer your Identity Data in order to provide our Services, comply with applicable laws and regulatory requirements, detect and prevent fraud, protect our vital interests and that of others, provide Service communications, provide customer service, maintain data and information security, facilitate corporate reorganisations, implement direct marketing campaigns

Transaction Data

Transaction Data includes details about payments to and from you and other details of Services you have received from us.

We may collect, use, process, store and transfer your Transaction Data in order to provide our Services, comply with applicable laws and regulatory requirements, detect and prevent fraud, protect our vital interests and that of others, provide customer service, ensure quality control, maintain data and information security, research and development purposes, enhance customer experience and implement direct marketing campaigns.

Technical Data

Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, browser fingerprint, authentication data, security questions, click-stream data, public social networking posts, and other data collected via cookies and similar technologies.

We may collect, use, process, store and transfer your Technical Data in order to provide our Services, comply with applicable laws and regulatory requirements, detect and prevent fraud, research and development purposes, enhance customer experience and implement third party marketing campaigns.

Anonymised and Aggregated Data

We also collect, use and share Aggregated Data such as statistical or demographic data for the purpose of analyzing web traffic and functionality of our website. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Transaction Data and Technical Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

Disclosure Of Your Personal Data

We may share your personal data with certain third-party which we deem necessary in order to provide our Services effectively or comply with applicable laws and regulatory requirements.

Our engagement terms with these third parties shall require them to only use your information in connection with the services they perform for us and prohibit them from selling your information to anyone else. Such engagements shall also be subject to professional duty of confidentiality where applicable.

Further information are set out below –

a) Third party identity verification service providers – In order to detect and prevent fraudulent transactions and comply with applicable laws and regulatory requirements, we may share your personal data with third party identity verification service providers who shall verify your identity against available public records and other third-party databases.

b) Banks and other financial institution partners – In order to process payments and withdrawals and comply with applicable laws and regulatory requirements we may share your personal data with banks and financial institutions.

c) Service providers – We may share your personal data with service providers that we engage their services to execute different business functions. Examples of these service providers include – cloud storages, network infrastructure providers, marketing, data analytics etc.

d) Professional advisors – We may share your personal data with professional advisors in order to avail ourselves with technical, financial or legal consulting services or in compliance with our legal obligations.

e) Companies or other entities during corporate reorganisations – If a change in our corporate structure occurs as a result of the sale, transfer or merger of parts of our business or our assets or that of another entity by us, then the new corporate entity may use your personal data in the same way as set out in this privacy policy. You will receive prior notice of any change in applicable policies.

f) Law enforcement agents and officials – We may share your personal data where we are bound by law or any legal procedure to share same or when we believe in good faith that the disclosure of your personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of our Terms of Services or any other applicable policies.

Use Of Cookies And Similar Technologies

When you access our websites or use our Services, we may place small data files on your computer or other device. These data files may be cookies, pixel tags, "Flash cookies," or other local storage provided by your browser or associated applications (collectively referred to as "Cookies"). These technologies are used to – a) recognise Users as customers;

b) customise the Service, content, and advertising; measure promotional effectiveness;

c) help ensure that account security is not compromised;

d) mitigate risk and prevent fraud; and

e) promote trust and safety across the Service and related sites.

Users can freely decline our Cookies if the web browser or browser add-on permits unless our Cookies are required to prevent fraud or ensure the security of websites we control. However, declining our Cookies may interfere with your use of our websites and the Service.

Third Party Websites

The Ricki Platform may contain links to third-party websites and applications of interest, including advertisements and external services, that are not affiliated with us. Once you have used these links to leave the Ricki Platform, any information you provide to these third parties is not covered by this Privacy Policy, and we cannot guarantee the safety and privacy of your information.

Before visiting and providing any information to any third-party websites, you should inform yourself of the privacy policies and practices (if any) of the third party responsible for that website, and should take those steps necessary to, in your discretion, protect the privacy of your information.

We are not responsible for the content or privacy and security practices and policies of any third parties, including other sites, services or applications that may be linked to or from the Ricki Platform.

Data Security

We have put in place appropriate security measures (and contractually require third parties we share your information with to maintain) appropriate physical, technical and administrative safeguards to prevent the personal data from being accidentally loss, misuse or in an unauthorised access, alteration or disclosure of your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

The security of your personal information it is instructive to note that no method of electronic transmission or storage of data guarantees 100% security. Thus, we strive to use commercially acceptable means to protect your personal information and we cannot guarantee its absolute security.

Based on the foregoing, we have established appropriate procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Retention Of Personal Data

We will only retain your personal information for as long as reasonably necessary to – a) provide our services to you,

b) archiving purposes to detect and investigate fraudulent transactions,

c) comply with our legal obligations under financial or anti-money laundering laws

d) satisfying any tax, accounting or reporting requirements; and

e) upon our reasonable belief that there is a prospect of litigation in respect to our relationship with you.

Your Rights

Under certain circumstances, you can exercise certain rights provided under applicable laws and regulations in relation to the personal information we hold. These rights include the right to – a) give and withdraw consent;

b) request access to your personal information;

c) request the rectification of your personal information;

d) request erasure of your personal information;

e) object to the processing of your personal information;

f) request that we restrict the processing of your personal information;

g) request the transfer of your personal information to you or a third party; and

h) complain at any time with any relevant authority for data protection issues.

Limitation Of Liability

We will not be responsible for a breach of personal information which happens due to – a) an event which is beyond our control;

b) an act or threats of terrorism;

c) an act of God (such as, but not limited to fires, explosions, earthquakes, drought, tidal waves and floods) which compromises our data protection measures;

d) war, hostilities (whether war be declared or not), invasion, the act of foreign enemies, mobilisation, requisition, or embargo;

e) rebellion, revolution, insurrection, or military or usurped power, or civil war which compromises our data protection measures;

f) the transfer of your personal information to a third party on your instructions; and

g) the use of your personal information by a third party designated by you.