Table of Contents
1. Who We Are
This Privacy Policy applies to the Provydr platform operated by SHOFU B SOLUTIONS LTD, a company registered in Nigeria. We are the data controller responsible for personal data collected through our website at www.myprovydr.com and our related services.
Data Controller: SHOFU B SOLUTIONS LTD | Email: info@myprovydr.com | Phone: +234 916 967 1279 | Address: C1, Farayola, Bodija, Ibadan, Oyo State, Nigeria
This policy is governed by the Nigeria Data Protection Regulation (NDPR) 2019 and its implementation framework, and applies to all users of the Provydr platform including Candidates, Employers, and visitors.
2. Data We Collect
2.1 Data You Provide Directly
| Category | Examples | Who Provides |
|---|---|---|
| Account Data | Full name, email address, password (hashed), phone number, account type (Candidate/Employer) | All users |
| Candidate Profile | CV/résumé, skills, work history, education, certifications, profile photo, headline, location, salary expectations | Candidates |
| Identity Documents | National ID, international passport, driver's licence, professional certificates (for verification only) | Candidates (optional) |
| Employer Profile | Company name, CAC registration number, business address, industry, company description, logo, website | Employers |
| Company Documents | CAC certificate, business registration documents (for verification only) | Employers (optional) |
| Job Postings | Job title, description, requirements, salary range, location, deadline, contact preference | Employers |
| Communications | Messages sent through the platform, support requests, emails sent to us | All users |
| Payment Data | Transaction reference, plan name, amount paid, payment timestamp (card details processed by Paystack only) | Paying users |
2.2 Data Collected Automatically
When you use Provydr, we automatically collect certain technical data including your IP address, browser type and version, device type, operating system, referring URL, pages visited, time spent on pages, and general geographic location (country/region level derived from IP).
We use Firebase (Google) for authentication, real-time database, and hosting. Firebase may collect diagnostic and usage data in accordance with Google's Privacy Policy.
2.3 Data from Third Parties
We receive payment confirmation data (but not card details) from Paystack upon successful transactions. We may receive analytics data from Google Analytics or similar tools about how users interact with our platform.
3. How We Use Your Data
We use the personal data we collect for the following purposes:
- Account Management: Creating, authenticating, and managing your account;
- Platform Services: Enabling job search, job posting, candidate discovery, and employer–candidate matching;
- Verification: Reviewing identity and business documents to issue verified badges; documents are reviewed by admin staff and never shared publicly;
- Payments: Processing subscription fees and one-time payments through Paystack; maintaining payment records;
- Communications: Sending job alerts, platform notifications, interview links, payment receipts, and policy updates via email and SMS;
- Customer Support: Responding to your enquiries, complaints, and support requests;
- Safety & Security: Detecting and preventing fraud, abuse, spam, and security threats;
- Legal Compliance: Complying with applicable Nigerian laws and regulations;
- Platform Improvement: Analysing usage patterns to improve our features, performance, and user experience;
- Marketing: Sending promotional emails about Provydr services (you may opt out at any time).
We do not sell your personal data to any third party for their own marketing purposes.
4. Legal Basis for Processing
Under the NDPR 2019, we process your personal data on the following legal bases:
- Contractual Necessity: Processing required to perform our agreement with you (e.g. operating your account, processing payments, facilitating job matches);
- Legitimate Interests: Processing for our legitimate business interests, provided these do not override your fundamental rights (e.g. fraud prevention, platform security, analytics);
- Legal Obligation: Processing required to comply with applicable Nigerian law;
- Consent: Where we rely on consent (e.g. marketing emails, optional cookies), you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
5. Data Sharing & Third Parties
5.1 With Other Users
Candidates: Your name, headline, skills, and general location are visible to all platform users. Your contact details and CV are only shared with verified employers who have an active paid plan. Your identity documents are never visible to other users.
Employers: Your company name, description, and job listings are publicly visible. Your CAC and verification documents are only reviewed by Provydr admin and never shared with other users.
5.2 With Service Providers
We share data with trusted third-party service providers who assist us in operating the platform:
| Provider | Purpose | Data Shared |
|---|---|---|
| Google Firebase | Authentication, database, hosting | Account data, profile data, messages |
| Paystack | Payment processing | Email, payment amount, transaction reference |
| EmailJS | Transactional email delivery | Email address, name, notification content |
| Termii | SMS notifications | Phone number, message content |
| Google Analytics | Usage analytics (anonymised) | Anonymised usage data, IP address |
All service providers are contractually required to protect your data and may only use it for the specified purpose.
5.3 Legal Disclosures
We may disclose your personal data to law enforcement, regulatory authorities, or other third parties where required to do so by applicable Nigerian law, court order, or to protect the rights, property, or safety of SHOFU B SOLUTIONS LTD, our users, or the public.
5.4 Business Transfers
In the event of a merger, acquisition, or sale of all or substantially all of our assets, your personal data may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on the platform before your data is transferred and becomes subject to a different privacy policy.
6. Payments & Financial Data
All payment card data (card numbers, CVV, expiry dates) is processed exclusively by Paystack and is never transmitted to or stored on Provydr's systems. Paystack is PCI-DSS compliant.
We store only non-sensitive payment metadata: the transaction reference number, plan purchased, amount paid, and timestamp. This data is used for subscription management, dispute resolution, and financial record-keeping as required by Nigerian tax law.
7. Cookies & Tracking Technologies
Provydr uses browser local storage and session storage (functional equivalents of cookies) to keep you signed in and remember your preferences. We also use Google Firebase's session management, which may set cookies for authentication purposes.
We use Google Analytics to collect anonymised data about how visitors use our site. You can opt out of Google Analytics tracking by installing the Google Analytics opt-out browser add-on.
We do not use advertising cookies or sell your browsing data to advertisers.
8. Data Retention
We retain your personal data for as long as your account is active, or as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements:
- Active accounts: Data retained for the lifetime of your account;
- Closed accounts: Core account data retained for up to 3 years after closure for legal and fraud prevention purposes, then securely deleted;
- Identity verification documents: Retained for up to 2 years after submission, then permanently deleted from our systems;
- Payment records: Retained for 7 years in compliance with Nigerian financial regulations;
- Support communications: Retained for up to 2 years after resolution;
- Analytics data: Anonymised data may be retained indefinitely.
9. Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:
- All data transmitted between your browser and our servers is encrypted using TLS (HTTPS);
- Passwords are never stored in plain text — authentication is handled by Firebase Authentication using industry-standard hashing;
- Access to user data is restricted to authorised personnel only on a need-to-know basis;
- Identity and business documents are stored in restricted-access cloud storage;
- Firebase security rules enforce that users can only access their own data.
Despite these measures, no internet transmission or electronic storage is 100% secure. If you become aware of any security vulnerability or data breach affecting the platform, please notify us immediately at info@myprovydr.com.
10. Your Rights
Under the Nigeria Data Protection Regulation (NDPR) 2019, you have the following rights regarding your personal data:
- Right of Access: Request a copy of the personal data we hold about you;
- Right to Rectification: Request correction of inaccurate or incomplete personal data;
- Right to Erasure: Request deletion of your personal data (subject to legal retention obligations);
- Right to Restriction: Request that we restrict processing of your data in certain circumstances;
- Right to Data Portability: Request your data in a structured, machine-readable format;
- Right to Object: Object to processing of your data for direct marketing or based on legitimate interests;
- Right to Withdraw Consent: Where processing is based on consent, withdraw it at any time without penalty.
To exercise any of these rights, contact us at info@myprovydr.com with the subject line "Data Rights Request." We will respond within 30 days. We may ask you to verify your identity before processing your request.
If you are unsatisfied with our response, you have the right to lodge a complaint with the National Information Technology Development Agency (NITDA), Nigeria's data protection authority.
11. Children's Privacy
Provydr is intended for users who are at least 18 years of age. We do not knowingly collect personal data from anyone under the age of 18. If you believe a child has provided us with personal data, please contact us at info@myprovydr.com and we will promptly delete that data.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our data practices, services, or applicable law. When we make material changes, we will notify registered users by email and post a prominent notice on the platform at least 14 days before the changes take effect.
The "Last updated" date at the top of this page reflects when the policy was last revised. Your continued use of Provydr after the effective date constitutes acceptance of the updated policy.
13. Contact & Complaints
For any questions, concerns, or complaints about this Privacy Policy or how we handle your personal data, please contact our Data Protection Officer:
Data Protection Officer — SHOFU B SOLUTIONS LTD
Operating as: Provydr
Address: C1, Farayola, Bodija, Ibadan, Oyo State, Nigeria
Email: info@myprovydr.com
Phone/WhatsApp: +234 916 967 1279
Response time: Within 2 business days for general enquiries; within 30 days for data rights requests
To file a formal complaint with Nigeria's data protection authority: NITDA, visit nitda.gov.ng.