Privacy Policy

We collect information in the following categories:

Personal information — provided directly by you when you create an account, place an order, or contact us:

• Full name and email address
• Phone number
• Delivery and billing address

Payment information — card payments are processed securely by Paystack, a PCI-DSS compliant payment gateway. We do not store, transmit, or have access to your card number, CVV, or PIN at any point. For bank transfers, we retain only the proof of payment image you voluntarily upload.

Usage data — collected automatically as you browse our Site:

• Pages visited and time spent on each page
• Products viewed, added to cart, or wishlisted
• Search queries entered on the Site
• Referral source (how you arrived at our Site)

Device and technical information — collected automatically by our servers:

• Browser type and version
• Operating system
• IP address and approximate geographic location (country / city)
• Device type (desktop, mobile, tablet)

We use the information we collect for the following purposes:

• Processing orders and payments — to fulfil your purchases, arrange delivery, and issue receipts and invoices.
• Order communication — to send order confirmations, dispatch notifications, and delivery updates via email.
• Account management — to create and maintain your account, enable saved addresses, and provide access to your order history.
• Personalisation — to recommend products, remember your preferences, and tailor your shopping experience based on browsing history.
• Service improvement — to analyse usage patterns, fix bugs, and improve the performance and design of our Site.
• Marketing communications — to send promotional emails, new arrival announcements, and exclusive offers. We will only send marketing emails with your explicit consent, and you can opt out at any time via the unsubscribe link in any email or through your account notification settings.
• Legal compliance — to comply with applicable Nigerian law and respond to lawful requests from regulatory authorities.

We do not sell, rent, or trade your personal data to any third party for their own marketing purposes. We share your information only in the following limited circumstances:

• Delivery partners — we share your name, phone number, and delivery address with our courier or logistics partners solely to fulfil your order.
• Payment processors — Paystack receives the information necessary to process your card payment. Their handling of your data is governed by Paystack's Privacy Policy.
• Service providers — we may share data with trusted technology providers (e.g. cloud hosting, email delivery) who process it solely on our behalf and under strict confidentiality obligations.
• Legal requirements — we may disclose your information if required to do so by law, court order, or a competent regulatory authority in Nigeria.

We take the security of your personal data seriously and have implemented a range of technical and organisational measures to protect it:

• Encrypted database — your data is stored in a MongoDB database with encryption at rest.
• SSL / HTTPS encryption — all data transmitted between your browser and our servers is encrypted using TLS.
• Secure password hashing — passwords are hashed using bcrypt before storage. We never store plaintext passwords.
• Access controls — access to production systems and customer data is restricted to authorised team members only.
• Security reviews — we conduct regular security reviews and apply patches promptly to maintain a secure environment.

While we employ industry-standard security measures, no system is completely immune to risk. In the unlikely event of a data breach that affects your personal data, we will notify you promptly in accordance with applicable law.

We use cookies and similar technologies to operate our Site and improve your experience. Cookies are small text files stored on your device by your browser.

• Essential cookies — required for the Site to function. These include your session token and shopping cart contents. You cannot opt out of these without losing core functionality.
• Analytics cookies — we use Google Analytics to understand how visitors use our Site (pages visited, time on site, referral source). This data is aggregated and anonymised. You can opt out by installing the Google Analytics Opt-out Browser Add-on.
• Marketing cookies — optional cookies used to show you relevant advertisements or offers. These are only set with your consent.

You can manage or withdraw your cookie preferences at any time through your browser settings. Clearing cookies will log you out of your account and reset your cart.

You have the following rights in relation to the personal data we hold about you. To exercise any of these rights, contact us at hello@yourbrand.com:

• Right to access — you may request a copy of the personal data we hold about you.
• Right to rectification — you may ask us to correct inaccurate or incomplete personal data. You can also update most information directly in your account settings.
• Right to erasure — you may request that we delete your account and associated personal data, subject to any legal obligations that require us to retain certain records.
• Right to opt out of marketing — you can unsubscribe from marketing emails at any time via the link in any email or through Account → Notifications.
• Right to data portability — you may request a copy of your personal data in a structured, machine-readable format.

We will respond to all legitimate requests within 30 days. For complex or multiple requests, we may extend this period and will notify you accordingly.

Our Site is not directed at children under the age of 13 and we do not knowingly collect personal information from anyone under this age. If you are under 13, please do not use our Site or provide any personal information.

If we become aware that we have inadvertently collected personal data from a child under 13, we will delete that information promptly. If you believe we may have collected information from a minor, please contact us immediately at hello@yourbrand.com.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The “Last updated” date at the top of this page will always indicate the most recent revision.

For significant changes — such as a change in how we use your personal data or a new sharing arrangement — we will notify you directly via the email address associated with your account before the changes take effect.

Your continued use of our Site after any changes are posted constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us:

• Email: hello@yourbrand.com
• Subject line:“Privacy Enquiry”
• Response time: We aim to respond to all privacy-related requests within 30 days of receipt.

We are committed to working with you to resolve any concerns about your privacy fairly and transparently.