Legal

Privacy Policy

Last updated: May 14, 2026

1. Introduction

Godrop Technologies Ltd ("Godrop", "we", "our") is committed to protecting the privacy of our users, vendors, and riders. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application, website, and related services ("Services") in Nigeria.

2. Information We Collect

Account Information: When you register, we collect your name, phone number, email address, and profile photo.

Location Data: We collect your real-time location to match you with nearby vendors and assign riders to your order. You can disable location access in device settings, but this will limit functionality.

Transaction Data: We collect records of your orders, payments, and delivery history.

Device Information: We collect device type, operating system, IP address, and push notification tokens to provide our Services.

KYC Documents (Riders & Vendors): For compliance and safety, riders and vendors submit government-issued ID, vehicle papers, and related documents. These are stored securely and used solely for identity verification.

3. How We Use Your Information

  • Process and fulfill your delivery orders
  • Facilitate payments via Paystack
  • Send transactional notifications (OTPs, order updates)
  • Improve our Services through analytics
  • Detect fraud and ensure platform safety
  • Comply with applicable Nigerian laws and regulations
  • Respond to customer support requests

4. Sharing of Information

We do not sell your personal data. We share information only with:

  • Vendors: Your delivery address and contact info are shared with the vendor fulfilling your order.
  • Riders: Your delivery address and order details are shared with the assigned rider.
  • Payment Processors: Paystack processes payments; your card/bank data is governed by Paystack's privacy policy.
  • Service Providers: Cloud infrastructure (Cloudinary, Railway) and analytics partners under strict data processing agreements.
  • Law Enforcement: When required by Nigerian law or court order.

5. Data Retention

We retain your personal data for as long as your account is active and for 5 years thereafter as required by Nigerian financial regulations. KYC documents are retained for 7 years per FCCPC guidelines. You may request deletion of your account data by contacting hello@godrop.ng.

6. Security

We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, JWT authentication with short-lived tokens, and access controls. No method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Your Rights

Under the Nigeria Data Protection Act (NDPA) 2023, you have the right to:
  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your data (subject to legal retention requirements)
  • Object to processing for direct marketing
  • Data portability

To exercise these rights, contact our Data Protection Officer at privacy@godrop.ng.

8. Cookies

Our website uses essential cookies for session management and analytics cookies (with your consent) to understand how visitors interact with our site. You may disable cookies in your browser settings.

9. Children

Our Services are not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification at least 14 days before the change takes effect.

11. Contact Us

Godrop Technologies Ltd

Lagos, Nigeria

Email: privacy@godrop.ng