Privacy Policy

1. Scope

Whose privacy policy is this?

This Privacy Policy applies to the website accessible at https://velonze.ng, the software solutions platform also accessible through that website, and all related services (collectively, the “Platform”), all owned and operated by Velonze Limited, a company registered in Nigeria.

When we refer to “we” (“Velonze”, “we”, or “us”), that means Velonze Limited of Maria Ibironke Street, Lagos, Nigeria and all its affiliated entities. Our headquarters and primary operations are based in Lagos, Nigeria.

By accessing or using the Platform, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our services. This Privacy Policy is part of our Terms of Use. Terms used but not defined here have the meanings provided in the Terms of Use.

What about links to third-party websites?

Our Platform may contain links to third-party websites or services. When you click on a link to another website, you will be directed to a site controlled by a separate entity. We have no control over, do not review, and cannot be responsible for these outside websites or their content. This Privacy Policy does not apply to those sites. We encourage you to read the privacy policies of every website you visit.

2. Information We Collect

What is personal data?

Personal data identifies you as an individual — such as obvious identifiers like your name, email address, postal address, or phone number — as well as non-obvious identifiers like your device ID or IP address.

A. Personal data provided by you

When you register, submit enquiries, or enter into service agreements with Velonze, we collect the following personal data:

• Client Data: Company name, contact individual, job title, industry, project requirements, and business objectives.
• Contact Information: Email addresses, phone numbers, and physical addresses provided through our contact forms or direct communication.
• Account Credentials: Usernames, passwords (stored securely in hashed form), and authentication details for client portals or managed services.

B. Data collected automatically when you use our Platform

When you interact with the Platform, we may automatically collect:

• Technical Project Data: System architecture parameters, API configurations, and existing infrastructure details shared during service delivery or consultation.
• Device & Usage Data: IP address, browser type, operating system, access times, and pages visited.
• Cookies & Tracking Technologies: We use cookies to enhance user experience and analyse Platform performance. You can manage cookie preferences via your browser settings.

C. Data from third parties

Clients or third-party service providers may share technical or business data with us to facilitate project development, integration, and systems automation. We handle all such data in accordance with this Privacy Policy.

Should I share sensitive personal data?

We ask that you do not disclose sensitive personal data — such as information related to racial or ethnic origin, political opinions, religious beliefs, health information, biometrics, criminal background, or sexual orientation — on or through the Platform, unless explicitly required for a specific, agreed service engagement.

3. How We Use Information

How do we use personal data, and what is the legal basis?

We exist to deliver high-quality technology solutions to businesses. To do this effectively, we collect and process some personal data. All of this is laid out in this section.

To fulfil a contract, or take steps linked to a contract:

• Providing software development, automation, and IT consulting services to you.
• Communicating with you about project progress, deliverables, and milestones.
• Processing payments and issuing invoices.

Where necessary for our or third parties' legitimate interests:

• Improving our technology solutions and service offerings.
• Operating and maintaining the Platform and client portals.
• Providing customer and technical support.
• Updating you with operational news, service changes, and security alerts.
• Monitoring Platform activity to identify issues, prevent fraud, and ensure compliance.
• Managing our relationship with you, including responding to queries and feedback.
• Managing our legal and operational affairs.

Where you give us consent:

• Sending you marketing information about new services, insights, and updates via email or WhatsApp.
• Personalising our Platform and communications based on your preferences.
• On other occasions where we ask for consent, we will use the data for the purpose explained at that time.

For purposes required by law: Responding to requests by government, regulatory, or law enforcement authorities conducting a lawful investigation.

Withdrawing consent or opting out of direct marketing

Wherever we rely on your consent, you can withdraw it at any time, although we may have other legal justifications for processing your data. You have an absolute right to opt out of direct marketing at any time — by clicking “Unsubscribe” in any marketing email, by updating your Profile > Notifications settings, or by contacting us at info@velonze.ng.

4. Information We Share

Is my data shared outside of Velonze?

We do not sell or rent personal data. In some cases, we share personal data with trusted external service providers and partners that help us deliver our services:

• Partner Agencies & Contractors: For specialised technical integrations or project augmentation, under strict NDAs.
• Infrastructure & Cloud Providers: For hosting, storage, and deployment of client applications and internal tools.
• Customer Support Providers: Platforms used to manage client communications and support tickets.
• Analytics Providers: To understand usage behaviour across our Platform and improve our services.
• Payment Providers: To securely process payments for our services.
• Legal Authorities: If required by Nigerian law, court order, or applicable international legal frameworks.

Regardless of your data choices, Velonze may disclose personal data if it believes in good faith that disclosure is necessary to comply with applicable laws, protect our rights or property, or investigate potential violations of this Privacy Policy or our Terms of Use.

What if Velonze is acquired or merges with another company?

We may share some or all of your personal data in connection with a merger, acquisition, financing, or dissolution transaction. In the event of such a change, this Privacy Policy may be updated and we will notify you as appropriate.

5. International Data Transfers

Do we transfer data outside of Nigeria?

Your personal data may be transferred to, stored at, and processed by us or our third-party service providers in countries outside Nigeria — including cloud infrastructure in Europe or the United States.

Where such transfers occur, we ensure appropriate safeguards are in place in compliance with the Nigeria Data Protection Regulation (NDPR) and other applicable data protection laws. For transfers to countries lacking equivalent data protections, we rely on contractual safeguards such as Standard Contractual Clauses or equivalent mechanisms.

You may request information about the specific mechanisms governing any international data transfer by contacting us at info@velonze.ng.

6. Retention

How long is my data kept?

We retain your personal data for as long as (i) you maintain an active engagement or contract with Velonze, or (ii) we need it to deliver our services or meet our legal obligations.

Financial records and transaction data are retained for a minimum of 7 years from the date of the relevant transaction, in accordance with Nigerian financial regulations. These periods may be extended if there is a likely or ongoing legal claim, or if required by applicable law.

You may request the deletion or handover of your data at any time by contacting us at info@velonze.ng. See “My Privacy Rights” below for more detail.

7. Information Security

How do we protect your personal data?

The security of your personal data is important to us. We apply industry-standard organisational, technical, and administrative measures:

• All data in transit is protected using Transport Layer Security (TLS) encryption.
• Data at rest is stored on secure cloud servers with restricted access, located in controlled facilities.
• Role-based access controls (RBAC) ensure only authorised engineering staff, project managers, and designated client stakeholders can access sensitive project data.
• Multi-Factor Authentication (MFA) is required for all administrative accounts.

Nonetheless, no communication over the internet can be 100% secure. If you believe that your interaction with us has been compromised, please notify us immediately at info@velonze.ng.

Security incidents and breach notification

In the event of a data breach or security incident affecting your personal data, we will:

• Notify affected users without undue delay where the incident is likely to result in a high risk to their rights or interests.
• Notify applicable regulatory authorities in accordance with our obligations under the NDPR and other applicable data protection laws.

8. Marketing and Notifications

What types of communications can you expect from Velonze?

We send communications through email, SMS, WhatsApp, and virtual meetings, depending on agreed project configuration and your preferences:

• Administrative: Project updates, proposal deliveries, invoice notifications, and maintenance schedules.
• Service Announcements: Critical security alerts, policy changes, and system availability notices for managed applications.
• Optional Notifications: Tech insights, new service offerings, newsletters, and direct project check-ins.

What personal data does Velonze use for marketing?

How do I stop marketing communications?

You can opt out of non-essential communications at any time by clicking “Unsubscribe” in any marketing email, updating your Profile > Notifications settings, or contacting us at info@velonze.ng.

9. Use of Artificial Intelligence and Emerging Technologies

Overview

We may use new tools and technologies in connection with our products, services, and operations, including the use of artificial intelligence (AI) as part of Velonze's AI-assisted development workflows, automated code review, and intelligent project delivery features (collectively, “AI-Assisted Features”). When you use these features, the inputs you submit and relevant project context are processed by AI systems. Where personal data is processed by these technologies, such processing is limited to the purposes described in this Privacy Policy and any supplemental privacy notices provided at the time of data collection.

Data we use

AI-Assisted Features do not result in the collection of any new categories of personal data beyond what is described in Section 2 of this Privacy Policy. To deliver these features, certain personal data we already collect — such as your name, project history, and past technical submissions — may be transmitted to third-party large language model (“LLM”) providers. We only work with reputable AI service providers under strict data processing agreements.

AI model training

Velonze may use inputs and outputs from our AI-Assisted Features to improve our internal tools and service quality. Where we use your personal data for AI model training or improvement purposes, we will do so only where we have a valid legal basis under applicable law and have met all relevant legal requirements.

You may opt out of this use at any time by contacting us at info@velonze.ng. Please note that if you opt out, certain inputs may still be used where they have been flagged for safety review, to improve our ability to detect harmful or inappropriate content, or to enforce our policies — or where you have explicitly reported content to us through our feedback mechanisms.

Third-party AI platforms

Velonze may integrate its services with third-party AI platforms, applications, and tools (such as AI assistants or chat-based interfaces) to enhance project delivery. When you access Velonze services through a third-party platform, your interactions with that platform are subject to that platform's own terms of service and privacy policy — not this Privacy Policy.

Velonze does not control, and is not responsible for, how third-party platforms collect, use, store, or share your data, including whether such platforms train AI models on your inputs. Any opt-out you exercise with Velonze applies only to our own use of your data within our Platform and services. To manage how a third-party platform handles your data, please review that platform's privacy settings and terms of service.

Automated processing

AI-Assisted Features involve automated processing of your data. The significance and envisaged consequences of this processing are that your experience on the Platform may be tailored based on your project profile, usage patterns, and engagement history. This may affect the recommendations, tooling suggestions, or workflow configurations presented to you.

This processing does not produce decisions with legal or similarly significant effects on you.

10. Children's Privacy

Our software development services and Platform are intended exclusively for business entities and adult professionals. We do not knowingly collect or solicit personal data from children under the age of 13.

If we become aware that we have collected personal data from a child under 13 without verification of parental or guardian consent, we will promptly delete that information. If you believe we may have done so, please contact us at info@velonze.ng.

11. My Privacy Rights

How can I access my data?

You have the right to request a copy of the personal data we hold about you and to understand how we use it. To make this request, contact us at info@velonze.ng.

How can I edit my data?

You can update your personal data via your account or client portal settings at any time. For data that cannot be edited directly, contact us and we will assist you in rectifying it.

How can I remove my data?

You may request deletion of your personal data by contacting us at info@velonze.ng. Please note that we may need to retain certain data as required by applicable law or for legitimate business purposes (e.g., financial records retained for 7 years).

Can I stop Velonze using my data?

You can object to or request restriction of data processing in certain circumstances — in particular, where we don't need to process it to meet a contractual or legal requirement, or where we are using it for direct marketing. Contact us at info@velonze.ng to make such a request.

Can I download (port) my data?

You have the right to request a portable copy of the personal data we hold about you. Contact us at info@velonze.ng to submit a portability request and we will provide your data in a commonly used, machine-readable format.

Your rights under the NDPR

This Privacy Policy complies with the Nigeria Data Protection Regulation (NDPR). If you are unsatisfied with our response to any privacy concern, you may contact the Nigeria Data Protection Commission (NDPC) or another applicable supervisory authority.

12. Changes to This Policy

What if we change this policy?

We may update this Privacy Policy from time to time. We encourage you to review it frequently. The “Last Updated” date at the top of this page reflects the most recent revision. If a change is significant, we will notify you by posting a notice on our Platform or by email before the change takes effect.

13. Questions, Feedback or Issues

We see our privacy strategy as an ongoing dialogue with our clients and partners. If you have questions about this Privacy Policy, concerns about how your data is handled, or wish to exercise any of your privacy rights, please don't hesitate to reach out. We are committed to resolving any complaints about our collection or use of your personal data and will respond in compliance with applicable laws.

If you feel that a privacy complaint has not been adequately resolved after contacting us, you may contact the Nigeria Data Protection Commission (NDPC) or another applicable data protection supervisory authority.