Privacy Policy
Last Updated: January 2025
1. Introduction
Sellmur Technologies ("Sellmur," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Sellmur platform.
This policy complies with the Nigeria Data Protection Regulation (NDPR) 2019 and the Nigeria Data Protection Act 2023.
2. Information We Collect
2.1 Information You Provide
Business Owners:
- Full name, email address, and phone number
- Business name, type, address, and description
- Payment information (processed by Paystack/Stripe — we do not store full card details)
- Staff account details you create
Staff Users:
- Name, email address, and phone number
- Role and assigned permissions
- Activity logs within the Platform
End Customers (via your business):
- Name, phone number, and email address
- Appointment history and preferences
- Purchase history and transaction records
- Any additional information your business collects
2.2 Information Collected Automatically
- IP address, browser type, and device information
- Pages visited, features used, and time spent
- Referring URLs and exit pages
- Cookies and similar tracking technologies
3. How We Use Your Information
- Service Delivery: To provide, maintain, and improve the Platform.
- Account Management: To manage your account, process payments, and communicate about your subscription.
- Transaction Processing: To facilitate bookings, sales, and payments.
- Communications: To send transactional emails, SMS notifications, appointment reminders, and support messages.
- Analytics: To analyze usage and improve the Platform.
- Security: To detect and prevent fraud, abuse, or technical issues.
- Legal Compliance: To comply with applicable laws and legal processes.
4. How We Share Your Information
We may share information with:
- Service Providers: Cloud hosting, payment processors, SMS gateways, email delivery services.
- Legal Authorities: When required by law or court order.
- Business Transfers: In case of merger, acquisition, or sale.
We do NOT:
- Sell your personal information to third parties.
- Share end customer data for third-party marketing.
5. Data Storage & Security
5.1 Data is stored on secure cloud servers with encryption at rest and in transit (SSL/TLS).
5.2 Access controls limit data access to authorized personnel only.
5.3 No method is 100% secure; we strive for industry best practices.
5.4 In case of a data breach, we will notify affected users within 72 hours and report to the Nigeria Data Protection Commission (NDPC).
6. Data Retention
- Active Accounts: Data retained while account is active.
- Canceled Accounts: Data retained 30 days, then permanently deleted.
- Expired Trials: Data retained 30 days post-expiry.
- Payment Records: Retained as required by Nigerian tax law (minimum 6 years).
- You may request early deletion by contacting our Data Protection Officer.
7. Your Rights Under Nigerian Data Protection Law
Under the NDPR and NDPA, you have the right to:
- Access your personal data.
- Correct inaccurate or incomplete data.
- Request deletion of your data ("right to be forgotten").
- Restrict how we process your data.
- Receive your data in a portable format.
- Object to processing based on legitimate interests.
- Withdraw consent where processing is consent-based.
To exercise these rights, contact our Data Protection Officer. We will respond within 30 days.
8. Your Responsibilities as a Business Owner
- You are the Data Controller for your customers' data; Sellmur is the Data Processor.
- You must obtain appropriate consent from your customers.
- You must display your own privacy policy explaining your data practices.
- You are responsible for ensuring staff handle customer data appropriately.
9. Cookies & Tracking
We use cookies for essential functionality, analytics, and preferences. For details, see our Cookie Policy.
10. International Data Transfers
Data may be processed outside Nigeria with adequate safeguards in place, including Standard Contractual Clauses where applicable.
11. Children's Privacy
The Platform is not intended for individuals under 18. We do not knowingly collect data from minors.
12. Changes to This Policy
We may update this policy with notice via email or Platform notification. Continued use after changes constitutes acceptance.