Privacy Policy

INTRODUCTION

Welcome to Taskie's Privacy Policy. This policy describes how Taskie ("we", "us", "our", or "Platform") collects, uses, protects, and discloses your personal information when you use our marketplace platform that connects verified service professionals ("Taskers") with customers who need their services.

Taskie is committed to protecting your privacy and complying with the Nigeria Data Protection Regulation (NDPR) 2019, enacted under the National Information Technology Development Agency (NITDA). This policy also aligns with global best practices in data protection and privacy.

By accessing or using the Taskie platform, you acknowledge that you have read, understood, and agree to the collection, use, and disclosure of your personal information as described in this Privacy Policy.

1. DEFINITIONS

2. DATA CONTROLLER INFORMATION

Taskie acts as the Data Controller for all personal information collected through the Platform. For data protection inquiries, please contact:

NDPR Compliance: Taskie is committed to full compliance with the Nigeria Data Protection Regulation (NDPR) 2019 and has implemented comprehensive data protection measures in accordance with NITDA guidelines.

3. INFORMATION WE COLLECT

3.1 Information You Provide Directly

3.1.1 Customer Registration Information

• Phone Number: Required for SMS OTP verification and in-app communication;
• Full Name: First name and last initial displayed publicly (e.g., "John A."); full name stored securely;
• Service Address: Physical location where services will be provided;
• Profile Information: Optional profile photo and preferences.

3.1.2 Tasker Registration Information

• Phone Number: Required for SMS OTP verification and communication;
• Full Name: First name and last initial displayed publicly; full name stored securely;
• Identity Documents: Government-issued ID (National ID, Driver's License, or International Passport) for verification;
• Address Verification: Proof of residential address (utility bills or official correspondence);
• Service Information: Skills, expertise, service categories, price ranges, and service areas;
• Bank Account Details: Required for payment disbursement;
• Professional Certifications: Optional licenses or credentials relevant to services offered.

3.2 Information Collected Automatically

• Location Data: Precise geolocation with your consent to match Customers with nearby Taskers and calculate distances;
• Device Information: Device type, operating system, browser type, unique device identifiers;
• Usage Data: Pages viewed, features used, time spent on Platform, search queries, booking history;
• Communication Records: In-app messages, call logs (metadata only, not content), voice notes;
• Transaction Data: Payment history, invoices, service amounts, platform fees;
• IP Address: Internet Protocol address for security and fraud prevention.

3.3 Information from Third Parties

• Payment Processors: Transaction data from Paystack and Flutterwave;
• Identity Verification Services: Verification results from government databases and identity verification partners;
• Analytics Providers: Aggregated usage statistics and platform performance data.

4. HOW WE USE YOUR INFORMATION

4.1 Lawful Bases for Processing (NDPR Compliance)

Under NDPR, we process your personal data based on the following lawful grounds:

• Consent: You have explicitly consented to processing for specific purposes;
• Contract Performance: Processing is necessary to perform our contract with you (Terms of Use);
• Legal Obligation: Processing is required to comply with Nigerian laws and regulations;
• Legitimate Interests: Processing is necessary for our legitimate business interests, provided your rights are not overridden.

4.2 Specific Purposes of Data Processing

4.2.1 Platform Operations

• Creating and managing user accounts;
• Authenticating users via SMS OTP verification;
• Facilitating connections between Customers and Taskers;
• Enabling in-app messaging, calls, and communication;
• Processing payments, invoices, and financial transactions;
• Calculating distances and matching based on location.

4.2.2 Trust & Safety

• Verifying Tasker identities through government-issued IDs;
• Conducting background checks and address verification;
• Preventing fraud, abuse, and unauthorized access;
• Monitoring for suspicious activity and policy violations;
• Resolving disputes and customer support inquiries;
• Enforcing Terms of Use and community standards.

4.2.3 Service Improvement

• Analyzing usage patterns to improve Platform features;
• Conducting research and development for new services;
• Personalizing user experience and recommendations;
• Testing new features and technologies.

4.2.4 Communication

• Sending transactional notifications (booking confirmations, payment receipts);
• Providing customer support and responding to inquiries;
• Sending important account and policy updates;
• Marketing communications (with your consent, which can be withdrawn at any time).

4.2.5 Legal Compliance

• Complying with NDPR, tax laws, and other Nigerian regulations;
• Responding to lawful requests from government authorities;
• Enforcing legal rights and defending against legal claims;
• Maintaining records as required by law.

5. PRIVACY PROTECTION MEASURES

5.1 Phone Number Masking

All user phone numbers are permanently masked and never revealed to other users. In-app calls are routed through our telecommunications infrastructure using masked numbers to protect your contact information. Your phone number is only used for:

• SMS OTP authentication;
• Platform-initiated security notifications;
• In-app call routing (with masking);
• Critical account alerts.

Important: We will never share, sell, or disclose your phone number to other users, third-party marketers, or external entities without your explicit consent or legal requirement.

5.2 Name Display Privacy

User names are displayed in "FirstName L." format only (e.g., "John A.", "Sarah O."). Full names, surnames, and middle names are protected and never publicly displayed. This measure:

• Prevents identity theft and fraud;
• Protects user privacy during initial interactions;
• Reduces harassment and unwanted contact;
• Maintains professional boundaries between users.

5.3 Address Protection

Customer addresses are protected and only shared with Taskers after:

1. Invoice payment is confirmed;
2. Tasker has accepted the job;
3. Both parties have confirmed job parameters;
4. The job is scheduled to commence within 48 hours.

Before confirmation, only general location area (within 2-5 km radius) is displayed for distance calculation purposes.

6. INFORMATION SHARING AND DISCLOSURE

6.1 When We Share Information

Taskie does not sell your personal information to third parties. We only share your information in the following limited circumstances:

6.1.1 Between Users (Customer ↔ Tasker)

• Always Shared: First name and last initial, profile photo, service categories, ratings and reviews;
• Shared After Booking: Full service address (Customers to Taskers only);
• Never Shared: Phone numbers, full names, email addresses, identity documents, bank details.

6.1.2 Service Providers and Partners

We share information with trusted third-party service providers who assist in platform operations:

• Payment Processors (Paystack, Flutterwave): Name, transaction amount, bank details for payment processing;
• SMS Service Providers: Phone number for OTP delivery;
• Cloud Hosting (AWS): Data storage and database management;
• Identity Verification Partners: ID documents and personal information for verification;
• Analytics Providers: Anonymized usage data for platform improvement.

Data Processing Agreements: All service providers are contractually bound by data processing agreements that comply with NDPR requirements and prohibit unauthorized use or disclosure of your information.

6.1.3 Legal Requirements

We may disclose your information when required by Nigerian law or in response to:

• Court orders, subpoenas, or other legal processes;
• Requests from law enforcement or government agencies (EFCC, Police, NITDA);
• National security or public safety requirements;
• Protection of our legal rights, property, or safety;
• Investigation of fraud, security breaches, or policy violations.

6.1.4 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy. We will notify you via email or prominent platform notice before your information is transferred.

7. DATA SECURITY MEASURES

7.1 Technical Security Measures

Taskie implements industry-standard security measures to protect your personal information:

• Encryption: All data transmitted between your device and our servers is encrypted using TLS/SSL protocols;
• Secure Storage: Personal data is stored in encrypted databases with restricted access;
• Access Controls: Role-based access controls ensure only authorized personnel can access personal data;
• Authentication: Multi-factor authentication for administrative access;
• Monitoring: 24/7 security monitoring for unauthorized access attempts and anomalies;
• Regular Audits: Periodic security audits and vulnerability assessments;
• Data Backup: Regular encrypted backups with disaster recovery procedures.

7.2 Organizational Security Measures

• Staff Training: All employees receive data protection and privacy training;
• Confidentiality Agreements: Employees and contractors sign confidentiality agreements;
• Data Minimization: We collect only the minimum data necessary for platform operations;
• Retention Policies: Personal data is deleted when no longer needed;
• Incident Response: Documented procedures for data breach notification and response.

7.3 Data Breach Notification (NDPR Compliance)

In the event of a data breach affecting your personal information, Taskie will:

1. Notify NITDA within 72 hours of becoming aware of the breach;
2. Notify affected users via email or in-app notification within 7 days;
3. Provide details about the nature of the breach, data affected, and mitigation steps;
4. Offer assistance and guidance to protect your information;
5. Conduct thorough investigation and implement corrective measures.

Your Responsibility: While we implement robust security measures, you are responsible for maintaining the confidentiality of your account credentials and notifying us immediately of any unauthorized access.

8. YOUR RIGHTS UNDER NDPR

As a data subject under the Nigeria Data Protection Regulation (NDPR), you have the following rights regarding your personal information:

8.1 Right to Access

You have the right to request access to your personal data held by Taskie. You can view most of your information in your account settings. For a comprehensive data export, contact info@taskie.ng. We will provide a copy within 30 days.

8.2 Right to Rectification

You have the right to correct inaccurate or incomplete personal data. You can update most information directly in your account settings. For assistance, contact info@taskie.ng.

8.3 Right to Erasure ("Right to Be Forgotten")

You have the right to request deletion of your personal data under certain circumstances:

• The data is no longer necessary for the purposes for which it was collected;
• You withdraw consent and there is no other legal basis for processing;
• You object to processing and there are no overriding legitimate grounds;
• The data has been unlawfully processed.

Note: We may retain certain data to comply with legal obligations, resolve disputes, enforce agreements, or prevent fraud. Financial records may be retained for 7 years as required by Nigerian tax law.

8.4 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format (CSV or JSON) and to transmit it to another data controller. Contact info@taskie.ng to request data portability.

8.5 Right to Object

You have the right to object to processing of your personal data for:

• Direct Marketing: Opt-out of marketing communications at any time via account settings or email unsubscribe links;
• Legitimate Interests: Object to processing based on legitimate interests, subject to our assessment of overriding grounds.

8.6 Right to Restrict Processing

You have the right to request restriction of processing in certain situations:

• You contest the accuracy of your personal data;
• Processing is unlawful, but you prefer restriction over deletion;
• We no longer need the data, but you require it for legal claims;
• You have objected to processing pending verification of legitimate grounds.

8.7 Right to Withdraw Consent

Where processing is based on your consent, you have the right to withdraw consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.

8.8 How to Exercise Your Rights

To exercise any of these rights, please contact:

• Email: info@taskie.ng
• In-App: Settings → Privacy & Data → Data Rights Requests
• Response Time: We will respond within 30 days of receiving your request

Identity Verification: To protect your privacy, we may require identity verification before processing data rights requests.

8.9 Right to Lodge a Complaint

If you believe your data protection rights have been violated, you have the right to lodge a complaint with:

We encourage you to contact us first so we can address your concerns directly before escalating to NITDA.

9. DATA RETENTION AND DELETION

9.1 Retention Periods

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and resolve disputes:

• Active Account Data: Retained while your account is active and for 2 years after last activity;
• Transaction Records: Retained for 7 years to comply with Nigerian tax and financial regulations;
• Communication Records: Retained for 3 years for dispute resolution and quality assurance;
• Identity Verification Documents: Retained for 5 years for regulatory compliance and fraud prevention;
• Marketing Consent: Retained until consent is withdrawn, then deleted within 30 days;
• Deleted Account Data: Most data deleted within 90 days; some data retained for legal compliance.

9.2 Account Deletion

When you delete your account:

1. Your profile is immediately deactivated and removed from public view;
2. Personal data is anonymized or deleted within 90 days;
3. Transaction records are retained for 7 years (legal requirement);
4. Ratings and reviews may be retained in anonymized form;
5. Backup copies are deleted within 180 days from backup systems.

Important: Deletion is permanent and cannot be undone. Downloaded data exports or court orders may require us to retain certain information beyond standard retention periods.

10. CHILDREN'S PRIVACY

Taskie is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child under 18 without parental consent, we will take steps to delete that information as quickly as possible.

If you are a parent or guardian and believe your child has provided personal information to Taskie, please contact us immediately at info@taskie.ng so we can take appropriate action.

11. INTERNATIONAL DATA TRANSFERS

Your personal data is primarily stored and processed in Nigeria. However, some of our service providers (e.g., cloud hosting, payment processors) may transfer data outside Nigeria for processing.

When we transfer data internationally, we ensure:

• Transfers comply with NDPR requirements for cross-border data transfers;
• Receiving countries provide adequate data protection (as determined by NITDA);
• Service providers are bound by Standard Contractual Clauses or similar safeguards;
• Appropriate technical and organizational security measures are in place;
• Data subjects are informed of international transfers and associated risks.

NDPR Compliance: All international data transfers from Nigeria comply with NDPR Section 2.12, which requires adequate safeguards and data subject notification.

12. COOKIES AND TRACKING TECHNOLOGIES

12.1 What Are Cookies?

Cookies are small text files stored on your device that help us provide and improve our services. We use cookies and similar technologies (web beacons, pixels, local storage) to recognize your device, remember preferences, and analyze platform usage.

12.2 Types of Cookies We Use

• Essential Cookies: Required for platform functionality (authentication, security, session management) - cannot be disabled;
• Performance Cookies: Collect anonymous usage statistics to improve platform performance;
• Functional Cookies: Remember your preferences and settings (language, location, dark mode);
• Analytics Cookies: Help us understand how users interact with the Platform (Google Analytics, Mixpanel);
• Advertising Cookies: Currently not used; future use will require explicit consent.

12.3 Managing Cookies

You can control cookie preferences through:

• Browser Settings: Most browsers allow you to block or delete cookies;
• Platform Settings: Manage non-essential cookies in Settings → Privacy & Data → Cookie Preferences;
• Opt-Out Tools: Use browser plugins like Ghostery or Privacy Badger.

Note: Disabling essential cookies may impair platform functionality and prevent you from using certain features.

13. THIRD-PARTY LINKS AND SERVICES

The Taskie platform may contain links to third-party websites, services, or applications (e.g., payment processors, social media platforms). This Privacy Policy does not apply to third-party sites or services.

We are not responsible for the privacy practices or content of third-party sites. We encourage you to review the privacy policies of any third-party services you access through our Platform.

Third-Party Service Providers: Our payment partners (Paystack, Flutterwave) have their own privacy policies governing how they handle your financial information during transactions.

14. CHANGES TO THIS PRIVACY POLICY

Taskie may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy;
• Notify you via email or prominent in-app notification;
• Provide a summary of key changes;
• Request your consent where required by law;
• Archive previous versions for your reference.

Continued use of the Platform after changes become effective constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you may delete your account by contacting info@taskie.ng.

Recommendation: We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

15. CONTACT INFORMATION

For questions, concerns, or requests related to this Privacy Policy or your personal data, please contact:

ACCEPTANCE ACKNOWLEDGMENT

BY USING THE TASKIE PLATFORM, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY.