Your Privacy Matters

Privacy Policy

Zerrar — Servanda Technologies Ltd.

Last Updated: January 31, 2026 · Effective Date: January 31, 2026

Back to Home

Table of Contents

1.Introduction2.Contact Information3.Information We Collect4.How We Use Your Information5.Legal Basis for Processing6.Information Sharing7.Data Storage & Security8.International Data Transfers9.Your Rights and Choices10.Cookies & Tracking11.Third-Party Services12.Children's Privacy13.Policy Changes14.Additional Rights15.Data Breach Notification16.Questions & Complaints17.Acknowledgment & Consent

1Introduction

Welcome to Zerrar ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how Servanda Technologies Ltd., operating as Zerrar, collects, uses, discloses, and safeguards your information when you use our platform and related services (collectively, the "Service").

By accessing or using our Service, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our Service.

This Privacy Policy complies with the Nigeria Data Protection Regulation (NDPR) 2019 and, where applicable, the European Union General Data Protection Regulation (GDPR).

2Contact Information

For any privacy-related questions or concerns, please contact us:

Company Name

Servanda Technologies Ltd. (trading as Zerrar)

Registration Number

RC 8569732

Address

5, Unity Avenue, Off Oke Ira Nla Road, Ajah, Lagos, Nigeria

3Information We Collect

We collect information that you provide directly to us and information automatically collected when you use our Service.

3.1 Information You Provide

Account Registration Information:

  • Full name
  • Email address
  • Phone number
  • Business name and details
  • Physical business address
  • Password (encrypted and never stored in plain text)

E-commerce Platform Integration Data:

  • Customer names and contact information
  • Product catalogs and inventory details
  • Order information and transaction details
  • Shipping addresses and delivery preferences
Payment Information: We do not directly collect or store credit card information. All payment processing is handled securely by our third-party payment processors (Paystack, Flutterwave, and Monnify). We only receive confirmation of successful or failed transactions and transaction reference numbers.

3.2 Automatically Collected Information

  • IP address and device information
  • Browser type and version
  • Operating system
  • Pages visited and features used
  • Time and date of access
  • Referring website addresses
  • Service performance metrics and error logs

3.3 Information We Do NOT Collect or Store

Important: We do NOT collect, store, or have access to:

WhatsApp message content or conversation data (messages are processed in real-time and not stored on our servers)
Your customers' WhatsApp contact lists or phone numbers (managed exclusively by WhatsApp/Meta)
Credit card numbers, CVV codes, or banking credentials (handled by payment processors)

4How We Use Your Information

We use the collected information for the following purposes:

4.1 Service Delivery

  • Create and manage your account
  • Provide access to our platform
  • Process and facilitate payments
  • Enable automation and workflow features
  • Integrate with third-party services

4.2 Customer Support

  • Respond to inquiries and support requests
  • Troubleshoot technical issues
  • Provide onboarding assistance and training

4.3 Service Improvement & Analytics

  • Analyze usage patterns and improve performance
  • Develop new features and functionalities
  • Conduct research and data analysis
  • Monitor Service uptime and reliability

4.4 Communications

  • Send account-related notifications and updates
  • Provide important Service announcements
  • Send marketing communications (with your consent; opt-out anytime)
  • Conduct surveys and gather feedback

4.5 Legal & Security

  • Comply with legal obligations and regulatory requirements
  • Prevent fraud, abuse, and unauthorized access
  • Enforce our Terms of Service
  • Protect the rights, property, and safety of our users

5Legal Basis for Processing (GDPR)

For users in the EU or other GDPR-applicable jurisdictions, we process personal data on the following grounds:

1Contractual Necessity: Processing necessary to provide our Service and fulfil our contract with you.
2Legitimate Interests: Service improvement, fraud prevention, and security.
3Legal Compliance: Processing necessary to comply with applicable legal obligations.
4Consent: Where you have provided explicit consent (e.g., marketing communications).

6Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share it only in the following circumstances:

6.1 Service Providers and Partners

Meta / WhatsApp Business API

Message delivery and WhatsApp Business functionality

Payment Processors (Paystack, Flutterwave, Monnify)

Secure payment processing

Cloud Infrastructure (Hetzner, Cloudflare)

Hosting and content delivery

Database Services (Redis)

Caching and performance

AI Services (OpenAI)

Chatbot and automation features

Media Storage (Cloudinary)

Image and file hosting

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

6.2 Legal Requirements

We may disclose your information if required by law — court orders, subpoenas, government or regulatory requests, or law enforcement investigations.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity. We will notify you before your data becomes subject to a different privacy policy.

6.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

7Data Storage and Security

7.1 Data Storage Location

Your data is primarily stored and processed through secure servers operated by our cloud infrastructure providers (Hetzner, Cloudflare). All providers comply with applicable data protection regulations.

7.2 Data Retention

  • Account Information: Retained while active and for 90 days after account closure.
  • Transaction Records: Retained for 7 years as required by Nigerian tax regulations.
  • Analytics Data: Retained in aggregated, anonymised form.
  • Message Content: NOT stored — processed in real-time.

7.3 Security Measures

End-to-end encryption for data transmission
SSL/TLS encryption
Regular security audits
Access controls and authentication
Employee security training
Firewall and intrusion detection
Regular encrypted data backups
While we strive to protect your information, no method of Internet transmission is 100% secure. We continuously work to enhance our security measures.

8International Data Transfers

Your information may be transferred to and processed in countries outside Nigeria, including the United States and EU member states, where our service providers operate. When we transfer your information internationally, we ensure appropriate safeguards are in place — including Standard Contractual Clauses approved by the European Commission and other legally recognised transfer mechanisms.

9Your Rights and Choices

Under the NDPR and GDPR (where applicable), you have the following rights:

9.1 Access and Portability

  • Right to Access: Request a copy of the personal information we hold about you.
  • Right to Data Portability: Request your data in a structured, machine-readable format.

9.2 Correction and Deletion

  • Right to Rectification: Request correction of inaccurate or incomplete information.
  • Right to Erasure: Request deletion of your personal information, subject to legal retention requirements.

9.3 Processing Restrictions

  • Right to Restriction: Request limitation of how we process your data in certain circumstances.
  • Right to Object: Object to processing based on legitimate interests or direct marketing.

9.4 Consent Withdrawal

Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

9.5 How to Exercise Your Rights

[email protected] +234 816 4800 698

We will respond within 30 days. If additional time is needed, we will notify you and explain the reason.

9.6 Complaint to Regulatory Authority

  • Nigeria: National Information Technology Development Agency (NITDA)
  • EU/EEA: Your local data protection supervisory authority

10Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. Types of cookies we use:

Essential Cookies

Necessary for the Service to function (e.g., authentication, security).

Performance Cookies

Help us understand how visitors interact with our Service.

Functional Cookies

Remember your preferences and settings.

Marketing Cookies

Track activity for advertising purposes (only with your consent).

11Third-Party Services and Links

Our Service integrates with and links to third-party services. These have their own privacy policies, and we are not responsible for their practices.

  • Meta/WhatsApp: https://www.whatsapp.com/legal/business-policy
  • Paystack: https://paystack.com/terms
  • Flutterwave: https://flutterwave.com/privacy-policy
  • Monnify: https://monnify.com/privacy-policy

12Children's Privacy

Our Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you believe your child has provided us with personal information, please contact us immediately at [email protected] and we will delete such information from our systems.

13Changes to This Privacy Policy

When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email (if provided)
  • Display a prominent notice on our website and/or within the Service

Your continued use of the Service after such modifications constitutes your acknowledgment and acceptance of the updated Privacy Policy.

14Additional Rights for Specific Jurisdictions

14.1 California Residents (CCPA)

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (Note: We do not sell personal information)
  • Right to non-discrimination for exercising your CCPA rights

14.2 European Economic Area (EEA) Residents

If you are located in the EEA, you have rights under GDPR as described in Section 9 of this policy.

15Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will notify you and the relevant regulatory authorities within 72 hours of becoming aware of the breach, as required by NDPR and GDPR. Our notification will include the nature of the breach, the data affected, and measures we are taking to address the situation.

16Questions and Complaints

Please contact our Privacy Officer:

Privacy Officer

Servanda Technologies Ltd.

5, Unity Avenue, Off Oke Ira Nla Road

Ajah, Lagos, Nigeria

[email protected] +234 816 4800 698

17Acknowledgment and Consent

By using our Service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our Service immediately.

Thank you for trusting Zerrar with your personal information. We are committed to protecting your privacy and providing a secure, reliable service.

Document Information

Document Version

1.0

Last Updated

January 31, 2026

Effective Date

January 31, 2026

Applicable Regulations: Nigeria Data Protection Regulation (NDPR) 2019 · EU General Data Protection Regulation (GDPR) · ePrivacy Directive 2002/58/EC

© 2026 Servanda Technologies Ltd. (Zerrar). All rights reserved.

Your privacy is protected
Terms of ServiceReturns PolicyBuyer ProtectionBack to Home

Your Cart

Your cart is empty

Browse vendors and add products