Privacy Policy

1. Introduction

This Privacy Policy explains how NodeBase collects, uses, and safeguards information when you engage our engineering and product design services. As a CAC-registered AI and software engineering studio, we handle enterprise data with the highest grade of operational security.

2. Data We Collect

To effectively execute our 5-day sprints and web development cycles, we collect essential client interaction data. This includes:

• Client business details (Name, Company, CAC Registration, Email, Phone Number).
• Technical requirements, API keys (temporarily stored in secure `.env` vaults), and architectural specifications.
• Communication and strategic planning logs derived from WhatsApp, Zoom meetings, and our internal project management tools.

3. Client vs. End-User Data

It is vital to distinguish between data provided by you (the Client) to NodeBase, versus data generated by your customers (End-Users) on the software we build for you. NodeBase securely accesses your technical/client data solely to construct the software. NodeBase does not claim ownership, access rights, or control over the end-user data processed by the decentralized applications, fintech systems, or platforms we build for our clients. You remain the sole Data Controller of your end-users' data.

4. Data Security

We employ enterprise-grade security pipelines to protect your data during the development lifecycle. All code is stored in private, encrypted Git repositories. Production secrets are managed via heavily encrypted cloud environment variables. Our internal development environments mandate two-factor authentication (2FA) and role-based access controls across all engineering teams.

5. Third-Party Sharing

NodeBase Technologies Limited does not, and will never, sell your data. Client data is strictly sequestered and only shared with essential, highly-vetted infrastructure partners necessary to host, deploy, and communicate regarding your project. These zero-trust partners include AWS, Vercel, Paystack (for invoicing), and the Meta/WhatsApp Business API.

6. Your NDPR Rights

Under the Nigeria Data Protection Regulation, you are guaranteed robust data rights regarding the information you have supplied to NodeBase:

• Right to Access: You may request a copy of the personal or technical data we hold about your company.
• Right to Rectification: You may request corrections to any inaccurate project or billing data.
• Right to be Forgotten: Post-deployment and upon settlement of final invoices, you may request the deletion of non-essential strategic data from our private servers, excepting data we must retain for legal accounting compliance.

7. Contact Information

For any privacy-specific concerns, NDPR data requests, or to report a security vulnerability, please reach out to our legal and security compliance team.