Privacy Policy
1. Information We Collect
We collect personal information necessary to provide our services, including but not limited to business details, contact information, government-issued IDs for verification, booking data, payment records, and technical usage data collected via our platform.
2. How We Use Your Information
Your data is strictly utilized for service delivery, identity verification, payment processing, fraud prevention, platform analytics, and legal compliance. We use communication data solely for transactional updates and essential platform announcements.
3. Legal Basis for Processing
In accordance with the Nigeria Data Protection Regulation (NDPR) 2019, our legal basis for processing your data includes explicit consent, necessity for the performance of a contract, and our legitimate interests in providing a secure infrastructure for short-let management.
4. Data Sharing
We do not sell your data. We share necessary data only with trusted infrastructure partners: Paystack (payment processing), Resend (transactional emails), Cloudinary (property image hosting), and Vercel (platform hosting). Each partner is vetted for NDPR and international security compliance.
5. Data Retention
We retain booking and financial transaction records for a period of seven (7) years to comply with Nigerian tax laws and accounting standards. Personal data associated with inactive accounts may be deleted upon verified request, subject to overriding legal retention requirements.
6. Your Rights
Under the NDPR 2019, you maintain the right to request access to your data, request corrections of inaccuracies, request deletion (“right to be forgotten”), and request data portability. To exercise these rights, contact our Data Protection Officer.
7. Cookies & Tracking
We deploy session cookies essential for platform authentication and security. We do not utilize third-party advertising trackers. First-party analytics are anonymized and used exclusively to optimize the STAYZA PRO infrastructure.
8. Data Security
Your data is secured using AES-256 encryption at rest and TLS 1.3 in transit. We implement strict role-based access controls internally and conduct annual third-party penetration testing to ensure infrastructure integrity.
9. Children's Privacy
STAYZA PRO services are strictly for adults aged 18 and older. We do not knowingly collect personal data from minors. Any data inadvertently collected from minors will be promptly deleted upon discovery.
10. International Data Transfers
Platform data is primarily stored within secure data centers in Nigeria and the European Union. In instances where data must be processed by partners in the United States, Standard Contractual Clauses (SCCs) apply to guarantee adequate protection.
11. Changes to This Policy
We may update this Privacy Policy to reflect infrastructure or regulatory changes. We will provide a 30-day notice via email to all active agents prior to implementing material changes to how we handle your data.
12. Contact / Data Protection Officer
For inquiries regarding our data practices or to exercise your privacy rights, please contact our Data Protection Officer at hello@stayza.pro. We are committed to responding to all privacy inquiries within 72 hours.