Privacy Policy

Last updated: January 2026

1

Introduction

MerchantSphere ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud-based ERP service. By using MerchantSphere, you consent to the practices described in this policy.

2

Information You Provide

We collect information that you voluntarily provide, including:

  • Account Information: Name, email address, phone number, business name, and password when you register
  • Business Data: Inventory records, customer information, supplier details, sales transactions, purchase orders, and financial records
  • Payment Information: Billing address and payment method details (processed securely through our payment providers)
  • Communications: Messages you send to our support team
3

Automatically Collected Information

When you use our Service, we automatically collect:

  • Device information (browser type, operating system)
  • IP address and location data
  • Usage patterns and feature interactions
  • Log files and error reports
4

How We Use Your Information

We use the collected information to:

  • Provide, operate, and maintain the Service
  • Process transactions and send related information
  • Send administrative information, updates, and security alerts
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage patterns to improve the Service
  • Detect, prevent, and address technical issues and fraud
  • Comply with legal obligations
5

Data Storage and Security

Your data is stored on secure servers provided by our hosting partners. We implement industry-standard security measures including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Regular backups and disaster recovery procedures
  • Row-level security to ensure multi-tenant data isolation

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6

Third-Party Services

We may share your information with third parties only as follows:

  • Service Providers: Companies that help us operate the Service (hosting, payment processing, email delivery)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

7

Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for the Service to function (authentication, security)
  • Analytics Cookies: Help us understand how you use the Service
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings, but disabling certain cookies may affect functionality.

8

Your Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Export: Export your business data in standard formats
  • Objection: Object to processing of your personal data in certain circumstances

To exercise these rights, please contact us using the information provided below.

9

Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. After account termination:

  • You have 30 days to export your data
  • We may retain certain data for legal compliance (typically 7 years for financial records)
  • Anonymized data may be retained for analytical purposes
10

Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

11

International Data Transfers

Your information may be transferred to and processed in countries other than Nigeria. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

12

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. Significant changes will be communicated via email or through the Service.

13

Nigerian Data Protection Compliance

We comply with the Nigeria Data Protection Regulation (NDPR) and other applicable data protection laws. Our data processing activities are conducted in accordance with the principles of lawfulness, fairness, and transparency.

14

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

  • Email: privacy@merchantsphere.app
  • Address: Lagos, Nigeria