1. Information We Collect

We collect information you provide directly to us and information generated automatically through your use of our platform.

a. Account & Registration Data

• Full name (first and last name)
• Email address
• Phone number (including country code)
• Password (stored in encrypted, hashed form — never in plain text)
• Business name and industry

b. Business Operations Data

• Order details, order types, and order tracking records
• Inventory items, stock levels, and purchasing records
• Customer and supplier profiles
• Financial records including invoices, budgets, payments, and expenses
• Production records and workflow configurations
• Team member information and role assignments
• Internal communications (e.g. order chat messages)

c. Usage & Technical Data

• Log data (IP address, browser type, pages visited, timestamps)
• Device information (device type, operating system)
• Session activity and feature usage analytics
• Cookies and similar tracking technologies (see Section 8)

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our platform, including to:

• Create and manage your account and business (tenant) workspace
• Process and fulfil orders, manage inventory, and track production
• Generate financial reports, invoices, and analytics dashboards
• Notify you of important account events (email verification, password resets, team invitations)
• Send operational notifications relevant to your business activity
• Enforce our Terms of Service and resolve disputes
• Comply with legal obligations
• Improve platform features and fix technical issues

3. Legal Basis for Processing

Where applicable (e.g. under GDPR or the Nigeria Data Protection Act 2023), we rely on the following legal bases to process your personal data:

• Contract performance — processing necessary to provide the services you signed up for
• Legitimate interests — improving the platform, preventing fraud, and ensuring security
• Legal obligation — complying with applicable laws and regulations
• Consent — where you have given explicit consent (e.g. marketing communications)

4. Data Sharing & Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

• Service providers — trusted third-party vendors who help us operate the platform (e.g. cloud hosting, email delivery, payment processors), bound by confidentiality obligations
• Within your organisation — your business data is visible to authorised team members you invite to your workspace, according to the roles you assign
• Legal requirements — if required by law, court order, or regulatory authority
• Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction (you will be notified in advance)

5. Data Storage & Security

Your data is stored on secure servers. We implement industry-standard security measures including:

• Encryption in transit (HTTPS/TLS) for all data exchanged with our servers
• Hashed storage of passwords using modern cryptographic algorithms
• Role-based access controls restricting internal access to your data
• Regular security reviews and vulnerability assessments

While we take reasonable precautions, no system is completely secure. We encourage you to use a strong, unique password and to keep your credentials confidential.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our services. If you request deletion of your account, we will delete or anonymise your personal data within 30 days, except where we are required by law to retain certain records (e.g. financial transaction records for tax or regulatory compliance). Anonymised, aggregated data may be retained indefinitely for analytics and product improvement purposes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you
• Rectification — request correction of inaccurate or incomplete data
• Erasure — request deletion of your personal data ("right to be forgotten")
• Restriction — request that we limit how we process your data
• Portability — request your data in a machine-readable format
• Objection — object to processing based on legitimate interests
• Withdraw consent — where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, contact us at privacy@bizopd.com. We will respond within 30 days.

8. Cookies & Tracking

We use cookies and similar technologies to:

• Maintain your authenticated session (essential cookies)
• Remember your theme preference (light/dark mode)
• Collect anonymous usage analytics to improve the platform

You can control cookie settings through your browser. Disabling essential cookies may affect platform functionality, including your ability to stay logged in.

9. Children's Privacy

BizOPD is a business operations platform intended for use by adults (18 years and older) and registered business entities. We do not knowingly collect personal data from individuals under the age of 18. If we become aware that a minor has provided us with personal information, we will take steps to delete it promptly.

10. International Data Transfers

BizOPD operates globally. Your data may be stored or processed in countries outside your own. Where such transfers occur, we ensure appropriate safeguards are in place — such as Standard Contractual Clauses or equivalent mechanisms — to protect your data in accordance with applicable law.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will notify you by email or by displaying a prominent notice on the platform before the change takes effect. The "Last updated" date at the top of this page indicates when the policy was last revised. Continued use of BizOPD after the effective date constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please reach out to us: