Privacy Policy

Your privacy matters to us. This Privacy Policy explains how GritinAI Technologies Limited ("GritinAI", "we", "us", or "our") collects, uses, stores, and protects your personal information when you use the Ubá platform, including our website, mobile applications, and related services (collectively, the "Service").

By using Ubá, you consent to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use the Service.

1. Information We Collect

We collect the following types of information:

a) Information You Provide

• •Account Information: Name, email address, phone number, business name, and password when you create an account
• •Business Data: Inventory records, sales data, product information, supplier details, employee information, and financial data you enter into the Service
• •Payment Information: Billing address and payment method details when you subscribe to a paid plan (processed securely by our payment partners)
• •Communications: Information you provide when you contact our support team or respond to surveys

b) Information Collected Automatically

• •Device Information: Device type, operating system, browser type, and unique device identifiers
• •Usage Data: Pages visited, features used, time spent on the Service, and click patterns
• •Log Data: IP address, access times, and referring URLs
• •Cookies: We use cookies and similar technologies to enhance your experience and analyse usage patterns

2. How We Use Your Information

We use your information for the following purposes:

• •To provide, maintain, and improve the Service
• •To process transactions and manage your subscription
• •To send you service-related notifications and updates
• •To respond to your enquiries and provide customer support
• •To detect, prevent, and address technical issues and security threats
• •To analyse usage trends and improve the user experience
• •To comply with legal obligations

3. How We Share Your Information

We do not sell your personal information to third parties. We may share your information only in the following circumstances:

• •Service Providers: With trusted third-party providers who help us operate the Service (e.g., hosting, payment processing, analytics), under strict confidentiality agreements
• •Legal Requirements: When required by law, regulation, legal process, or governmental request
• •Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction
• •With Your Consent: When you have given us explicit consent to share specific information

4. Data Security

We take the security of your data seriously. We implement industry-standard technical and organisational measures to protect your information against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, regular security audits, access controls, and secure cloud infrastructure.

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security.

5. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you close your account, we will retain your data for 30 days to allow you to reactivate or export your data. After this period, your data will be permanently deleted from our active systems.

We may retain certain information for longer periods as required by law or for legitimate business purposes, such as fraud prevention and dispute resolution.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• •Access: Request a copy of the personal information we hold about you
• •Correction: Request that we correct inaccurate or incomplete information
• •Deletion: Request that we delete your personal information, subject to certain legal exceptions
• •Data Portability: Request a machine-readable copy of your data
• •Objection: Object to certain processing of your personal information
• •Withdrawal of Consent: Withdraw your consent at any time where we rely on consent as the legal basis for processing

To exercise any of these rights, please contact us at privacy@gritinai.com. We will respond to your request within 30 days.

7. Cookies

We use cookies and similar tracking technologies to improve your experience on the Service. Cookies are small data files stored on your device that help us remember your preferences and understand how you use the Service. You can control cookie settings through your browser preferences. Disabling certain cookies may limit your ability to use some features of the Service.

8. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.

9. Children's Privacy

The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child under 18, we will take steps to delete that information promptly.

10. International Data Transfers

Your information may be processed and stored on servers located outside Nigeria. By using the Service, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence. We ensure that appropriate safeguards are in place to protect your data during such transfers.

11. Nigeria Data Protection Regulation (NDPR)

We comply with the Nigeria Data Protection Regulation (NDPR) and the Nigeria Data Protection Act (NDPA). As required under these regulations, we process your data lawfully, fairly, and transparently. We have appointed a Data Protection Officer to oversee compliance and respond to data protection enquiries.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and, where appropriate, by email. The "Last updated" date at the top of this page indicates when the policy was last revised.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us: