CertiTrack Privacy Policy (Nigeria)

Effective Date: 18/07/2025

CertiTrack ("we", "us", "our") is committed to protecting your personal information and privacy. This Privacy Policy explains how we collect, use, store, and protect your data when you use our services via www.certitrack.org. This policy aligns with the Nigeria Data Protection Act 2023 (NDPA) and other relevant laws.

1. Information We Collect

A. Information You Provide:

  • Full name
  • Date of birth
  • Email address
  • Phone number
  • Learner/Registration Number
  • Identity documents (e.g. passport, change-of-name documents)
  • Qualification and academic history
  • Payment information (processed securely via third-party payment platforms)

B. Automatically Collected Data:

  • IP address
  • Browser and device information
  • Time and date of access
  • Actions taken on the platform (e.g. login, order history)
2. Purpose of Data Collection
  • To authenticate and verify your academic records
  • To process orders for replacement certificates and transcripts
  • To deliver digital documents
  • To respond to your enquiries or support requests
  • To detect, prevent, or investigate fraud and misuse of the portal
  • To improve our platform’s security, functionality, and performance
  • To comply with legal obligations and regulatory requests
3. Legal Basis for Processing
  • Consent – where required, especially for optional services
  • Performance of a contract – to fulfil your requests for certificates/transcripts
  • Compliance with legal obligations – e.g. for record keeping
  • Legitimate interest – including fraud prevention and service improvement
4. Data Sharing and Disclosure

We do not sell or rent your personal data. We may share your information only with:

  • Payment processors (e.g. Paystack)
  • Regulatory or government bodies where legally required
  • Accredited institutions or employers when documents are verified or shared by you
  • Service providers who support our operations under confidentiality obligations
5. Data Storage and Security
  • Your data is stored securely within Nigeria or in compliant data centres abroad under NDPA cross-border provisions.
  • We use encryption, firewalls, access controls, and regular audits to ensure data protection.
  • Access to your data is strictly restricted to authorized personnel only.
6. Your Rights Under the Nigeria Data Protection Act

As a data subject under the NDPA 2023, you have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Withdraw consent (where consent is the basis for processing)
  • Request deletion (subject to legal retention requirements)
  • Object to certain types of processing
  • Request data portability in a readable format
7. Data Retention
  • We retain your data only for as long as necessary to fulfill your service requests and meet legal or regulatory obligations.
  • When no longer needed, your data will be securely deleted or anonymised.
8. Use of Cookies
  • Improve website performance
  • Enable secure login sessions
  • Collect analytics to enhance user experience

You can adjust your browser settings to manage or block cookies.

9. Children’s Privacy

This service is intended for individuals 18 years and above. If we discover data from a person under 18, we will delete it promptly unless it is part of a valid academic record.

10. Updates to This Policy

We may update this Privacy Policy from time to time. Changes will be posted here and, where appropriate, communicated via email or portal notification.

11. Contact Us

CertiTrack – Data Protection Officer
📧 Email: info@certitrack.org
📞 Phone: +234 8086801978
📍 Address: 2/4 Vincent Ezeh Street, Opposite Chivita 2nd Gate, Ajao Estate, Off Murtala Muhammed International Airport Road, Lagos.
Complaints may also be directed to the Nigeria Data Protection Commission (NDPC): www.ndpc.gov.ng