Privacy Policy
1 Introduction
At Creatlie Limited, your privacy is one of our top priorities. We are committed to ensuring that your personal data is handled in a secure and transparent manner. This Privacy Notice outlines how we collect, use, share, and protect your personal data, in line with both the Nigeria Data Protection Regulation (NDPR) and the General Data Protection Regulation (GDPR), as well as other applicable global privacy standards. Our services include websites, mobile apps, and other digital platforms, including integrations with third-party platforms such as Facebook, LinkedIn, Snapchat, and TikTok.
Summary: We handle your data responsibly, in compliance with both Nigerian and international data privacy laws. This document explains what data we collect, how we use it, and what rights you have concerning your data.
Click here to view full details of our Introduction.
2 Who We Are
Creatlie Limited is a company based in Nigeria, providing a range of online services that allow users to engage with our platform, create content, and interact with one another. We collect and process personal data to ensure our services run smoothly and securely. Whether you‘re using our website, mobile application, or interacting with us via social media, we ensure that your data is managed according to the highest privacy standards set forth by the NDPR and GDPR.
Summary: We are a Nigerian-based online services provider, compliant with NDPR and GDPR.
Click here to view full details of Who We Are.
3 Data We Collect
We collect several categories of personal data to facilitate and improve your experience with our services. The information we collect depends on the services you use and your interactions with us.
We collect Personal Information during user registration, when you create an account or engage with our services. This includes:
Full Name: Used for account identification and personalization.
Email Address: Required for account creation, communication, and security purposes (e.g., login alerts, two-factor authentication).
Phone Number: Used for account security, such as two-factor authentication or account recovery.
Username: Allows you to identify yourself on our platform.
We do not generally process sensitive personal information, as defined by NDPR (e.g., health data, religious beliefs). However, some aspects of your profile may contain additional personal data, such as:
Profile Management: Information such as profile pictures, social media handles, bios, and uploaded content like images and videos.
Content Creation: If you upload media files (e.g., images, videos) to your profile, this content is stored securely on our platform.
When you use our services, we may collect information about your location using GPS, IP addresses, or similar location-based tracking technologies. This helps us provide location-specific services and content, such as event recommendations or nearby services.
We collect data from the devices you use to access our services. This includes:
Device Type: Information about the type of device you are using (e.g., smartphone, desktop).
Operating System: Details about the system running on your device (e.g., iOS, Android, Windows).
IP Address: Used for location tracking and securing your account.
Browser Type: Helps us understand how you interact with our services across different browsers.
Pages Visited: Information on how you navigate our website or app.
Session Duration: The amount of time you spend on a particular page or section of the app.
Clickstream Data: Which links or buttons you interact with during your session.
For users who purchase premium services or products, we collect payment information to facilitate transactions. This includes:
Credit Card Details: Processed securely through third-party payment providers.
Billing Address: Required to process financial transactions, comply with anti-fraud measures, and provide invoices.
Any communications you send to us, including emails, contact form submissions, or customer support queries, may be stored to improve our services and respond to your requests. This also includes responses to surveys or feedback forms.
Summary: We collect a wide range of data, from basic identifiers like your name and email to detailed data such as your device type and location. We also collect content you upload, such as images and videos.
Click here to view full details of Data We Collect.
We use your personal data to create and manage your account, facilitate transactions, and provide you with the services you request. This includes:
User Authentication: Verifying your identity during login.
Account Management: Managing your account details, such as updating your profile and privacy settings.
Customer Support: Resolving issues, answering queries, and improving your overall experience.
We use the data we collect to personalize your experience. For example:
Content Recommendations: Tailoring content and recommendations based on your preferences and interactions with the platform.
Customised Notifications: Sending you personalized notifications, such as recommendations for events or features.
With your consent, we may use your data for marketing purposes, including sending you emails about promotions, new features, and updates. We also use your data to show you relevant ads on third-party platforms like Facebook etc (consent management).
We use analytics to understand how users interact with our services. This helps us:
Improve User Experience: Track usage patterns and optimize features based on user behaviour.
Monitor Website/App Performance: Analyse traffic, identify technical issues, and make improvements.
Your data is also used to maintain the security of our services. We use multi-factor authentication, encryption, and other security measures to protect your account from unauthorised access. Data such as IP addresses and device information are used to detect suspicious activity and prevent fraud.
We use your data to comply with legal and regulatory requirements, such as retaining transaction records for tax purposes, responding to government inquiries, and fulfilling our obligations under the NDPR and GDPR.
Summary: We use your data for several purposes, from delivering services and personalising your experience to marketing and ensuring security. Your data helps us improve and optimise our platform.
Click here to view full details of How We Use Your Data.
We process your personal data under several legal bases, as required by NDPR and GDPR.
We process your personal data based on your consent when you provide it explicitly. This includes:
Marketing Communications: You will only receive promotional materials if you have opted in.
Cookies: We use cookies for tracking and marketing purposes, based on your consent, which you can manage via our cookie consent banner.
We process your data when it is necessary to fulfil a contract. This includes:
Account Creation: Using your data to set up and manage your account.
Service Delivery: Providing you with the services you have signed up for, such as access to premium features.
We process personal data for our legitimate business interests, if these interests do not override your fundamental rights. Examples include:
Improving Services: Using data to understand how our platform is used and making improvements accordingly.
Security: Protecting our users and the platform from fraud and unauthorised access.
We may also process your data when it is necessary to comply with a legal obligation, such as:
Regulatory Requirements: Retaining data for tax purposes or responding to government requests.
Legal Claims: Processing data to defend against legal claims or comply with judicial orders.
Summary: We process your data based on consent, contractual obligations, legitimate interests, and legal requirements. You have the right to withdraw consent and manage how we use your data.
Click here to view full details of Legal Basis for Processing.
We share your personal data with trusted third parties to facilitate our services. These third parties are required to protect your data and use it only for the purposes we specify.
We work with third-party service providers to:
Process Payments: Securely manage financial transactions and billing.
Cloud Hosting: Store data and maintain backups on secure servers.
Customer Support: Help resolve technical issues and respond to user inquiries.
In cases where we are legally required to do so, we may share your data with law enforcement agencies, regulators, or government bodies. This includes complying with judicial orders, legal investigations, or requests for information by government authorities in compliance with NDPR, GDPR, or any other applicable law.
We may collaborate with trusted business partners for joint promotions, events, or co-branded services. If you engage with a service offered in partnership with a third party, your data may be shared with them for the purpose of delivering that service.
As part of our global operations, your personal data may be transferred to, and processed in, countries outside of Nigeria. If such transfers occur, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs), to protect your data in accordance with the NDPR and GDPR.
Summary: We share your data with service providers, legal authorities, and business partners to deliver services, comply with legal requirements, and facilitate marketing. Any international transfers are safeguarded in compliance with the law.
Click here to view full details of How We Share Your Data.
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Notice or as required by law. The retention periods vary based on the type of data and its purpose.
Personal data related to your account, such as your registration information, is retained if your account is active or until you request its deletion. This ensures that you have continued access to your account and its features.
We retain financial records, including payment data, to comply with tax regulations and financial reporting obligations. Typically, this data is retained for between 7-10 years, depending on legal requirements.
If you upload content (e.g., images, videos) to your profile, this content is retained until you choose to delete it or your account is deactivated. However, some content may remain visible to others even after account deactivation, such as comments on public forums.
We retain data related to your marketing preferences until you opt out of receiving promotional communications. If you withdraw your consent for marketing, we will stop processing your data for this purpose, but we may retain a record of your request to ensure compliance with your preferences.
In certain situations, we are required by law to retain specific types of data for extended periods. For example, data related to fraud prevention, security incidents, or legal claims may be retained for as long as necessary to comply with legal obligations or to defend against potential legal claims.
Summary: We retain your personal data based on the type of data and its purpose. Account and payment data are retained for as long as necessary, while marketing and content data may be retained until you request deletion.
Click here to view full details of Data Retention.
As a data subject under the NDPR and GDPR, you are entitled to several rights regarding the personal data we collect and process. These rights allow you to exercise control over your data and how it is used.
You have the right to request access to the personal data we hold about you. This includes the right to request a copy of the data, as well as information about how and why we are processing it.
If any of the personal data we hold about you is inaccurate or incomplete, you have the right to request its correction. This ensures that the data we process is always up-to-date and accurate.
Under certain circumstances, you have the right to request the deletion of your personal data. This includes situations where the data is no longer necessary for the purposes for which it was collected or if you withdraw your consent for its processing.
You can request that we restrict the processing of your data under certain conditions, such as if you contest the accuracy of the data or if the processing is unlawful but you do not wish to have the data deleted.
You have the right to receive your personal data in a structured, commonly used, and machine-readable format. You also have the right to request that we transfer this data to another data controller where technically feasible.
You can object to the processing of your personal data, particularly if the processing is based on legitimate interests or for direct marketing purposes. In such cases, we will cease processing your data unless we can demonstrate compelling legitimate grounds for the processing.
If we rely on your consent to process your personal data, you have the right to withdraw this consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before your consent was withdrawn.
If you believe that we have not complied with applicable data protection laws, you have the right to lodge a complaint with the relevant data protection authority. In Nigeria, you can submit complaints to the National Data Protection Commission (NDPC).
Summary: You have several rights under the NDPR and GDPR, including the rights to access, correct, delete, or restrict the processing of your data. You can also object to certain types of processing and withdraw consent at any time.
Click here to view full details of Your Rights.
We take the security of your personal data seriously and implement various measures to ensure that it is protected against unauthorised access, loss, alteration, or destruction.
We use encryption to protect your personal data during transmission and storage. This ensures that your data remains secure, even if intercepted by unauthorized parties.
Access to personal data is restricted to authorized personnel only. We implement strict access control measures to ensure that only those with legitimate business purposes can access your data.
We use multi-factor authentication (MFA) for accessing accounts to add an extra layer of security. This ensures that even if your password is compromised, unauthorised users cannot access your account without a secondary form of verification.
We regularly conduct security audits to identify potential vulnerabilities and ensure that our systems are secure. These audits help us detect and address any weaknesses in our security infrastructure.
All employees handling personal data undergo regular data protection training. This ensures that they understand the importance of data security and follow best practices when processing personal data.
Summary: We protect your data with encryption, access controls, multi-factor authentication, and regular security audits. Our employees are trained to follow best practices for data protection.
Click here to view full details of Security Measures.
As part of our global operations, we may transfer your personal data to countries outside of Nigeria. When such transfers occur, we ensure that appropriate safeguards are in place to protect your data in accordance with the NDPR, GDPR, and other applicable data protection laws.
When transferring data to countries outside of Nigeria or the European Economic Area (EEA), we use Standard Contractual Clauses (SCCs) approved by the relevant data protection authorities. These clauses ensure that your data is protected even when transferred internationally.
In cases where we transfer data to a country that has been deemed by the European Commission or NDPC to provide an adequate level of data protection, we rely on the adequacy decision to facilitate the transfer.
Where necessary, we implement additional safeguards to protect your data during international transfers. This may include encryption, anonymization, or other security measures to ensure the safety of your data.
Summary: We may transfer your data internationally, but we ensure that appropriate safeguards are in place, such as SCCs or adequacy decisions, to protect your data.
Click here to view full details of International Data Transfers.
We reserve the right to update this Privacy Notice periodically to reflect changes in our data processing practices or to comply with new legal requirements. Any changes we make to this notice will be posted on this page, and we will notify you of significant changes through email or a notice on our website.
Notification of Changes: If there are significant changes to the way we process your personal data, we will notify you directly, either through email or by placing a prominent notice on our website.
Reviewing the Privacy Notice: We encourage you to review this Privacy Notice periodically to stay informed about how we protect your personal data.
Summary: We may update this Privacy Notice from time to time. Significant changes will be communicated via email or a notice on our website.
Click here to view full details of Changes to This Privacy Notice.
If you have any questions about this Privacy Notice or your personal data, or if you wish to exercise any of your rights, please contact us using the details below:
Email: admin@creatlie.com
Phone: +1234567890
Postal Address: PLOT 8, PROVIDENCE STREET, LEKKI PHASE 1, LAGOS STATE, NIGERIA