Privacy Policy

Last Updated: 25 April 2026

This Privacy Policy explains how Sellorra ("we", "us", "our") collects, uses, shares, and protects your personal information when you use our marketplace platform, mobile applications, and related services (collectively, the "Platform"). By using Sellorra, you agree to the practices described in this policy.

Sellorra is operated from Ibadan, Nigeria, and complies with the Nigeria Data Protection Act 2023 (NDPA) and other applicable laws.

1. Who We Are

Sellorra is a multi-vendor e-commerce platform that connects buyers, vendors, drivers, and service providers. The Data Controller for the purposes of this policy is Sellorra, with its principal office at SW8/1515, Anfani Road, Ring-Road, Ibadan, Oyo State, Nigeria.

For privacy-related inquiries, contact our Data Protection Officer at support@sellorra.com.

2. Information We Collect

2.1 Information You Provide Directly

• Account Information: Name, email address, phone number, password, profile photo, date of birth, and gender.
• Vendor/Driver Information: Business name, business address, tax identification, bank account details, vehicle details (for drivers), identification documents (NIN, driver's license, vehicle registration), and product/service listings.
• Transaction Information: Payment method details, billing and delivery addresses, order history, and refund records.
• Communications: Messages sent through our in-app chat, support tickets, reviews, and feedback.

2.2 Information Collected Automatically

• Device and Usage Data: IP address, device type, operating system, browser type, app version, time zone, and unique device identifiers.
• Location Data: Precise GPS location (with your permission, primarily for delivery and taxi services) and approximate location based on IP address.
• Cookies and Similar Technologies: Session cookies, authentication tokens, analytics identifiers.
• Activity Data: Pages visited, products viewed, search queries, click patterns, and purchase behaviour.

2.3 Information from Third Parties

• Payment processors (verification of transaction status).
• Social login providers (Google, Apple, Facebook) if you use these to sign in.
• Delivery and logistics partners.
• Identity verification services for vendor and driver onboarding.

3. How We Use Your Information

We use your information for the following purposes:

• Creating and managing your account.
• Processing orders, payments, refunds, and deliveries.
• Connecting buyers with vendors and matching customers with drivers.
• Verifying the identity of vendors and drivers for safety and compliance.
• Providing customer support and responding to your inquiries.
• Sending transactional notifications (order updates, delivery confirmations, password resets).
• Sending marketing communications (where you have consented or where permitted by law). You may opt out at any time.
• Improving our Platform, developing new features, and conducting analytics.
• Detecting, investigating, and preventing fraud, abuse, security incidents, and unlawful activity.
• Complying with legal obligations, court orders, and regulatory requests.

4. Legal Basis for Processing

Under the NDPA, we rely on the following legal bases:

• Contract: Processing necessary to provide the services you request (e.g., fulfilling an order).
• Consent: Where you have given specific permission, such as for marketing emails or precise location access.
• Legitimate Interests: Improving our Platform, preventing fraud, and securing our systems.
• Legal Obligation: Tax records, anti-money laundering checks, and regulatory reporting.

5. How We Share Your Information

We do not sell your personal information. We share data only as described below:

• With Vendors: When you place an order, the vendor receives your name, delivery address, contact number, and order details to fulfil the order.
• With Drivers: Pickup and delivery addresses, contact details, and order information needed to complete the delivery.
• With Buyers: Vendor and driver names, ratings, and basic contact information to facilitate the transaction.
• With Service Providers: Payment processors, hosting providers, SMS/email gateways, and analytics tools — bound by confidentiality and data protection obligations.
• For Legal Reasons: Where required by law, in response to lawful requests from public authorities, or to protect rights, property, or safety.
• In Business Transfers: If Sellorra is involved in a merger, acquisition, or sale of assets, your data may transfer subject to this policy.

6. International Data Transfers

Some of our service providers may be located outside Nigeria. Where we transfer personal data internationally, we ensure adequate safeguards are in place, including standard contractual clauses or transfers to jurisdictions with adequate data protection frameworks, in line with the NDPA.

7. Data Retention

We retain your personal information only as long as necessary for the purposes for which it was collected, and as required to comply with legal obligations. Specifically:

• Account data: For the lifetime of your account, plus up to 24 months after closure.
• Transaction records: For at least 7 years to comply with Nigerian tax and accounting laws.
• Marketing communications: Until you opt out, then deleted within 90 days.
• Support communications: For up to 3 years after the last interaction.

8. Your Rights

Under the NDPA, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Correct inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data, subject to legal exceptions.
• Right to Restrict Processing: Limit how we use your data in certain circumstances.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.
• Right to Lodge a Complaint: File a complaint with the Nigeria Data Protection Commission (NDPC).

To exercise any of these rights, email support@sellorra.com. We will respond within 30 days.

9. Security

We implement industry-standard security measures including TLS encryption for data in transit, encrypted storage, access controls, and regular security audits. However, no system is completely secure. You are responsible for keeping your account password confidential.

10. Children's Privacy

Sellorra is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately so we can delete it.

11. Cookies

We use essential cookies for authentication and security, and analytics cookies to understand how the Platform is used. You can control cookies through your browser settings. Disabling essential cookies may prevent the Platform from functioning.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 14 days before they take effect. Continued use of the Platform after changes constitutes acceptance.

13. Contact Us

For questions, requests, or complaints regarding this Privacy Policy:

• Email: support@sellorra.com
• Phone/WhatsApp: +234 (0) 808 994 9319
• Address: SW8/1515, Anfani Road, Ring-Road, Ibadan, Oyo State, Nigeria

You may also lodge a complaint with the Nigeria Data Protection Commission (NDPC) if you are dissatisfied with our response.