Privacy
Policy
Your privacy matters to us. This policy explains how Tanta Innovative Limited collects, uses, and protects your personal information.
Last updated: April 1, 2025
1. Introduction
Tanta Innovative Limited ("Tanta," "we," "our," or "us") is a technology consulting firm registered in Nigeria and a subsidiary of Jyv Tech LLC (United States). We are committed to protecting the privacy and personal data of our clients, website visitors, and any other individuals whose information we process.
This Privacy Policy describes our practices regarding the collection, use, storage, and disclosure of personal data in accordance with the Nigeria Data Protection Regulation (NDPR) 2019 issued by the National Information Technology Development Agency (NITDA), and other applicable data protection laws.
By visiting our website at tantainnovatives.com or engaging our services, you acknowledge that you have read and understood this policy.
2. Information We Collect
We collect personal data only to the extent necessary to deliver our services and improve your experience. The categories of information we may collect include:
Information You Provide Directly
- •Full name, email address, phone number, and company name when you contact us, request a quote, or engage our services
- •Business requirements, project briefs, and correspondence shared with our team
- •Billing and payment details (processed securely through third-party payment processors)
- •Account credentials if you access any client portal or platform we operate
Information Collected Automatically
- •IP address, browser type, device identifiers, and operating system
- •Pages visited, referral URLs, time spent on pages, and click patterns
- •Cookies and similar tracking technologies (see our Cookie Policy for details)
Information from Third Parties
- •Publicly available business information when evaluating prospective clients
- •Referral information from partners or third-party directories
3. How We Use Your Information
We process personal data on lawful grounds as required by the NDPR. We use the information we collect to:
- 1Respond to enquiries, provide quotes, and deliver the services you have requested
- 2Manage our contractual relationship with you, including invoicing and project management
- 3Communicate important updates, service changes, and security notifications
- 4Improve our website, offerings, and user experience through analytics
- 5Send marketing communications where you have consented or where we have a legitimate interest
- 6Comply with legal obligations under Nigerian law and applicable regulations
- 7Detect, investigate, and prevent fraudulent or unauthorised activity
- 8Conduct internal research, business analysis, and reporting
4. Data Storage & Security
We store personal data on secure servers maintained by reputable cloud infrastructure providers. Where data is transferred outside Nigeria — including to our parent company Jyv Tech LLC in the United States — we ensure that appropriate safeguards are in place in line with NDPR requirements.
We implement technical and organisational measures to protect your data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:
- •TLS/SSL encryption for all data in transit
- •Encryption of sensitive data at rest
- •Role-based access controls limiting data access to authorised personnel
- •Regular security assessments and staff data protection training
- •Incident response procedures aligned with NDPR breach notification requirements
Despite these measures, no method of transmission over the internet is completely secure. We cannot guarantee absolute security, but we are committed to using industry-standard safeguards.
5. Disclosure to Third Parties
We do not sell, rent, or trade your personal data. We may share your information only in the following circumstances:
Service Providers & Sub-processors
Trusted third parties who assist us in operating our business — such as cloud hosting providers, payment processors, CRM platforms, and email delivery services. All such parties are bound by data processing agreements and are required to handle data in compliance with the NDPR.
Group Companies
Jyv Tech LLC (our parent company) and other group entities, strictly for internal business purposes and only with appropriate safeguards in place.
Legal & Regulatory Obligations
Where required by Nigerian law, a court order, or a regulatory authority such as NITDA, we may disclose personal data to comply with such obligations.
Business Transfers
In the event of a merger, acquisition, or sale of all or part of our business, personal data may be transferred to the relevant third party, subject to equivalent privacy protections.
7. Data Retention
We retain personal data only for as long as is necessary to fulfil the purpose for which it was collected or as required by applicable law.
- •Client project and contract data: retained for a minimum of 6 years from the end of the engagement, in line with Nigerian commercial law requirements
- •Marketing contact data: retained until you withdraw consent or opt out
- •Website analytics data: retained for up to 26 months
- •Support enquiries and correspondence: retained for up to 3 years
When data is no longer needed, we securely delete or anonymise it.
8. Your Data Rights (NDPR)
Under the Nigeria Data Protection Regulation, you have the following rights with respect to your personal data:
Right of Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your data where there is no legitimate reason to retain it.
Right to Restrict Processing
Request that we limit how we use your data in certain circumstances.
Right to Data Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests, including direct marketing.
Right to Withdraw Consent
Withdraw consent at any time where processing is consent-based.
Right to Lodge a Complaint
File a complaint with NITDA or another relevant supervisory authority.
To exercise any of these rights, please contact our Data Protection Officer at hello@tantainnovatives.com. We will respond to your request within 30 days.
9. Children's Privacy
Our services are intended for businesses and individuals aged 18 and above. We do not knowingly collect personal data from children under the age of 18. If you believe we have inadvertently collected such data, please contact us immediately and we will take steps to delete it.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The revised policy will be published on this page with an updated "Last updated" date.
We encourage you to review this policy periodically. For material changes, we will provide a more prominent notice (such as an email notification to clients).
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:
