Privacy Policy

Effective date: March 28, 2026

Last updated: March 28, 2026

Table of Contents

  1. Who We Are (Data Controller)
  2. Scope of This Policy
  3. Data We Collect
  4. Lawful Basis for Processing
  5. How We Use Your Data
  6. Who We Share Data With (Sub-Processors)
  7. International Data Transfers
  8. Data Retention Schedule
  9. Your Rights
  10. Cookies and Tracking
  11. Security Measures
  12. Children's Privacy
  13. Data Breach Notification
  14. Data Processing Agreement
  15. Changes to This Policy
  16. Contact Us

MoniePilot ("MoniePilot", "we", "us", "our") takes your privacy seriously. This Privacy Policy describes how we collect, use, store, transfer, and protect your personal data when you use the MoniePilot platform ("Service"). It also describes the rights you have regarding your personal data and how to exercise them.

This policy applies to: (1) subscribers and Account owners of the MoniePilot platform; (2) Authorised Users invited to access an Account; (3) visitors to our marketing website at moniepilot.com; and (4) individuals whose personal data is processed within the Service by our customers (e.g., a business's customers or employees whose data is stored in MoniePilot).

By using the Service, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are (Data Controller)

For the purposes of applicable data protection law — including the Nigeria Data Protection Act 2023 ("NDPA"), the Nigeria Data Protection Regulation ("NDPR"), and, where applicable, the EU General Data Protection Regulation ("GDPR") and similar laws — the data controller in respect of your personal data is:

Company: MoniePilot

Address: Nigeria

Privacy contact: privacy@moniepilot.com

Where MoniePilot processes personal data on behalf of a business customer — for example, when that customer stores their own customers' or employees' data within the Service — MoniePilot acts as a data processor and the business customer is the data controller for that data. In such cases, our Data Processing Agreement (see Section 14) governs the processing.

2. Scope of This Policy

This policy applies to personal data collected and processed in connection with the Service. It does not apply to third-party websites or services that may be linked to from our Service. We are not responsible for the privacy practices of those third parties and encourage you to review their policies.

If you are a business using MoniePilot to manage your customers' or employees' data, you are responsible for ensuring that you have a lawful basis for sharing that data with us and for providing any required notices to the individuals concerned.

3. Data We Collect

We collect the following categories of personal data:

3.1 Account and Identity Data

Collected when you register or manage your Account.

  • Full name
  • Email address
  • Password (stored as a bcrypt hash — never in plain text)
  • Profile photo (if provided via Google OAuth)
  • Google account identifier (if you sign in with Google)
  • Account creation date and last login timestamp

3.2 Organisation Data

Collected when you set up or manage your Organisation.

  • Organisation / business name
  • Business logo (uploaded image)
  • Business address and contact details
  • Subscription plan and billing status
  • Organisation creation date
  • Module activation settings

3.3 Business Data (Customer-Controlled)

This is the data you input into the platform to run your business. You are the data controller for this data; we process it on your behalf. It may include:

  • Transaction records: Point-of-sale transactions, order details, amounts, payment methods, and timestamps.
  • Customer records: Names, phone numbers, email addresses, purchase history, and loyalty programme participation.
  • Inventory records: Product names, SKUs, stock levels, cost prices, and supplier details.
  • Employee records: Staff names, roles, contact information, payroll information, and attendance records.
  • Financial records: Invoices, expense records, accounting ledger entries, and budget data.
  • CRM records: Leads, contacts, deals, and pipeline data.
  • Online store data: Product listings, delivery/pickup orders, customer delivery addresses, and fulfilment details.

3.4 Billing and Payment Data

  • Stripe Customer ID
  • Subscription status and plan tier
  • Billing history and invoice records
  • Last four digits of payment card (as returned by Stripe — we never receive or store full card numbers, CVVs, or bank account details)

3.5 Technical and Usage Data

Collected automatically when you access the Service.

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and features used within the Service
  • Timestamps of access and actions
  • Error and crash reports (via Sentry) — includes stack traces and the URL at which an error occurred
  • Session duration and activity patterns (used for the inactivity auto-logout feature)

3.6 Communications Data

  • Content of support requests or emails you send to us
  • Feedback or survey responses you provide

3.7 Data We Do Not Collect

We do not collect: government-issued identification numbers (except where required by law), biometric data, health or medical data, racial or ethnic origin data, political opinions, religious beliefs, or sexual orientation. If you inadvertently include such special-category data in your Business Data, you remain responsible as the data controller for ensuring you have a lawful basis for its processing.

4. Lawful Basis for Processing

We rely on the following lawful bases for processing your personal data:

Contract performanceProcessing of Account Data, Organisation Data, and Billing Data is necessary to enter into and perform our contract with you — i.e., to create your Account, provide the Service, and process payments.
Legitimate interestsProcessing of Technical and Usage Data for security monitoring, fraud prevention, service improvement, and product analytics. Our legitimate interests are to operate a secure, reliable platform. These interests are not overridden by your data protection interests.
Legal obligationWe may process or retain data to comply with applicable law, including tax, accounting, and anti-money laundering requirements.
ConsentWhere required by law (e.g., for certain cookies), we rely on your consent. You may withdraw consent at any time by contacting us.
Data processor (business data)For Business Data you submit on behalf of your customers and employees, we process the data on your instruction as a data processor. The lawful basis is determined by you as the data controller.

5. How We Use Your Data

Providing the ServiceTo create and manage your Account, authenticate your identity, enforce plan limits, display your Business Data, and enable collaboration with Authorised Users.
Payment processingTo charge you for your subscription through Stripe, manage upgrades/downgrades, and send billing receipts.
Transactional communicationsTo send account verification emails, password reset links, subscription receipts, trial expiry reminders, and important policy update notifications.
Security and fraud preventionTo detect, investigate, and prevent unauthorised access, abuse, fraud, and other security incidents. This includes monitoring for unusual login patterns and enforcing inactivity auto-logout.
Error monitoring and debuggingTo identify and resolve technical errors and crashes that affect the Service. Error reports sent to Sentry include stack traces and URL context but are scrubbed of sensitive Business Data where possible.
Service improvementTo analyse aggregated, anonymised usage patterns to understand how features are used and to prioritise product improvements. We do not use individual-level Business Data for this purpose.
Legal complianceTo comply with applicable laws, regulations, and lawful requests from government authorities, including responding to court orders and subpoenas.
AI featuresWhere you use AI-powered features (AI Insights, Forecast), your Business Data is processed in-context within your Account solely to generate the requested output. Your Business Data is never used to train AI models or shared with third-party AI providers in a way that allows them to use it for their own training.

What we will never do:

  • Sell your personal data or Business Data to third parties.
  • Use your Business Data to train AI or machine learning models for our benefit or any third party's benefit.
  • Share your data with advertisers or data brokers.
  • Allow one customer's data to be visible to or accessible by any other customer.

6. Who We Share Data With (Sub-Processors)

We share your personal data only with the third-party service providers listed below ("Sub-Processors") who help us operate the Service. Each Sub-Processor is engaged under a data processing agreement and is required to process personal data only in accordance with our instructions and applicable data protection law.

Sub-ProcessorPurposeData SharedLocationPrivacy Policy
Stripe, Inc.Payment processing and subscription managementEmail, billing details, payment method infoUSA (with EU adequacy)stripe.com/privacy
Vercel, Inc.Cloud hosting, CDN, and serverless function executionAll data transiting the platformUSA / Global edgevercel.com/legal/privacy-policy
Neon, Inc.Managed PostgreSQL database hostingAll Business Data, Account DataUSA (AWS us-east-1)neon.tech/privacy
Resend, Inc.Transactional email deliveryEmail address, email contentUSAresend.com/legal/privacy-policy
Sentry (Functional Software, Inc.)Error monitoring and crash reportingIP address, browser info, stack traces, URLUSAsentry.io/privacy
Google LLCOAuth 2.0 single sign-on (optional)Email address, name, Google profile IDUSA / Globalpolicies.google.com/privacy

We do not share your personal data with any other third party except: (a) with your explicit consent; (b) to comply with a legal obligation or court order; or (c) to protect the rights, property, or safety of MoniePilot, its users, or the public.

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity, subject to the same protections described in this policy. We will notify you of any such change via email or in-app notice.

7. International Data Transfers

MoniePilot is based in Nigeria. Our Sub-Processors operate primarily in the United States and, in some cases, globally distributed infrastructure. By using the Service, you acknowledge that your personal data may be transferred to and processed in countries outside of Nigeria, including the United States, which may not have data protection laws equivalent to those in your country.

Where we transfer personal data outside Nigeria or the European Economic Area ("EEA"), we implement appropriate safeguards to protect that data, including:

  • Entering into standard contractual clauses ("SCCs") approved by applicable data protection authorities with relevant Sub-Processors where required.
  • Using Sub-Processors that have certified under applicable data transfer frameworks (e.g., the EU-US Data Privacy Framework).
  • Ensuring contractual data processing protections are in place with all Sub-Processors.

For more information about the safeguards we have in place for international transfers, contact us at privacy@moniepilot.com.

8. Data Retention Schedule

We retain personal data for only as long as necessary for the purposes for which it was collected, or as required by applicable law. The following retention periods apply:

Data CategoryRetention PeriodReason
Account and Identity DataDuration of account + 30 days after deletionNecessary to provide the Service; 30-day grace period for account recovery
Business Data (transactions, customers, inventory, etc.)Duration of account + 30 days after account deletionData belongs to the customer; retained briefly for recovery
Employee and HR records (in HRM module)Duration of account + 30 daysCustomer-controlled; same as Business Data policy
Billing records and payment historyDuration of account + 7 yearsLegal and tax compliance obligations
Technical and usage logs (server logs, error reports)Up to 12 monthsSecurity monitoring, debugging, and service improvement
Email communication records (support tickets)Up to 3 yearsCustomer service quality and dispute resolution
Aggregated / anonymised analytics dataIndefinitelyNon-personal; cannot be used to identify individuals

When the retention period expires, we will securely delete or anonymise your personal data. In some cases, we may be required by law to retain data for longer than the periods specified above (e.g., financial records). We will inform you if this applies.

9. Your Rights

Depending on your location and applicable data protection law (including the NDPA, NDPR, GDPR, and similar legislation), you have the following rights regarding your personal data. To exercise any right, contact us at privacy@moniepilot.com. We will respond within thirty (30) days of a verifiable request. We may need to verify your identity before processing your request.

9.1 Right to Access

You have the right to request a copy of the personal data we hold about you, including information about how it is processed, where it is stored, and with whom it is shared. You may also access much of your Business Data directly through the in-app export features.

9.2 Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data we hold about you. You may update most Account Data directly within your Account Settings.

9.3 Right to Erasure ("Right to Be Forgotten")

You have the right to request deletion of your personal data when: (a) it is no longer necessary for the purposes for which it was collected; (b) you withdraw consent and there is no other lawful basis for processing; (c) you object to processing (see 9.5) and there are no overriding legitimate grounds; or (d) the data has been unlawfully processed. We may retain data where required by law or to defend legal claims.

9.4 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format (CSV) and to transfer it to another service. In-app CSV export features are available for all major data categories, including transactions, customers, inventory, and invoices.

9.5 Right to Object

You have the right to object to processing of your personal data where we rely on legitimate interests as our lawful basis. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, or where the processing is for the establishment, exercise, or defence of legal claims.

9.6 Right to Restrict Processing

You have the right to request that we restrict processing of your personal data in certain circumstances — for example, while you contest the accuracy of the data, or where you have objected to processing and we are considering your objection.

9.7 Right to Withdraw Consent

Where we rely on your consent as the lawful basis for processing, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

9.8 Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the relevant data protection supervisory authority. In Nigeria, the relevant authority is the Nigeria Data Protection Commission (NDPC) — ndpc.gov.ng. For EU residents, the relevant authority is your local Data Protection Authority.

9.9 California Residents (CCPA)

If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, and opt out of the sale of personal information. We do not sell personal information as defined under CCPA. To submit a CCPA request, contact us at privacy@moniepilot.com.

10. Cookies and Tracking

We use a minimal and purposeful set of cookies to operate the Service. We do not use advertising cookies, tracking pixels, or third-party behavioural analytics cookies.

Cookie NameTypePurposeDuration
next-auth.session-token / __Secure-next-auth.session-tokenStrictly NecessaryAuthenticates your logged-in session. Set by NextAuth.js. Without this cookie, you cannot use the Service.Session (expires on browser close or after period of inactivity)
next-auth.csrf-tokenStrictly NecessaryCross-site request forgery (CSRF) protection token. Ensures form submissions originate from our Service.Session
activeOrgIdFunctionalRemembers which Organisation is currently active when you manage multiple organisations under one account.30 days
next-auth.callback-urlFunctionalStores the URL to redirect you to after successful login.Session

Strictly Necessary cookies are required for the Service to function and cannot be disabled. Functional cookies enhance usability but can be disabled by adjusting your browser settings, though this may affect the Service experience. Most browsers allow you to view, delete, or block cookies via the browser settings menu.

We do not use Google Analytics, Facebook Pixel, Hotjar, Mixpanel, or similar third-party tracking technologies on the authenticated dashboard. If we use any analytics on our marketing website, it will be privacy-preserving and will not identify individual users.

11. Security Measures

We implement technical and organisational measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These include:

  • Encryption in transit: All connections to and from the Service use TLS 1.2+ encryption. HTTPS is enforced on all endpoints.
  • Encryption at rest: Data stored in our PostgreSQL database is encrypted at rest by the database provider (Neon).
  • Password hashing: User passwords are hashed using bcrypt with a per-user salt and are never stored or transmitted in plain text.
  • Multi-tenant data isolation: Every database query is scoped to your Organisation ID. It is architecturally impossible for one Organisation's data to be returned in another Organisation's query.
  • Session security: Session tokens are HTTP-only, Secure, and SameSite-protected cookies. Sessions automatically expire after 10 minutes of inactivity.
  • CSRF protection: All state-changing requests are protected against cross-site request forgery via token validation.
  • Security headers: All responses include a strict Content Security Policy, X-Frame-Options: DENY, X-Content-Type-Options: nosniff, and other protective headers.
  • Access controls: Internal access to production systems is restricted to authorised personnel only, on a need-to-know basis.
  • Error monitoring: Real-time error monitoring via Sentry enables rapid detection and response to security anomalies.

No security measure is 100% effective. While we take data security seriously, we cannot guarantee the absolute security of your data. In the event of a security incident affecting your data, we will notify you as described in Section 13.

12. Children's Privacy

The Service is not directed to, and we do not knowingly collect personal data from, children under the age of thirteen (13), or under the applicable minimum age of digital consent in your jurisdiction (which may be higher, e.g., 16 in certain EU member states).

If you are a parent or guardian and believe that a child has provided us with personal data without your consent, please contact us at privacy@moniepilot.com and we will take steps to delete such data promptly.

13. Data Breach Notification

13.1 Detection and Assessment. We maintain procedures for detecting, assessing, and documenting personal data breaches. Upon detection of a potential breach, our incident response team will assess the scope, nature, and likely risk to affected individuals.

13.2 Regulatory Notification. Where a personal data breach is likely to result in a risk to the rights and freedoms of natural persons, we will notify the relevant supervisory authority (e.g., the Nigeria Data Protection Commission, or an EU supervisory authority where applicable) within 72 hours of becoming aware of the breach, where feasible.

13.3 User Notification. Where a breach is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay by email to the address associated with your Account. The notification will describe the nature of the breach, the categories and approximate number of individuals and records affected, the likely consequences, and the measures taken or proposed to address the breach.

13.4 Reporting Suspected Breaches. If you discover or suspect a security vulnerability in the Service, please report it responsibly to privacy@moniepilot.com with a description of the vulnerability. We will investigate all reports promptly.

14. Data Processing Agreement (DPA)

Where you use MoniePilot to process personal data of third parties (such as your customers, employees, or suppliers) and applicable data protection law requires a formal Data Processing Agreement ("DPA") between us, you may request a copy of our standard DPA by emailing us at dpa@moniepilot.com.

Our DPA sets out the subject matter, duration, nature, and purpose of the processing, the types of personal data and categories of data subjects, as well as our obligations and rights as a data processor. The DPA includes the required Sub-Processor clauses and, where applicable, EU Standard Contractual Clauses.

15. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will post the updated policy on this page with a revised "Last updated" date.

For material changes — meaning changes that significantly affect your rights or the way we process your personal data — we will notify you by email to the address associated with your Account and/or by displaying a prominent notice within the Service, at least fourteen (14) days before the changes take effect.

Your continued use of the Service after the effective date of any updated Privacy Policy constitutes your acceptance of the changes. If you do not agree to the updated policy, you must stop using the Service and may request deletion of your data in accordance with Section 9.3.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Controller: MoniePilot

Address: Nigeria

Privacy inquiries: privacy@moniepilot.com

DPA requests: dpa@moniepilot.com

General support: support@moniepilot.com

Response time: We aim to acknowledge all privacy requests within 5 business days and resolve them within 30 days.

For complaints regarding our handling of your personal data, you also have the right to contact the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng, or, for EU/EEA residents, your local Data Protection Authority.