FlexiCommerce
Legal

Privacy Policy

Last updated: February 20, 2026

1 Introduction

FlexiCommerce Nigeria ("FlexiCommerce", "we", "us"), operated by Ujjwal Technolabs, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website ng.flexicommerce.store or use our SaaS ecommerce platform.

This policy is compliant with the Nigeria Data Protection Regulation (NDPR) and enforced by the Nigeria Data Protection Commission (NDPC) of Nigeria.

By using our services, you consent to the data practices described in this policy.

2 Information We Collect

a) Information You Provide Directly

  • Account Information — Name, email address, phone number, business name when you sign up or make a purchase.
  • Payment Information — Payment details processed securely through Paystack. We do not store your card numbers or payment credentials on our servers.
  • Business Data — Products, categories, orders, customer details, and other business content you add through the admin dashboard.
  • Communication Data — Messages sent via WhatsApp, email, or contact forms.

b) Information Collected Automatically

  • Device Information — Browser type, operating system, device type, screen resolution.
  • Usage Data — Pages visited, time spent, click patterns, and navigation paths.
  • IP Address — For security, analytics, and approximate location identification.
  • Cookies — Session cookies, preference cookies, and analytics cookies (see Section 7).

c) Information from Third Parties

  • Paystack — Payment confirmation status and transaction IDs.
  • Local Couriers — Shipping status updates and tracking information.
  • Google Analytics — Anonymized website usage statistics.

3 How We Use Your Information

We use collected information to:

  • Provide and maintain our SaaS platform, including deploying your store, managing hosting, and delivering updates.
  • Process payments for plan purchases and monthly hosting fees via Paystack.
  • Communicate with you about your account, service updates, maintenance schedules, and support queries.
  • Improve our platform by analyzing usage patterns, identifying bugs, and enhancing features.
  • Ensure security by detecting fraud, unauthorized access, and platform abuse.
  • Legal compliance to meet obligations under the Nigeria Data Protection Regulation (NDPR), Nigerian Cybercrimes Act 2015, and applicable Indian law, including VAT and data protection compliance.
  • Send updates about new features, platform improvements, and relevant offers (you can opt out anytime).

4 Data Sharing & Disclosure

We do not sell your personal data to any third party. We may share information only in these cases:

  • Service Providers — Paystack (payments), local couriers (shipping), cloud hosting providers, and CDN services necessary to operate your store.
  • Legal Requirements — When required by applicable law, court order, or government authority in India or Nigeria, including the Nigeria Data Protection Commission (NDPC).
  • Business Transfers — In the event of a merger, acquisition, or asset sale, user data may be transferred with prior notice.
  • With Your Consent — When you explicitly authorize sharing for specific purposes.

We never share your business data (products, orders, customer lists) with competitors or for advertising purposes.

5 Data Security

We implement industry-standard security measures to protect your data:

  • SSL/TLS Encryption — All data transmitted between your browser and our servers is encrypted.
  • Managed Cloud Hosting — Servers with firewalls, intrusion detection, and regular security patches.
  • Daily Backups — Automated daily backups with secure off-site storage.
  • Cloudflare CDN & DDoS Protection — Protection against distributed denial-of-service attacks.
  • Access Control — Role-based access controls on admin dashboard and internal systems.
  • Payment Security — All payment processing handled by PCI-DSS compliant Paystack. We never store card details.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6 Data Retention

  • Active accounts — Data is retained for as long as your account is active and hosting is paid.
  • Inactive accounts — If hosting fees are unpaid, data is retained for 30 days after suspension. After 30 days, data is permanently deleted.
  • Transaction records — Payment records are retained for 7 years as required by applicable tax laws.
  • Analytics data — Aggregated, anonymized analytics data may be retained indefinitely for platform improvement.
  • Communication records — Support conversations and emails are retained for 2 years.

7 Cookies & Tracking

We use cookies and similar technologies for:

Cookie Type Purpose Duration
EssentialSession management, security, CSRF protectionSession
AnalyticsGoogle Analytics — page views, traffic sources2 years
PreferenceLanguage, theme, and UI preferences1 year
ChatChatwoot widget — support conversation stateSession

You can control cookies through your browser settings. Disabling essential cookies may affect platform functionality.

8 Your Rights

Under the Nigeria Data Protection Regulation (NDPR) and regulations enforced by the Nigeria Data Protection Commission (NDPC), you have the right to:

  • Access — Request a copy of the personal data we hold about you.
  • Correction — Request correction of inaccurate or incomplete data.
  • Data Export — Export your business data (products, orders, customers) from the admin dashboard.
  • Deletion — Request deletion of your personal data (subject to legal retention requirements).
  • Opt-out — Unsubscribe from marketing communications at any time.
  • Withdraw Consent — Withdraw consent for data processing where consent is the legal basis.
  • File a Complaint — You may file a complaint with the Nigeria Data Protection Commission (NDPC) if you believe your data privacy rights have been violated.

To exercise any of these rights, contact us via WhatsApp or email. We will respond within 30 days.

9 Third-Party Links & Services

Our platform may contain links to or integrate with third-party services (Paystack, local couriers, Google, etc.). We are not responsible for the privacy practices of these third parties. We encourage you to review their respective privacy policies.

10 Children's Privacy

FlexiCommerce is a business-to-business (B2B) SaaS platform intended for use by businesses and individuals aged 18 and above. We do not knowingly collect personal data from children under 18. If we discover such data has been collected, we will delete it immediately.

11 Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically. Continued use of the platform after changes constitutes acceptance.

12 Contact Us

For privacy-related questions or data requests:

WhatsApp
+91 95752 62930
Email
hello@flexicommerce.store

Data Controller: Ujjwal Technolabs, Indore, Madhya Pradesh, India