Privacy Policy

Last updated: May 21, 2026

Effective Date: May 21, 2026

Version 2.2 (Full Compliance)

Download a copy of the Privacy Policy for your records.

Download PDF

1. Introduction & Scope

At Navia Ride Tech Limited ("Navia Ride", "we", "us", or "our"), we value your trust and are dedicated to protecting your privacy. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your information when you use our mobile application, website, and related services (collectively, the "Platform").

This Policy applies to all users of our services, including passengers, drivers, and visitors. By using the Platform, you agree to the collection and use of information in accordance with this Policy. We have designed this document to be transparent and compliant with the **Nigeria Data Protection Act (NDPA) 2023** and other applicable data protection regulations. We ensure that our data processing activities are conducted with the highest regard for the rights and freedoms of the Data Subjects.

Under the NDPA 2023, Navia Ride acts as the **Data Controller** for the personal information processed through our platform. This means we determine the purposes and means of processing your data, ensuring that every byte of information we handle is treated with professional care and in accordance with legal requirements.

2. Definitions

Personal Data: Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

Data Subject: Any living individual who is the subject of personal data and who is using our Platform.

Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data Controller: The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

3. Detailed Information Collection

We collect several types of information from and about users of our Platform, including:

A. Personal Identification Information

During account creation and verification, we collect a variety of identifying data to ensure a secure environment:

  • Registration Data: Full name, date of birth, gender, nationality, and profile photograph. This information is used to build your profile and verify your identity.
  • Contact Data: Email address, physical address, and verified mobile phone number. These are essential for account management, service updates, and communication between users.
  • Government Identifiers: National Identification Number (NIN), Bank Verification Number (BVN), and Driver's License numbers (for Drivers). We process these sensitive identifiers specifically for identity verification, fraud prevention, and compliance with Nigerian law.
  • Emergency Contacts: Name and contact details of individuals you designate. This data is only accessed in critical situations involving your safety.

B. Vehicle & Professional Data (Drivers Only)

To maintain platform safety and quality, we collect extensive data regarding our driver partners:

  • Vehicle Details: Make, model, year, color, license plate number, and high-resolution images of the vehicle. This helps passengers identify their ride.
  • Compliance Docs: Digital copies of vehicle insurance policies, roadworthiness certificates, and any required commercial permits from state authorities.
  • Driving History: Information regarding professional driving experience and any relevant background checks performed by third-party verification partners.

C. Automated & Technical Data

When you access our Platform, we automatically collect metadata and technical logs:

  • Precise Geolocation: We collect real-time GPS coordinates to facilitate ride matching, provide navigation, and ensure safety monitoring. This may include background location data if permitted by your device settings.
  • Log Data: Detailed server logs including IP addresses, browser types, referral URLs, pages visited, and timestamps of every interaction.
  • Device Info: Unique device identifiers (IMEI/UUID), mobile network provider, hardware model, and operating system version.
  • Usage Patterns: We use internal tools and third-party services to analyze how you navigate the app, which features you use most, and any technical errors or crashes you encounter.

D. Transactional & Financial Data

We facilitate payments through secure third-party processors like **Paystack**:

  • Payment Metadata: While Navia Ride does not store full credit card numbers, we store transaction IDs, amount charged, currency, and payment method types for reconciliation and dispute resolution.
  • Ride History: Comprehensive records of every trip, including pickup/drop-off addresses, distance traveled, duration, and a complete breakdown of the fare components (service fees, taxes, and cost-sharing amounts).

4. Comprehensive Purposes of Processing

We process your data for the following extensive purposes:

Operational Excellence

To provide the core carpooling experience, including route optimization, fare calculation, and seamless communication between drivers and passengers. We use data to ensure that your experience is as efficient as possible.

Safety & Integrity

To maintain a safe community. This involves identity verification, vehicle inspections, and monitoring for suspicious account activity. We use location data to provide real-time trip sharing with emergency contacts.

Regulatory Compliance

To comply with the strict requirements of Nigerian authorities. This includes maintaining financial records for **FIRS** tax audits and conducting KYC checks to prevent financial crimes monitored by the **EFCC**.

Platform Enhancement

To perform data analysis and research. We aggregate user feedback and technical logs to fix bugs, design new features, and personalize your experience based on past behavior.

5. Cookies & Advanced Tracking

Navia Ride uses cookies and similar tracking technologies to enhance your digital experience and collect usage metrics. Cookies are small data files stored on your device that help us remember your preferences and understand how you interact with our web-based interfaces.

Essential & Functional Cookies

These are strictly necessary for the operation of our website and app. They enable basic functions like page navigation, secure area access, and session management. The Platform cannot function properly without these cookies.

Analytics & Performance Cookies

We use services such as **Vercel Analytics** and **Google Analytics** to collect information about how visitors use our site. This helps us improve the way our Platform works, for example, by ensuring that users find what they are looking for easily.

Marketing & Targeting Cookies

These cookies may be used to deliver advertisements that are more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of advertising campaigns.

You have the right to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Note that disabling cookies may limit your ability to use certain features of the Navia Ride Platform.

6. Data Sharing & Third-Party Disclosures

We maintain a strict policy against selling your personal data. However, sharing is necessary for service delivery and legal compliance:

  • User Interoperability: When you request or accept a ride, we share your first name, rating, and location with the other party to facilitate the meeting and trip.
  • Trusted Service Providers: We work with carefully selected partners for cloud hosting (AWS/Google Cloud), identity verification (YouVerify), and payment processing (Paystack). Each partner is bound by confidentiality agreements.
  • Law Enforcement & Public Safety: We will disclose your data to relevant Nigerian authorities (including the Police, EFCC, and State Security Services) only when presented with a valid legal warrant or in extreme cases of public safety.
  • Regulatory Bodies: We share transactional records with the Federal Inland Revenue Service (**FIRS**) to ensure proper tax reporting and transparency.
  • Corporate Restructuring: If Navia Ride is involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different Privacy Policy.

7. Data Retention & Archiving

We retain personal data only for as long as it is necessary for the purposes set out in this Privacy Policy. We maintain a detailed data retention schedule to ensure that we do not keep data longer than required by law or business necessity.

Account Lifecycle

Data is retained for the entire duration of your active account. Upon closure, we archive it for a period of 2 years to resolve any pending disputes.

Financial Compliance

Under Nigerian tax laws, all transactional data and associated invoices are retained for exactly **7 years** for FIRS audits.

Safety Records

Identity verification logs and driver background checks are kept for 5 years after account termination to assist law enforcement if needed.

Technical Logs

Server logs and technical diagnostic data are typically anonymized or purged within 180 days of collection.

8. Data Security & Technical Protection

Navia Ride employs industry-standard technical and organizational measures to protect your personal data against unauthorized access, loss, or alteration. Our security framework includes:

  • Encryption: All data in transit is protected using Transport Layer Security (TLS/SSL). Sensitive data at rest (like NIN or BVN) is encrypted using AES-256 standards.
  • Access Control: We implement strict Role-Based Access Control (RBAC). Only authorized employees with a legitimate business "need to know" can access user information.
  • Security Audits: We conduct periodic internal and external security audits and vulnerability scans to identify and remediate potential threats.
  • Anonymization: Where possible, we use data masking and anonymization techniques for our analytics and platform improvement research.

While we strive for perfect security, no system is infallible. We have established an Incident Response Plan to handle any suspected data breach and will notify you and the relevant regulatory authorities as required by the NDPA 2023.

9. Your Rights as a Data Subject

As a Data Subject under the Nigeria Data Protection Act, you possess powerful rights that we fully respect and facilitate:

01

Right to Access & Portability

You can request a digital copy of all personal data we hold about you. You can also request that we transfer this data directly to another service provider in a machine-readable format.

02

Right to Rectification

If your data is inaccurate, outdated, or incomplete, you can update it via your profile settings or by contacting our support team for a manual correction.

03

Right to Erasure (Deletion)

You can request the permanent deletion of your account and associated data. Note that we may be legally required to retain certain information (like tax records) even after a deletion request.

04

Right to Object & Restrict

You have the right to object to our processing of your data for direct marketing or restrict processing while we investigate a dispute regarding the accuracy of your information.

To exercise any of these rights, please send an email to **privacy@naviaride.space** with the subject line "Data Rights Request". We may need to verify your identity before processing your request.

10. International Data Transfers

Navia Ride uses cloud infrastructure that may be located outside the Federal Republic of Nigeria (e.g., in the US or EU). When we transfer your data across borders, we ensure that the destination country provides an adequate level of data protection or that we have implemented appropriate safeguards, such as Standard Contractual Clauses (SCCs), to protect your privacy rights.

11. Children's Privacy Protection

Our Platform is strictly intended for individuals aged **18 years and older**. We do not knowingly collect personal data from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we discover that we have collected personal data from a minor without verification of parental consent, we will take immediate steps to remove that information from our servers.

12. Changes to this Policy

We may update our Privacy Policy periodically to reflect changes in our practices or the regulatory landscape. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top. We encourage you to review this Policy frequently to stay informed about how we are protecting your information.

13. Legal Contact & Complaints

If you have concerns about our data practices or wish to lodge a formal complaint, please contact our Legal Department. You also have the right to lodge a complaint with the **Nigeria Data Protection Commission (NDPC)** if you believe your rights have been violated.

Office Address

Navia Ride Tech Limited
Kuje, Abuja, Nigeria

Support Phone

+234 904 324 9861