← Back to Home

Privacy Policy

Last Updated: February 21, 2026

Effective Date: February 21, 2026

1. Introduction

Boyasa Digital Limited ("Boyasa," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, share, and protect your personal information when you use the Boyasa platform.

We operate as the data controller for personal data processed through our Platform.

2. Information We Collect

Personal Information

  • Name, email address, phone number
  • Profile photo and date of birth
  • Government-issued ID (for drivers/riders)
  • Payment information (processed securely by our payment partners)
  • Physical address

Location Data

  • Real-time GPS location during active trips (customers and drivers)
  • Pickup and dropoff locations
  • Route tracking data

Usage Data

  • App usage patterns and feature interactions
  • Device information (model, operating system, IP address)
  • Log data and crash reports

Transaction Data

  • Order history and payment records
  • Driver and business earnings
  • Wallet transactions

3. How We Use Your Information

  • Service Delivery: Match customers with drivers, process bookings and payments, provide customer support.
  • Safety and Security: Verify user identity, conduct background checks, detect fraud.
  • Personalization: Customize your experience and recommend services.
  • Analytics: Analyze usage patterns to improve our platform.
  • Marketing: Send promotional offers and updates (with your consent).
  • Legal Compliance: Comply with applicable laws and respond to legal requests.

4. How We Share Your Information

We share your information only as described below:

  • With Other Users: Customer name and photo with assigned driver, driver details with customer, trip locations.
  • With Service Providers: Payment processors (Paystack, Flutterwave), cloud hosting providers, analytics services.
  • For Legal Reasons: Law enforcement requests, court orders, legal disputes, safety incidents.
  • With Your Consent: Any other sharing requires your explicit consent.

We do not sell your personal data to third parties for marketing purposes.

5. Data Retention

  • Active account data: Retained while your account is active.
  • Inactive accounts: Deleted after 3 years of inactivity.
  • Transaction records: Retained for 7 years (legal/tax requirements).
  • Chat messages: Retained for 1 year.
  • Location data: Deleted 30 days after trip completion.

You may request deletion of your account and personal data at any time (subject to legal retention requirements).

6. Your Rights

Under GDPR, NDPR, and applicable local laws, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion ("right to be forgotten")
  • Data portability
  • Object to processing
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise these rights, email us at [email protected] or use the in-app privacy settings. We will respond within 30 days.

7. Data Security

We protect your data using industry-standard security measures including SSL/TLS encryption in transit, encryption at rest, access controls, regular security audits, and employee security training.

In the event of a data breach affecting your rights and freedoms, we will notify you within 72 hours as required by applicable law.

8. Children's Privacy

Our Platform is not intended for users under 18 years of age. We do not knowingly collect personal data from minors. If we discover we have collected data from a minor, we will delete it promptly.

9. International Data Transfers

Your data may be processed in countries where our service providers operate. We ensure adequate protection through standard contractual clauses and compliance with applicable local laws.

10. Cookies and Tracking

We use essential cookies (required for platform operation), analytics cookies (to understand usage), and marketing cookies (with your consent). You can control cookie preferences through your browser settings or our cookie consent manager.

11. Third-Party Links

Our Platform may contain links to third-party websites. We are not responsible for the privacy practices of those websites. Please review their privacy policies independently.

12. Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notification. Continued use of the Platform after changes take effect constitutes acceptance.

13. Country-Specific Information

Nigeria: We comply with the Nigerian Data Protection Regulation (NDPR) administered by NITDA. Our data processing activities are registered with the relevant authorities.

Ghana: We comply with the Ghana Data Protection Act (Act 843) and are registered with the Data Protection Commission.

Kenya: We comply with the Kenya Data Protection Act 2019 and are registered with the Office of the Data Protection Commissioner.

14. Contact Us

For privacy-related inquiries, contact our Data Protection Officer: