Megatrust Tecnologies

Privacy Policy

Last updated: 9 May 2026

Effective: 09 May 2026

Megatrust Technologies Limited (“Megatrust”, “we”, “us”, “our”) is committed to protecting the privacy of every person who visits our website, contacts our team, or engages our software, design, marketing, security, AI, cloud, e-commerce, SEO, mobile, or content services.

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, who we share it with, how long we keep it, and the rights you have under applicable data protection laws — including the Nigeria Data Protection Act (NDPA) 2023, the EU General Data Protection Regulation (GDPR), and the UK Data Protection Act 2018.

1. Who we are

Megatrust Technologies Limited is a software, design, branding, marketing, security, data, AI automation, cloud / DevOps, e-commerce, SEO, mobile, and content agency, with operations in Lagos, Nigeria · London, United Kingdom. For privacy enquiries, contact our Data Protection lead at [email protected].

2. Information we collect

  • Identity & contact data — name, email, phone, company, role — when you submit a contact form, request a quote, or sign up for an account.
  • Billing & invoicing data — billing address, tax ID, currency, payment references — for engaged clients only.
  • Authentication data — hashed credentials, session tokens, passkeys (WebAuthn).
  • Project data — content you upload, share, or generate while using our platform or working with us.
  • Technical data — IP address, browser, device, referrer, page-view events, performance and error telemetry.
  • Communication data — emails, chat transcripts, recorded meetings (only with consent), and support tickets.
  • Marketing data — newsletter subscriptions, campaign opens/clicks (only when you have given consent or have a legitimate-interest relationship with us).

3. Lawful bases for processing

We rely on one of the following lawful bases for each processing activity:

  • Contract — to deliver the services you have engaged us for.
  • Consent — for newsletters, optional analytics, or anything where you have explicitly opted in.
  • Legitimate interests — to operate, secure, and improve our services, prevent fraud, and respond to enquiries.
  • Legal obligation — to comply with tax, accounting, anti-money-laundering, and reporting laws.

4. How we use your data

  • To deliver software, design, marketing, security, AI, cloud, e-commerce, SEO, mobile, and content services you engage us for.
  • To create accounts, raise invoices, accept payments via Paystack, Flutterwave, Stripe, PayPal, CryptoCloud, or direct bank transfer, and issue receipts.
  • To send transactional notifications (account, invoice, receipt, proposal, project, support) by email, SMS, or WhatsApp.
  • To send marketing campaigns where you have opted in, with one-click unsubscribe at the bottom of every email.
  • To respond to contact-form submissions, hire-us enquiries, and support requests.
  • To monitor service performance, debug issues, and improve UX.
  • To meet legal, tax, and regulatory obligations in the jurisdictions where we operate.

5. Sharing & third-party processors

We do not sell your personal data. We share it only with vetted processors who help us deliver our services, under contracts that bind them to confidentiality and security:

  • Cloud infrastructure — AWS (eu-west-1, eu-west-2), Cloudflare, Vercel.
  • Email delivery & tracking — Amazon SES + SNS, with bounce / complaint / open / click tracking.
  • Payments — Paystack, Flutterwave, Stripe, PayPal, CryptoCloud (only the data the gateway needs to settle the transaction).
  • SMS / WhatsApp — SmartSMSSolutions, BulkSMSNigeria, Termii, Africa's Talking, Twilio, or our integrated WhatsApp Business provider.
  • Analytics — first-party page-view analytics; we do not use Google Analytics or any cross-site tracker by default.
  • AI providers — only when you explicitly use our AI proposal / content generation features (DeepSeek, OpenAI, Google Gemini, or Anthropic).

6. International transfers

We may transfer your data outside Nigeria, the UK, or the EEA when our processors are based abroad. In every such case, we rely on standard contractual clauses, adequacy decisions, or equivalent safeguards.

7. Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, comply with our legal obligations, or resolve disputes. Typical retention windows:

  • Contact-form submissions — 24 months.
  • Customer accounts — for the lifetime of the account, plus 7 years after closure for tax records.
  • Marketing data — until you unsubscribe, then 90 days for suppression-list integrity.
  • Server logs — 90 days, anonymised after 30.

8. Your rights

Subject to applicable law, you have the right to:

  • access the personal data we hold about you;
  • correct inaccurate or incomplete data;
  • request deletion (the "right to be forgotten");
  • restrict or object to processing;
  • data portability;
  • withdraw consent at any time;
  • lodge a complaint with the Nigeria Data Protection Commission (NDPC), the UK ICO, or your local supervisory authority.

To exercise any of these rights, email [email protected]. We respond within 30 days.

9. Security

We protect your data with industry-standard controls: TLS 1.2+ in transit, AES-256 at rest, hashed-and-salted credentials (Argon2id), passkey / WebAuthn support, role-based access control, audit logging, MFA for all admin accounts, and least-privilege production access.

10. Children

Our services are intended for businesses and adults. We do not knowingly collect data from children under 16. If you believe we have, contact us and we will delete it.

11. Changes to this policy

We may update this policy as our services evolve or the law changes. The "Effective" date at the top reflects the most recent revision. Material changes will be announced on the website and (for active customers) by email.

12. Contact

Megatrust Technologies Limited
Lagos, Nigeria · London, United Kingdom
Email: [email protected]