Privacy Policy

Navioo Ltd (“Navioo Ltd”, “we”, “us”, or “our”) operates the Navio ride-hailing platform in Nigeria. We respect your privacy and are committed to protecting personal data in line with applicable Nigerian law, including the Nigeria Data Protection Act 2023 (“NDPA”) and regulations issued by the Nigeria Data Protection Commission (“NDPC”).

This Privacy Policy explains what information we collect when you use our websites, mobile applications, or related services (together, the “Services”), how we use it, who we share it with, and the choices available to you.

This policy applies to riders, prospective riders, drivers and delivery partners (where applicable), fleet operators, corporate account administrators, and visitors to our websites. Separate terms may govern driver or partner relationships; where there is a conflict, the more specific notice or contract applies to that relationship.

Account and identity data

Name, phone number, email address, photograph where provided, government identification details where required for regulatory onboarding (such as driver licensing or Know Your Customer checks), corporate billing contacts for Navio Business accounts, and authentication credentials.

Trip and logistics data

Pick-up and drop-off addresses or zones, route history, timestamps, fare calculations, cancellations, ratings and feedback, vehicle category selected, promotional codes applied, and support ticket contents.

Payment data

Payment method type (for example card or wallet), transaction references, billing amounts in Nigerian Naira, chargeback or refund records. Card processing is typically performed by regulated payment partners; we do not store full payment card numbers on our servers where tokenization is used.

Device and technical data

Device type, operating system, app version, IP address, approximate location derived from GPS or network signals (with permissions you grant), diagnostic logs, and cookies or similar technologies on our websites.

Communications

Messages you send through in-app chat, SMS or email correspondence with support, recorded calls where legally permitted and disclosed to you, and survey responses.

Safety-related data

Reports of incidents, emergency sensor events where enabled, audio or trip recordings where expressly authorised under applicable law and our product notices, and fraud-prevention signals.

• To create and administer accounts and authenticate users.
• To match riders with drivers, calculate fares, optimise ETA estimates, and improve routing.
• To process payments, invoices, commissions, incentives, and partner payouts.
• To verify eligibility, comply with transport regulations, tax obligations, and lawful requests.
• To detect, investigate, and prevent fraud, abuse, and security incidents.
• To provide customer support and resolve disputes.
• To send service notices, updates to legal terms, and (where permitted) marketing communications.
• To conduct analytics and product improvement using aggregated or de-identified data where appropriate.
• To exercise legal rights or defend claims.

Depending on the processing activity, we rely on one or more of the following: performance of a contract with you; compliance with legal obligations; consent where required (for example optional marketing); and legitimate interests that are not overridden by your rights (such as platform integrity and analytics with appropriate safeguards).

We share personal data only where necessary and subject to contractual safeguards. Categories of recipients may include:

• Drivers and riders: limited trip details needed to complete a booking safely.
• Service providers: hosting, analytics, communications, payments, identity verification, insurance partners where relevant.
• Corporate clients: trip reporting authorised under your employer’s Navio Business agreement.
• Authorities: regulators, law enforcement, or courts where required by Nigerian law or legitimate legal process.
• Professional advisers: auditors, lawyers, or insurers under confidentiality obligations.
• Business transfers: a successor entity in a merger or acquisition, subject to this Policy or equivalent protections.

Where personal data is transferred outside Nigeria, we implement safeguards permitted under the NDPA, such as adequacy assessments, standard contractual clauses, or your explicit consent where appropriate.

We retain data only as long as necessary for the purposes described, including statutory retention periods for financial and regulatory records under Nigerian law. Trip and payment records may be kept for several years where tax or transport regulations require. Marketing consent logs are retained to demonstrate compliance. When retention expires, we delete or irreversibly anonymise data except where archival retention is mandated.

We implement administrative, technical, and organisational measures appropriate to the sensitivity of the data (including encryption in transit where applicable, access controls, monitoring, and staff training). No method of transmission over the Internet is completely secure; please protect your credentials and notify us promptly of suspected unauthorised access.

Subject to applicable exceptions, you may have the right to request access to your personal data, correction of inaccuracies, deletion where lawful, restriction of processing, data portability where technically feasible, objection to certain processing, and withdrawal of consent without affecting prior lawful processing.

To exercise these rights, contact us at privacy@naviorides.com. We may request information to verify your identity before fulfilling requests.

If you believe we have violated Nigerian data protection law, you may lodge a complaint with the NDPC in addition to contacting us directly so we can seek to resolve the matter.

Our websites and apps may use cookies, pixels, local storage, and SDKs to remember preferences, maintain sessions, measure performance, and prevent fraud. You can manage cookie preferences through your browser; disabling essential cookies may affect functionality.

The Services are not directed at persons under eighteen (18). We do not knowingly collect personal data from children without parental consent where required. If you become aware that a minor has provided data to us, please contact us and we will take appropriate steps.

Certain fraud-prevention or pricing adjustments may involve automated processing. Where a decision produces legal or similarly significant effects solely by automated means, we will provide meaningful information and human review avenues as required by law.

We may update this Privacy Policy from time to time. Material changes will be communicated through the app, email, or our website with a revised “Last updated” date. Continued use after notice constitutes acceptance where permitted by law.

Data controller: Navioo Ltd (operator of Navio) in Nigeria.

Privacy inquiries: privacy@naviorides.com

General support: support@naviorides.com