IAPPA

Privacy Policy

Effective Date: 2025

We respect your privacy and want you to understand how it collects, uses, and shares data about you. This Privacy Policy covers our data collection practices and describes your rights to access, correct, or restrict our use of your data. Unless linked to a different policy or otherwise, this Privacy Policy applies when you visit or use the IAPPA platform including the platform, APIs or related services (the “Services”).

By using the Services, you agree to the terms of this Privacy Policy. You may opt out of sthe Services if you don’t agree with this Privacy Policy or any other agreement that governs your use of the Services.

1. What Data is Collected

We collect certain data from you directly, like the information you enter personally, and data from third-party platforms. Some data is automatically collected when you log into our services, e.g. information about your device and what parts of our Services you interact with or spend time using.

1.1 Data You Provide to Us

Our systems collect various data types about you including company information. Below are some examples to help you better understand the data we collect.

When you create an account and use the Services, including through a third-party platform, we collect any data you provide directly, including

  1. Account Data: To use certain features, you are to register through the membership Portal, we collect and store the data you provide, like your TIN, email address, password, and date of registration etc.
  2. Family Data: Information relating to your marital status, spouse and dependents including your mother’s maiden name is obtained from you when you use our service.
  3. Unique Identifiable Data: You will need to provide personally identifiable data such as Tax Identification Number or proprietary global unique identifiers.
  4. Employment Data: You may need to provide information on your employment status, employer details, business contact information, business registration details, and proof of business activities.
  5. Legal Data: You may need to provide your legal history including criminal history (if any) and the court awards acquitting you of any outstanding charges.
  6. Profile Data: You may also need to provide profile information like a photo, social media profiles, or other data. Your Profile Data will be publicly viewable by others.
  7. Data About Your Accounts on Other Services: We may obtain certain information through your social media or other online accounts if they are connected to your account. If you log in to your account via another third-party platform or service, we ask for your permission to access certain information about that other account. For example, depending on the platform or service we may collect your name, profile picture, account ID number, login email address, location, physical location of your access devices, gender and birthday. Other platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service are configured to give to us.
    If you access or use our Services through a third-party platform or service, or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.
  8. Communications and Support: If you contact our platform for support or to report a problem or concern (regardless of whether you have created an account), We will collect and store your contact information, messages, and other data about you like your name, email address, location, operating system, IP address, and any other data you provide or that we collect through automated means ( highlighted below). We use this data to respond to you and research your question or concern, following this Privacy Policy.

When you access the Services we collect certain data by automated means, including

  1. System Data: Technical data about your computer or device, like your IP address, device type, operating system type and version, unique device identifiers, browser, browser language, domain and other systems data, and platform types (“System Data”).
  2. Usage Data: Usage statistics about your interactions with the Services, including features accessed, time spent on pages or the Service, pages visited, features used, your search queries, click data, date and time, and other data regarding your use of the Services (“Usage Data”).
  3. Approximate Geographic Data: An approximate geographic location, including information like country, city, and geographic coordinates, is calculated based on your IP address.

2. How We Collect Data About You

We use tools like cookies, beacons, analytics services, and advertising providers to gather the data listed above. Some of these tools offer you the ability to opt out of data collection

2.1 Cookies and Data Collection Tools

We use server log files and automated data collection tools like cookies, tags, scripts, customised links, device or browser fingerprints, and beacons (together, “Data Collection Tools”) when you access and use the Services. These data Collection tools automatically track and collect certain System Data and Usage Data (as detailed in Section 1) when you use the Services. In some cases, we tie data gathered through those Data Collection Tools to other data that we collect as described in this Privacy Policy.

We use cookies (small files that we send to your device to uniquely identify your browser or device or to store data in your browser) for things like analysing your use of the Services, personalising your experience, making it easier to log into the Services, and recognizing you when you return. We use beacons (small objects that allow us to measure the actions of visitors and users using the Services) for things like identifying whether a page was visited, identifying whether an email was opened, and advertising more efficiently by excluding current users from certain promotional messages.

We use the following types of cookies:

  • Preferences: cookies that remember data about your browser and preferred settings that affect the appearance and behaviour of the Services (like your preferred language).
  • Security: cookies are used to enable you to log in and access the Services; protect against fraudulent logins; and help detect and prevent abuse or unauthorised use of your account.
  • Functional: cookies that store functional settings
  • Session State: cookies that track your interactions with the Services to help us improve the Services and your browsing experience, remember your login details, and enable processing of your purchases. These are strictly necessary for the Services to work properly, so if you disable them then certain functionalities will break or be unavailable.

We can alert you about attempts to place cookies on your computer, limit the types of cookies you allow, or refuse cookies altogether. If you do, you may not be able to use some or all features of the Services, and your experience may be different or less functional.

2.2 Analytics

We use third-party browsers and mobile analytics services and these services use Data Collection Tools to help us analyse your use of the Services, including information like the third party you arrive from, how often you visit, usage and performance data. We use this data to improve the Services, better understand how the Services perform on different devices, and provide information that may be of interest to you.

2.3 Online Advertising

We use third-party advertising services like Google’s ad services, and other ad networks and ad servers to deliver advertising about our Services. The ads may be based on things we know about you, like your Usage Data and System Data (as detailed in Section 1), and things that these ad service providers know about you based on their tracking data. The ads can be based on your recent activity or activity over time and across other sites and services and may be tailored to your interests.

Depending on the types of advertising services we use, they may place cookies or other tracking technologies on your computer, phone, or other device to collect data about your use of our Services, and may access those tracking technologies to serve these tailored advertisements to you. To help deliver tailored advertising, we may provide these service providers with a hashed, anonymized version of your email address (in a non-human- readable form) and content that you share publicly on the Services.

When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.

3. What We Use Your Data For

We use your data to do things like provide our Services, communicate with you, troubleshoot issues, secure against fraud and abuse, improve and update our Services, analyse how people use our Services, serve personalised advertising, and as required by law or necessary for safety and integrity.

We use the data we collect through your use of the Services to:

  1. Provide and administer the Services, including displaying customised content and facilitating communication with other users;
  2. Process your requests and orders for products, specific services, information, or features;
  3. Communicate with you about your account by:
    1. Responding to your questions and concerns;
    2. Sending you administrative messages and information, including notifications about changes to our Service, and updates to our agreements;
    3. Sending you information and in-app messages about discounts, new services, new features, promotions, newsletters, and other available courses (which you can opt out of at any time);
    4. Sending push notifications to your wireless device to provide updates and other relevant messages (which you can manage from the “options” or “settings” page of the mobile app);
  4. Manage your account preferences;
  5. Facilitate the Services’ technical functioning, including troubleshooting and resolving issues, securing the Services, and preventing fraud and abuse;
  6. Solicit feedback from users;
  7. Learn more about you by linking your data with additional data through third-party data providers or analysing the data with the help of analytics service providers;
  8. Identify unique users across devices;
  9. Tailor advertisements across devices;
  10. Improve our Services and develop new products, services, and features;
  11. Analyse trends and traffic, track purchases, and track usage data;
  12. Advertise the Services on third-party sites and applications;
  13. As required or permitted by law; or
  14. We, in our sole discretion, otherwise determined to be necessary to ensure the safety or integrity of our users, employees, third parties, the public, or our Services.

4. Who We Share Your Data With

We share certain data about you with other users, companies performing services for us, our business partners, analytics and data enrichment providers, your social media providers, companies helping us run promotions, and advertising companies who help us promote our Services. We may also share your data as needed for security, legal compliance, or as part of a corporate restructuring. Lastly, we can share data in other ways if it is aggregated or de-identified or if we get your consent.

We may share your data with third parties under the following circumstances or as otherwise described in this Privacy Policy:

  1. With Other Users: Depending on your settings, your shared content and profile data may be publicly viewable, including to other users.
  2. With Service Providers, Contractors, and Agents: we share your data with third- party companies who perform services on our behalf, like payment processing, data analysis, marketing and advertising services (including retargeted advertising), email and hosting services, customer services and support. These service providers may access your data and are required to use it solely as directed to provide our requested service.
  3. With Business Partners: We have agreements with other sites and platforms to distribute our Services and drive traffic to our site.
  4. With Analytics and Data Enrichment Services: As part of our use of third-party analytics tools like Google Analytics and data enrichment services we share certain contact information, Account Data, System Data, Usage Data (as detailed in Section 1), or de-identified data as needed. De-identified data means data where we have removed things like your name and email address and replaced them with a token ID. This allows these providers to provide analytics services or match your data with publicly available database information (including contact and social information from other sources). We do this to communicate with you in a more effective and customised manner.
  5. Social Media Features: The social media features in the Services may allow the third-party social media provider to collect things like your IP address and which page of the Services you’re visiting, and to set a cookie to enable the feature. Your interactions with these features are governed by the third-party company’s privacy policy.
  6. For Advertising: If we decide to offer advertising in the future, we may use and share certain System Data and Usage Data with third-party advertisers and networks to show general demographic and preference information among our users. We may also allow advertisers to collect System Data through Data Collection Tools (as detailed in Section 2.1), and to use this data to offer you targeted ad delivery to personalise your user experience (through behavioural advertising) and undertake analytics. Advertisers may also share with us the data they collect about you. To learn more or opt out of participating in ad networks’ behavioural advertising, see Section 6.1 (Your Choices About the Use of Your Data) below. Note that if you opt- out, you’ll continue to be served generic ads.
  7. For Security and Legal Compliance: We may disclose your data to third parties if we (in our sole discretion) have a good faith belief that the disclosure is:
    1. Permitted or required by law;
    2. Requested as part of a judicial, governmental, or legal inquiry, order, or proceeding;
    3. Reasonably necessary as part of a valid subpoena, warrant, or other legally valid request;
    4. Reasonably necessary to enforce our Terms of Use, Privacy Policy, and other legal agreements;
    5. Required to detect, prevent, or address fraud, abuse, misuse, potential violations of law (or rule or regulation), or security or technical issues; or
    6. Reasonably necessary in our discretion to protect against imminent harm to the rights, property, or safety of our users, employees, members of the public, or our Services.
    7. We may also disclose data about you to our auditors and legal advisors to assess our disclosure obligations and rights under this Privacy Policy.
  8. After Aggregation/De-identification: We can disclose or use aggregate or de- identified data for any purpose.
  9. With Your Permission: with your consent, we may share data with third parties outside the scope of this Privacy Policy.

5. Security

We use appropriate security based on the type and sensitivity of data being stored. As with any internet-enabled system, there is always a risk of unauthorised access, so it’s important to protect your password and to contact us if you suspect any unauthorised access to your account.

We take appropriate security measures to protect against unauthorised access, alteration, disclosure, or destruction of the personal data that is collected and stored. These measures vary based on the type and sensitivity of the data. Unfortunately, no system can be 100% secured, so we cannot guarantee that communications, the Services, or any information provided to us in connection with the data we collect through the Services will be free from unauthorised access by third parties. Your password is an important part of our security system, and it is your responsibility to protect it. You should not share your password with any third party, and if you believe your password or account has been compromised, you should change it immediately and contact secretariat@invoiceappa.org with any concerns.

6. Your Rights

You have certain rights around the use of your data, including the ability to opt out of promotional emails, cookies, and collection of your data by certain analytics providers. You can update or terminate your account from within our Services and can also contact us for individual rights requests about your data. Parents who believe we have unintentionally collected personal data about their underage child should contact us for help in deleting that information.

6.1 Your Choices About the Use of Your Data

You can choose not to provide certain data to us, but you may not be able to use certain features of the Services.

  1. To stop receiving promotional communications from us, you can opt out by using the unsubscribe mechanism in the promotional communication you receive or by changing the email preferences in your account. Note that regardless of your email preference settings, we will send you transactional and relationship messages regarding the Services, including administrative confirmations, order confirmations, important updates about the Services, and notices about our policies.
  2. The browser or device you use may allow you to control cookies and other types of local data storage. Your wireless device may also allow you to control whether location or other data is collected and shared.
  3. To get information and control cookies used for tailored advertising from participating companies, see the consumer opt-out pages. To opt out of Google’s display advertising or customise Google Display Network ads, visit the Google Ads Settings page.
  4. To opt out of allowing Google Analytics or Clearbit to use your data for analytics or enrichment, see the Google Analytics Opt-out Browser Add-on and Clearbit data claiming mechanism.

If you have any questions about your data, our use of it, or your rights, contact us secretariat@invoiceappa.org.

6.2 Accessing, Updating, and Deleting Your Data

You can access and update the personal data that we collect and maintain as follows:

  1. To update the data you provide directly, log into your account and update your account at any time.
  2. To terminate your account, visit your profile settings page and delete your account at any time.
    1. If you have any issues terminating your accountemail us at secretariat@invoiceappa.org.
    2. Please note: even after your account is terminated, some or all of your data may still be visible to others, including without limitation any data that has been (a) copied, stored, or disseminated by other users; (b) shared or disseminated by you or others (including in your shared content); or (c) posted to a third-party platform. Even after your account is terminated, we retain your data for as long as we have a legitimate purpose to do so (and follow applicable law), including assisting with legal obligations, resolving disputes, and enforcing our agreements. We may retain and disclose such data according to this Privacy Policy after your account has been terminated.`
  3. To request access, correct, or delete your personal data,

Email:secretariat@invoiceappa.org

Please allow up to 30 days for a response. For your protection, We may require that the request be sent through the email address associated with your account, and we may need to verify your identity before implementing your request. Please note that we retain certain data where we have a lawful basis to do so, including for mandatory record-keeping and to complete transactions.

6.3 Our Policy Concerning Children

We recognise the privacy interests of children and encourage parents and guardians to take an active role in their children’s online activities and interests. Children under 18 should not use the Services. If we learn that we have collected personal data from a child under those ages, we will take reasonable steps to delete it.

Parents who believe that we may have collected personal data from a child under those ages can submit a request that it be removed to Email-secretariat@invoiceappa.org

7. Updates & Contact Info

When we make a material change to this policy, we will notify users via email, in-product notice, or another mechanism required by law. Changes become effective the day they’re posted. Please contact us via email with any questions, concerns, or disputes

7.1 Modifications to This Privacy Policy

From time to time, we may update this Privacy Policy. If we make any material change to it, we will notify you via email, through a notification posted on the Services, or as required by applicable law. We will also include a summary of the key changes. Unless stated otherwise, modifications will become effective on the day they are posted.

As permitted by applicable law, if you continue to use the Services after the effective date of any change, then your access and/or use will be deemed an acceptance of (and agreement to follow and be bound by) the revised Privacy Policy. The revised Privacy Policy supersedes all previous Privacy Policies.

7.2 Interpretation

Any capitalised terms not defined in this policy are defined as specified in our Terms of Use. Any version of this Privacy Policy in a language other than English is provided for convenience. If there is any conflict with a non-English version, you agree that the English language version will control.

7.3 Questions

If you have any questions, concerns, or disputes regarding our Privacy Policy, please feel free to contact our privacy team

Email: secretariat@invoiceappa.org

IAPPA

Delivering a Meaningful Impact to the advancement of E-Invoicing in Nigeria

Subscribe

Sign up to our newsletter for feature updates and our undying love.

© 2025 IAPPA. All Rights Reserved.