PRIVACY POLICY

Last Updated: 28/2/2026

1. INTRODUCTION

Welcome to Guru Ad Limited (“we,” “us,” “our,” or “the Company”). We are a private company limited by shares incorporated under the Companies and Allied Matters Act 2020 of the Federal Republic of Nigeria, with registration number RC 7166517, and registered office in Lagos State, Nigeria.

Guru Ad operates as a pay-as-you-go digital indoor advertising platform, enabling businesses to create, manage, and track advertising campaigns on our network of digital screens in real-time.

This Privacy Policy explains how we collect, use, disclose, protect, and process your personal data when you use our website, web application, mobile application, advertising platform, and related services (collectively, the “Services”).

By accessing or using our Services, you consent to the data practices described in this Policy. If you do not agree, please discontinue use of our Services immediately.

This Policy is prepared in compliance with:

  • The Nigeria Data Protection Regulation (NDPR) 2019 (and its 2023 Implementation Framework)
  • The Nigeria Data Protection Act 2023
  • The Companies and Allied Matters Act (CAMA) 2020
  • Other applicable Nigerian laws and regulatory guidelines

Guru Ad Limited acts as the Data Controller for personal data collected through the Services.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly
When you register, use, or interact with our Services, we may collect:

  • Account Information: E.g,  Name, email address, phone number, business name, CAC registration number (for businesses), password, profile picture.
  • Business & Verification Data: E.g, Business address, bank account details (for host payouts), government-issued ID for KYC verification
  • Payment Information: E.g, Card details (processed securely via licensed gateways like Paystack/Flutterwave), transaction history, billing address 
  • Advertising Content: E.g, Ad creatives (images, videos, GIF), campaign settings, target audience parameters, scheduling preferences
  • Communications: E.g, Support requests, feedback, survey responses, correspondence with our team
  • Consent Records:  Timestamps and logs of your consent to this Policy, marketing preferences, data processing agreements.

2.2 Information Collected Automatically
When you access our Services, we and our service providers may automatically collect:

  • Device & Technical Data: E.g, IP address, browser type, operating system, device identifiers, screen resolution – for  service optimization, security, fraud prevention
  • Usage & Analytics Data: E.g,  Pages visited, features used, session duration, click-through rates, campaign performance metrics  – for platform improvement, analytics reporting, billing accuracy
  • Location Data: E.g, Approximate location derived from IP address; precise location of host venues (with consent) – for Ad targeting, venue verification, compliance with local advertising regulations
  • Cookie & Tracking Data: E.g, Cookies, web beacons, pixel tags, similar technologies – for authentication, personalization, analytics, ad measurement

2.3 Information from Third Parties
We may receive information about you from:

  • Payment processors (e.g., Paystack, Flutterwave) for transaction verification
  • Advertising partners or venues where your ads are displayed (aggregated performance data)
  • Public sources (e.g., CAC registry) to verify business credentials
  • Referral sources, if you were invited to join by another user
3. HOW WE USE YOUR INFORMATION

We process your personal data for the following lawful purposes under the NDPR:

3.1 To Provide and Operate the Services

  • Create and manage your account
  • Process advertising campaigns and bill per second when ads play
  • Facilitate host payouts via bank transfer
  • Deliver real-time analytics and campaign performance reports
  • Enable ad upload and termination of campaign via our app

3.2 To Communicate With You

  • Send transactional messages (account confirmations, payment receipts, campaign alerts)
  • Respond to support requests and inquiries
  • Notify you of policy changes, service updates, or security incidents
  • Share marketing communications (only with your explicit consent; you may opt out anytime)

3.3 To Improve and Personalize Our Services

  • Analyze usage patterns to enhance platform functionality
  • Conduct A/B testing and feature development
  • Personalize dashboard views and reporting based on your business type
  • Train machine learning models for ad optimization (using anonymized, aggregated data)

3.4 To Ensure Security, Compliance, and Fraud Prevention

  • Verify identity and business credentials to prevent fraud
  • Monitor for suspicious activity, click fraud, or policy violations
  • Comply with legal obligations (tax reporting, NDPR, ARCON advertising guidelines)
  • Protect the rights, property, or safety of Guru Ad, our users, or the public

3.5 For Legal and Business Purposes

  • Enforce our Terms of Service and other agreements
  • Respond to lawful requests from regulatory authorities (e.g., NITDA, CAC, FIRS)
  • Facilitate business transfers (merger, acquisition, asset sale) with appropriate safeguards
  • Defend legal claims or exercise legal rights
4. LEGAL BASIS FOR PROCESSING

Under the Nigeria Data Protection Regulation, we process your personal data based on one or more of the following lawful grounds:

  • Consent: When you explicitly agree to processing (e.g., marketing emails, location tracking for venue ads). You may withdraw consent anytime via your account settings or by contacting us. 
  • Contractual Necessity: When processing is required to perform our agreement with you (e.g., creating your account, processing payments, delivering ad campaigns).
  • Legal Obligation: When we must process data to comply with Nigerian law (e.g., tax reporting, KYC/AML requirements, regulatory audits).
  • Legitimate Interests: When processing supports our legitimate business interests (e.g., fraud prevention, platform security, service improvement), provided your rights and freedoms are not overridden. We conduct balancing tests for such processing.
5. YOUR DATA PROTECTION RIGHTS

You have the following rights under the Nigeria Data Protection Act and NDPR:

  • The right to request access to your personal data.
  • The right to request correction of inaccurate or incomplete data.
  • The right to request deletion of your personal data, subject to legal obligations.
  • The right to restrict processing in certain circumstances.
  • The right to object to processing based on legitimate interests.
  • The right to request data portability, where applicable.
  • The right to withdraw consent at any time (where processing is based on consent).
  • The right to lodge a complaint with the Nigeria Data Protection Commission (NDPC).

To exercise your rights, contact privacy@guruad.ng. We will respond within 30 days.

6. HOW WE SHARE YOUR INFORMATION

We do not sell your personal data. We may share your information only in the following circumstances:

6.1 With Service Providers (“Data Processors”)
We engage trusted third-party vendors who process data on our behalf under strict contractual obligations.

All processors are bound by data processing agreements that require them to:

  • Process data only on our instructions
  • Implement appropriate security measures
  • Assist us in responding to data subject requests
  • Delete or return data upon termination

6.2 Business Transfers
If Guru Ad is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you (via email or prominent notice) and provide choices where required by law.

6.3 Aggregated or Anonymized Data
We may share aggregated, de-identified, or anonymized data that cannot reasonably identify you (e.g., “Total ad durations in Lagos this month: 2.4M”) for:

  • Industry reports and market research
  • Platform benchmarking and improvement
  • Public-facing case studies (with your prior consent if business-specific)
7. DATA RETENTION

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods depend on factors such as:

  • Maintaining and managing your Guru Ad account
  • Delivering, improving, or troubleshooting our Services
  • Complying with Nigerian legal, tax, or regulatory obligations (e.g., FIRS, CAC, NDPR)
  • Resolving disputes, enforcing our Terms of Service, or protecting our legal rights
  • Preserving records for legitimate business interests, such as fraud prevention or analytics
  • Once the applicable retention period expires, your data is securely deleted or anonymized, unless further retention is legally mandated.
8. DATA SECURITY

We implement technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction:

  • Access Controls: Role-based access, multi-factor authentication for staff, principle of least privilege  
  • Secure Development: Regular security testing, code reviews, vulnerability scanning   
  • Staff Training: Regular NDPR and security awareness training for all employees  

No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

In the event of a data breach that poses a risk to your rights and freedoms, we will notify the Nigeria Data Protection Commission and affected users in accordance with applicable law.

9. INTERNATIONAL DATA TRANSFERS

Guru Ad is headquartered in Nigeria, and your data is primarily processed within Nigeria. However, some service providers (e.g., cloud infrastructure) may process data outside Nigeria.

When we transfer personal data outside Nigeria, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the Nigeria Data Protection Commission
  • Binding corporate rules (for group companies)
  • Ensuring the destination country has adequate data protection laws (as recognized by NITDA)

You may contact us at privacy@guruad.ng to request details of specific safeguards applied to international transfers.

10. COOKIES AND TRACKING TECHNOLOGIES

What Are Cookies?

Cookies are small text files stored on your device to remember preferences, authenticate sessions, and analyze usage.

How We Use Cookies:

  • Strictly Necessary:  Enable core functions (login, security, cart) and is essential for service.
  • Performance & Analytics: Measure traffic, test features, improve UX, and can be disabled via browser settings or cookie banner.
  • Functional:  Remember preferences (language, currency), and can be disabled
  • Targeting/Advertising: Measure ad performance, personalize content (with consent), and can be disabled via cookie banner or account settings. Where required by law, we obtain your consent before placing non-essential cookies.

Managing Cookies:

  • Adjust browser settings to block or delete cookies (note: may limit Service functionality)
  • Use privacy-focused browser extensions (e.g., uBlock Origin, Privacy Badger)
11. CHILDREN’S PRIVACY

The Services are designed for use by businesses, marketers, and venue operators. We do not knowingly collect data from individuals under 18 years of age. If you are a parent, guardian, or legal representative and believe that a child has provided us with personal information, please contact us immediately at privacy@guruad.ng, and we will take steps to delete it promptly.

12. CHANGES TO THIS PRIVACY POLICY

We may update this Policy periodically to reflect changes in our practices, technology, or legal requirements.

  • Material changes will be communicated via:
    Email to your registered address
    In-app notification or banner
    Prominent posting on our website with a revised “Last Updated” date
  • Your continued use of the Services after changes constitutes acceptance of the revised Policy
  • If you object to changes, your sole remedy is to discontinue use and terminate your account

We encourage you to review this Policy regularly.

13. CONTACT US

For questions about this Privacy Policy, your data rights, or to report a concern:

Guru Ad Limited

Email: privacy@guruad.ng

Phone: +234 907 927 2098

Address: Lagos, Nigeria  

 

Regulatory Contact:  

Nigeria Data Protection Commission (NDPC)  

www.ndpc.gov.ng

complaints@ndpc.gov.ng