By using this website, you agree to our Privacy Policy.

W
₦
FOR US, BY US
W
₦
FOR US, BY US
WAZOBIA-Books

Accounting software

Language

Resources
🎯Try DemoπŸ“ŠPitch deckπŸ“„Invoice demo (NRS)πŸ”ŒAPI DocsπŸ“–User Manual❓FAQ☁️Backup & Export
Sign inGet Started

Legal

Privacy Policy, Terms & Conditions, and software license information for WAZOBIA-Books.

Last updated: 9 April 2026 Β· WaZoBia Smartech LTD

For any questions about these documents, contact us at admin@wazobia-books.ng.

Home/Privacy Policy

Privacy Policy

Last updated: (2026-04-09)

We are committed to protecting your privacy and ensuring the security of your personal and business data. This policy explains how we collect, use, and safeguard your information.

This policy was last updated on 9 April 2026 (2026-04-09). It is written to meet common transparency checks under the EU GDPR (Articles 13–14), the Nigeria Data Protection Act 2023 / NDPR, and related guidance.

Summary (plain language)

WaZoBia Smartech LTD runs WaZoBia-Books. We use your data to run the website and app, bill you, keep accounts safe, and obey the law. We use trusted suppliers (for example hosting and email). Some of them are outside Nigeria. We do not sell your personal data.

You can ask to see, fix, move, limit, or delete your data where the law allows. You can withdraw consent when we rely on it. You can complain to a regulator. If we have a serious data leak, we will tell regulators and you when the law says we must.

Questions? Email admin@wazobia-books.ng.

Overview

This Privacy Policy explains how WaZoBia Smartech LTD (β€œWaZoBia-Books”, β€œwe”, β€œus”, β€œour”) collects, uses, discloses, and protects personal data and business data. Typical purposes include: operating the marketing website, answering contact and sales enquiries, creating and administering accounts, delivering the accounting Service, billing, security, and legal compliance. Together, the public website and the Service are referred to as the β€œPlatforms”.

Data Ownership

You own your business data. We process it solely to provide the Service and never sell it to third parties.

Finance-Grade Security

We maintain comprehensive audit logs for all key actions to support accountability, compliance, and financial integrity.

Definitions

Personal Data
Information relating to an identified or identifiable individual, such as name, email address, or IP address.
Business Data
Accounting and operational data entered into the Service, including invoices, payroll records, ledger entries, customer information, and financial reports.
Account Owner
The person or entity that controls a business workspace in WaZoBia-Books and has administrative privileges.
Subprocessor
A third-party service provider that processes data on our behalf, such as hosting providers, database services, storage solutions, and email delivery services.

Data controller & privacy contact

The data controller for personal data processed through the WaZoBia-Books website (wazobia-books.ng) and the WaZoBia-Books cloud Service is WaZoBia Smartech LTD, with principal contact points in Nigeria.

Postal / address: WaZoBia Smartech LTD, Kano, Lagos, and Abuja, Nigeria

Privacy lead (primary contact for data subjects): admin@wazobia-books.ng. Use this address for access, correction, deletion, portability, restriction, objection, consent withdrawal, and general privacy questions.

Data Protection Officer (DPO): We are not currently required to appoint a statutory Data Protection Officer under GDPR Article 37 for our processing activities. Privacy governance is handled by our privacy lead at the email above. If our processing scale changes, we will update this section.

Purposes of processing & lawful bases

Below we state the main purposes for which we process personal data, the categories of data involved at a high level, and our lawful basis under GDPR Article 6 (and, where special categories apply, Article 9 only if you supply such data). Nigerian law (NDPA / NDPR) is applied in parallel where it applies to you.

PurposeTypical dataLawful basis (GDPR)
Provide and operate the Service (accounts, billing, core product)Identity, contact, credentials, business and financial data you enterPerformance of a contract (Art. 6(1)(b)); legal obligation where required (Art. 6(1)(c))
Website contact / sales forms and support ticketsName, email, company, message contentLegitimate interests (Art. 6(1)(f)) and/or contract steps (Art. 6(1)(b)); consent where we ask it (Art. 6(1)(a))
Security, fraud prevention, abuse detection, audit logsIP address, device metadata, security events, usage logsLegitimate interests (Art. 6(1)(f)); legal obligation (Art. 6(1)(c))
Product improvement and reliability (aggregated or pseudonymised where possible)Usage telemetry, diagnosticsLegitimate interests (Art. 6(1)(f))
Marketing communications (only if you opt in)Name, email, preferencesConsent (Art. 6(1)(a)) β€” withdraw any time
Legal claims and regulatory requestsRelevant records held in the ServiceLegal obligation (Art. 6(1)(c)); legitimate interests / establishment of legal claims (Art. 6(1)(f))

Information We Collect

Account Information

  • Names and email address
  • Authentication and security information (e.g., password hashes, 2FA configuration)
  • Login history and security events (timestamps, IP addresses, device details)
  • Account preferences and settings

Business and Financial Information (Business Data)

  • Business profile, company name, address, tax identification numbers
  • Customers, vendors, products, inventory, purchase orders, bills, expenses
  • Invoices, payments, credit notes, recurring transactions
  • Payroll data (employees, payroll periods, payslips, statutory deductions)
  • Ledger data (chart of accounts, journal entries, financial reports)
  • Bank account information and transaction records

Usage and Technical Information

  • Request logs and operational telemetry (including request IDs for debugging)
  • Basic device and browser information for compatibility and security purposes
  • Crash and error reports (if enabled by you)
  • Feature usage statistics to improve service quality

How We Use Information

Service Delivery

Provide features such as invoicing, payroll processing, financial reports, and data exports.

Security

Protect accounts, prevent abuse, detect fraud, and enforce access controls.

Support

Troubleshoot issues, respond to support requests, and provide customer assistance.

Reliability

Monitor performance, diagnose errors, improve stability, and ensure uptime.

Auditability

Maintain audit logs for sensitive actions and financial changes for compliance.

Improvements

Analyze usage patterns to enhance features and user experience (anonymized where possible).

Recipients of your personal data

Your personal data may be disclosed to the following categories of recipients, only where necessary and with appropriate safeguards:

  • Infrastructure & communications subprocessors (hosting, database, CDN, email delivery, error monitoring) β€” listed in the next section by name.
  • Professional advisers (lawyers, accountants, auditors) where we need specialist advice, under confidentiality terms.
  • Payment and fraud partners if you pay us through a third-party gateway β€” limited to transaction and verification data.
  • Regulators, courts, and law enforcement when we are required to respond to lawful requests or to establish or defend legal claims.
  • Successors in business if we merge, acquire, or sell assets β€” your data would transfer subject to this policy or equivalent protections, and we will notify you where required.

We do not allow recipients to use your data for their own unrelated marketing. A current subprocessor list appears below; we will update this page or notify you when we add or replace material subprocessors where the law requires it.

Subprocessors (named)

We may share data with trusted service providers only as necessary to operate the Service. We maintain contracts with all subprocessors that require them to protect your data and use it only for specified purposes.

Our Subprocessors Include:

  • β€’Hosting: Vercel (application hosting and CDN)
  • β€’Database: Neon (PostgreSQL database hosting)
  • β€’Backup Storage: Microsoft Azure Blob Storage (when configured by you)
  • β€’Email Delivery: SendGrid or Resend (transactional email services)
  • β€’Error Monitoring: Sentry (when enabled, for error tracking and debugging)

Important:

We do not sell your personal data to third parties. We do not share your data for marketing purposes without your explicit consent. We only share data as necessary to provide the Service.

Personal data breach notification & security (NDPA s.40)

We implement industry-standard security measures designed to protect your data:

Encryption in transit (TLS/SSL) for all data transmission
Encryption at rest for sensitive data
Access controls and role-based permissions
Regular security audits and vulnerability assessments
Comprehensive audit logging for accountability
Secure authentication mechanisms (2FA support)
Regular backups with tested recovery procedures
Documented incident response and breach notification procedures

Note: While we implement robust security measures, no system can be guaranteed 100% secure. We continuously work to improve our security posture.

Breach notification β€” process

Breach notification (including to regulators and, where required, to you) follows NDPA s.40 and, where applicable, GDPR timelines. If we become aware of a breach of security leading to accidental or unlawful destruction, loss, alteration, or unauthorised disclosure of or access to personal data, we will assess risk to individuals. Where required by the GDPR, we will notify the competent supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware. Where the NDPA / NDPR requires notification to the Nigeria Data Protection Commission (NDPC), we will comply with applicable timelines and content rules.

If the breach is likely to result in a high risk to your rights and freedoms, we will also communicate to affected users (for example by email or in-app notice) without undue delay, unless an exception applies under law.

After any incident, you may contact admin@wazobia-books.ng for questions about impact and remedial steps.

Data retention & storage limitation (NDPA s.24)

Data retention and storage limitation (Nigeria Data Protection Act 2023, NDPA s.24): we keep personal data only as long as needed for the purposes in this policy. The table below states specified retention periods (targets). We may retain data longer where tax, audit, litigation, or other legal obligations require it.

Active subscriptions & accounts

For the life of your contract / active account, plus a short wind-down to export data and resolve billing β€” typically up to 90 days after service end unless you ask us to delete sooner.

Verified deletion requests

After we verify your identity and any account ownership checks, we target deletion or anonymisation of personal data within 30 days. Residual copies in encrypted backups are overwritten on a rolling basis, usually within 90 days of deletion from production systems.

Security, audit & operational logs

Technical and security logs (for example authentication events, API abuse signals) are typically retained for up to 24 months, unless a shorter period is configured or a longer hold is required for an investigation.

Website contact & sales enquiries

Messages sent through our website forms are retained for up to 24 months from the last interaction, unless you ask us to delete them earlier and we have no overriding legal need to keep them.

Financial & tax records inside the Service

Business and accounting data may need to be kept for statutory periods (often 6 years or longer under Nigerian tax and company law, depending on record type). Where you delete an account, we delete or anonymise personal identifiers where possible while retaining bare minimum records where the law mandates.

Customer-configured backups

Backups you export to your own cloud (for example Microsoft Azure Blob Storage) are retained according to your retention policy. Our own disaster-recovery backups follow the windows above.

Data subject rights (NDPA ss. 34–38; GDPR Arts. 15–22)

Data subject rights under the Nigeria Data Protection Act 2023 include access, rectification, erasure, restriction, objection, and data portability where the law allows (NDPA ss. 34–38). If the GDPR applies to you, the parallel rights are Articles 15–22 below. Contact our privacy lead to exercise any right.

Right of access (Art. 15)

You may ask whether we process your personal data and obtain a copy, together with certain details about the processing.

Right to rectification (Art. 16)

You may ask us to correct inaccurate data or complete incomplete data.

Right to erasure (β€œright to be forgotten”) (Art. 17)

You may ask us to delete personal data where grounds apply β€” for example where it is no longer needed or you withdraw consent β€” subject to legal retention (for example tax or audit records).

Right to restriction of processing (Art. 18)

You may ask us to limit processing in defined situations (for example while we verify accuracy or lawfulness).

Right to data portability (Art. 20)

Where processing is based on consent or contract and is automated, you may receive your personal data in a structured, commonly used, machine-readable format and ask us to transmit it to another controller where technically feasible.

Right to object (Art. 21)

You may object to processing based on legitimate interests or for direct marketing. If you object to marketing, we will stop using your data for that purpose.

Right related to automated decision-making (Art. 22)

See the section Automated decisions below. In short: we do not rely on solely automated decisions that produce legal or similarly significant effects on you without human involvement, within the meaning of Article 22 GDPR.

How to exercise your rights: Email admin@wazobia-books.ng with your name, contact details, and the right you wish to exercise. We may ask for reasonable identity verification before acting.

We will respond within one month (30 days) of receipt. If a request is complex or we receive many requests from you, we may extend by up to two further months and will tell you why within the first month.

Right to lodge a complaint with a supervisory authority

If you believe our processing infringes data protection law, you have the right to lodge a complaint with a supervisory authority β€” in particular in the EU Member State of your habitual residence, place of work, or place of the alleged infringement (GDPR Article 77).

Nigeria: You may contact the Nigeria Data Protection Commission (NDPC), the regulator under the NDPA 2023.

EU users: you can find your lead authority via the European Data Protection Board (EDPB) members list.

We encourage you to contact us first at admin@wazobia-books.ng so we can try to resolve your concern.

International transfers of personal data

We are established in Nigeria. Our subprocessors (for example application hosting, database, CDN, email, and error monitoring) may process personal data in the United States, the European Economic Area (EEA), the United Kingdom, and other countries where they operate data centres. That means your data may be transferred to and stored in countries that do not have the same data protection laws as your own.

Where the GDPR applies, we rely on an adequacy decision of the European Commission where one exists, or otherwise appropriate safeguards such as the EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement / Addendum, or another mechanism recognised under Chapter V GDPR. Where Nigerian law applies, we comply with NDPC guidance on cross-border transfers.

You may request a copy of relevant safeguards (for example redacted SCCs) by contacting admin@wazobia-books.ng.

Automated decision-making & profiling

Some product features use machine learning or rules-based automation to suggest categories, reconciliations, or forecasts. These tools are designed to assist human users; they do not replace your judgement for statutory filings or commercial decisions.

We do not make decisions based solely on automated processing, including profiling, which produce legal effects or similarly significantly affect you, within the meaning of GDPR Article 22(1), without a lawful basis and suitable safeguards. If that ever changes, we will update this policy and explain any meaningful logic, significance, and envisaged consequences, and how to obtain human review.

Children’s privacy

The Platforms are intended for businesses and adults. We do not knowingly collect personal data from anyone under 16 (or the higher age required in your US state, if applicable). If you believe a child has provided us personal data, contact admin@wazobia-books.ng and we will take steps to delete it, subject to law.

United States state privacy & β€œDo not sell or share”

We do not sell your personal information for money, and we do not β€œsell” or β€œshare” personal information as those terms are used in the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) for cross-context behavioural advertising.

Residents of California and other US states with privacy laws may still submit privacy requests (access, deletion, correction, opt-out of sale/share where applicable) to admin@wazobia-books.ng. We will verify and respond in line with applicable law.

This subsection is your β€œDo not sell or share my personal information” notice page anchor β€” you may bookmark …/legal#privacy-do-not-sell.

Cookies, similar technologies & Global Privacy Control (GPC)

Essential Cookies

We use cookies that are strictly necessary for the Service to function, including:

  • Authentication cookies to maintain your login session
  • Security cookies for CSRF protection and fraud prevention
  • Session cookies for application state management

Analytics & Performance

We may use analytics cookies to understand how you use our Service and improve performance. These cookies are optional and can be disabled through your browser settings.

Cookie Preferences: You can manage cookie preferences through your browser settings. Note that disabling essential cookies may affect the functionality of the Service.

Global Privacy Control (GPC)

Where required by US state law, we treat Global Privacy Control (GPC) browser signals as a valid request to opt out of sale or sharing of personal information for targeted advertising. Because we do not sell personal data for money and do not use cross-context behavioural advertising as defined under CPRA, enabling GPC should not change what you see on this marketing site, but we honour the signal where it applies to any optional analytics we may operate in the future.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other reasons. We will notify you of any material changes by:

  • Posting the updated policy on this page with a new Last updated date (currently )
  • Sending an email notification to registered users (for significant changes)
  • Displaying a notice on the Service (for major changes)

Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.

Contact & privacy lead

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our privacy lead:

Privacy contact email

admin@wazobia-books.ng

Postal / address

WaZoBia Smartech LTD, Kano, Lagos, and Abuja, Nigeria

Legal entity (controller)

WaZoBia Smartech LTD

We aim to respond to all privacy-related inquiries within 30 days.

Home/Terms & Conditions

Terms & Conditions

Last updated: March 2026

Overview

These Terms & Conditions ("Terms") govern access to and use of WaZoBia-Books(the "Service"), including our website, web application, and APIs. By accessing or using the Service, you agree to these Terms.

Finance product

You remain responsible for your statutory filings and accounting decisions.

Multi-business access

You must assign roles correctly and invite only authorized people.

Definitions

  • Account Owner: the person/entity controlling a business workspace.
  • Business Data: accounting and operational data you input (invoices, payroll, ledger, etc.).
  • Content: templates, UI text, and platform materials excluding your Business Data.

Accounts & access

  • You must provide accurate account information and keep it current.
  • You are responsible for safeguarding your credentials and enabling 2FA where available.
  • Admins must manage user roles and permissions appropriately within each business.

Plans & billing

If paid plans are offered, fees, limits, and billing terms may vary by plan. You agree to pay applicable fees and taxes. Payments may be processed by third-party providers and may be subject to their terms.

Acceptable use

You agree not to:

  • Attempt to access data outside your authorized business membership
  • Disrupt or abuse the Service, introduce malware, or attempt to bypass controls
  • Probe or scan the Service for vulnerabilities
  • Use the Service for unlawful purposes

Your data & responsibilities

  • You own your Business Data.
  • You are responsible for the accuracy of entries and configuration (tax settings, payroll inputs, chart of accounts, etc.).
  • Reports and statements reflect your inputs; you should review outputs before relying on them for filings or decisions.

Audit logs

The Service records audit logs for key actions to support accountability and integrity (for example approvals, postings, and financial mutations). Some audit logs may be retained for compliance and dispute resolution.

Exports & backups

The Service may provide exports and backups. In Vercel-only deployments, automated backup exports may be stored in your configured Azure Blob Storage. You are responsible for your storage configuration, access control, and retention policies.

Availability & support

We aim to maintain availability, but we do not guarantee uninterrupted operation. Maintenance, upgrades, and incidents can cause downtime. Support channels and response times may vary by plan.

Disclaimers

The Service is provided on an "as is" and "as available" basis. WaZoBia-Books does not provide legal, tax, or accounting advice. You should consult qualified professionals for statutory filings and compliance decisions.

Limitation of liability

To the maximum extent permitted by law, we are not liable for indirect, incidental, special, consequential, or punitive damages, or for loss of profits, revenues, data, or goodwill. Our total liability for any claim will be limited to the amount paid by you for the Service in the relevant period, except where applicable law requires otherwise.

Termination

You may stop using the Service at any time. We may suspend or terminate access if you violate these Terms, fail to pay applicable fees, or where required by law. Where feasible, we will provide notice.

Governing law

These Terms are governed by the laws of the Federal Republic of Nigeria. Disputes will be handled in courts of competent jurisdiction in Nigeria unless an alternative dispute resolution process is agreed.

Contact

Questions? Contact hello@wazobiabooks.com or admin@wazobia-books.ng.

License

WAZOBIA-Books software, documentation, branding, and related materials are owned by WaZoBia Smartech LTD or its licensors and are protected by copyright and other intellectual property laws.

1. Grant of use

Subject to these Terms and your subscription or agreement, we grant you a limited, non-exclusive, non-transferable, revocable licence to access and use WAZOBIA-Books for your internal business purposes during the subscription term.

2. Restrictions

You may not:

  • Copy, modify, distribute, sell, or lease the software except as expressly allowed;
  • Remove or alter proprietary notices;
  • Use the Services to build a competing product or service;
  • Share credentials or exceed user/seat limits under your plan.

3. Open source & third parties

The Services may incorporate third-party or open-source components governed by their respective licences. Nothing in this section limits those third-party terms where they apply.

4. Self-hosted or enterprise

If you use a self-hosted or enterprise deployment, additional licence terms in your order form or agreement apply and control in case of conflict with this summary.

5. Contact

Licensing enquiries: admin@wazobia-books.ng.