Privacy Policy
Your privacy matters to us. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding your data. We are committed to handling your information with transparency and care.
1. Who We Are
Evtoan Technologies ("we", "us", "our") is a software agency and digital product marketplace operating at evtoan.com. For the purposes of data protection law, Evtoan Technologies is the data controller responsible for your personal data.
Contact us for privacy matters at: info@evtoan.com
2. Data We Collect
| Category | Data Points | When Collected |
|---|---|---|
| Account Data | Name, email address, username, hashed password, profile picture | On registration |
| Transaction Data | Purchase history, order amounts, payment references, coupon codes used | On purchase |
| Service Data | Project briefs, requirements, uploaded files, communications | During project engagement |
| Technical Data | IP address, browser type, device type, operating system | On site visit |
| Usage Data | Pages visited, features used, search queries, session duration | During site use |
| Communication Data | Support messages, live chat transcripts, contact form submissions | When you contact us |
| Referral Data | Referral links used, referral code, referred account linkage | On signup via referral |
We do not collect or store full payment card numbers. All payment processing is handled by Paystack and Flutterwave, who are independently PCI-DSS compliant.
3. How We Collect Data
- Directly from you β when you register, make a purchase, submit a contact form, or engage our services
- Automatically β through cookies and server logs as you browse our website
- From payment processors β transaction confirmation data from Paystack and Flutterwave
- From third-party services β analytics services, where you have consented to such tracking
4. Why We Process Your Data
- Account management β to create and maintain your account, authenticate you, and manage your preferences
- Order fulfilment β to process purchases, deliver digital products, and manage subscriptions
- Service delivery β to manage software development projects, communications, and deliverables
- Customer support β to respond to enquiries, resolve issues, and maintain our live chat system
- Platform improvement β to analyse usage patterns and improve our products and user experience
- Security β to detect fraud, prevent abuse, and protect our platform and users
- Legal compliance β to meet our obligations under applicable laws and regulations
- Marketing β to send you product updates, offers, and newsletters, where you have opted in
5. Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract performance β processing necessary to fulfil your orders and service agreements
- Legitimate interests β analytics, fraud prevention, platform security, and product improvement
- Consent β marketing communications and non-essential cookies (you may withdraw consent at any time)
- Legal obligation β record-keeping, tax compliance, and responding to lawful requests
7. Data Retention
- Account data β retained for the lifetime of your account plus 2 years after closure
- Transaction records β retained for 7 years for tax and legal compliance
- Support communications β retained for 3 years
- Analytics data β aggregated data retained indefinitely; raw session data retained for 24 months
- Marketing data β retained until you unsubscribe or withdraw consent
When data is no longer needed, we securely delete or anonymise it.
8. Security
We implement industry-standard security measures to protect your personal data, including:
- TLS/SSL encryption for all data in transit
- Bcrypt hashing for all passwords (never stored in plain text)
- Regular security audits and vulnerability assessments
- Restricted access to personal data on a need-to-know basis
- Secure, encrypted file storage for all uploaded assets
No method of transmission over the Internet is 100% secure. While we use commercially reasonable measures, we cannot guarantee absolute security. Please notify us immediately at info@evtoan.com if you suspect any breach of your account security.
10. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
To exercise any of these rights, email us at info@evtoan.com with the subject line "Privacy Rights Request". We will respond within 30 days.
11. Children's Privacy
Our platform is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at info@evtoan.com and we will take steps to delete such information.
12. International Data Transfers
Your personal data may be transferred to and processed in countries outside your home country, including Rwanda and countries where our cloud service providers operate. Where such transfers occur, we ensure appropriate safeguards are in place in accordance with applicable data protection laws.
13. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a prominent notice on our website. The "Last Updated" date at the top of this page indicates when the most recent changes were made. Your continued use of our platform after changes become effective constitutes acceptance of the updated policy.
14. Contact & Data Controller
For any privacy-related questions, requests, or complaints, please contact:
- Data Controller: Evtoan Technologies
- Email: info@evtoan.com
- Contact Form: evtoan.com/contact
If you are unsatisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.