RescueTap LTD is committed to maintaining the highest standards of privacy, security, and transparency in handling the personal information of our users ("you" or "your"). This Privacy Policy outlines the nature of the data we collect, the legal justifications for collecting it, the methods of use, and the protections in place to ensure its confidentiality and security.

This policy is structured in alignment with local and international data protection laws, including but not limited to the Nigerian Data Protection Act (NDPA), the General Data Protection Regulation (GDPR), and other relevant frameworks.

1. Scope and Applicability

This Privacy Policy applies to all individuals who access, use, or interact with our digital products, services, platforms, and associated features. This includes mobile applications, web portals, and other related services provided by RescueTap LTD.

By using our services, you consent to the collection and use of your data as described herein. You also acknowledge that this policy is subject to updates, and you are encouraged to review it regularly.

2. Categories of Personal Data Collected

We collect the following categories of personal data to enable efficient, personalised, and secure use of our services:

• Location Data: Real-time geolocation data is collected through GPS, Wi-Fi, cellular networks, or IP addresses. This allows us to provide location-sensitive services, such as connecting users to nearby support resources, facilitating logistics, and enhancing response capabilities.
• Phone Numbers: User phone numbers are collected to enable two-factor authentication, transactional alerts, account recovery, and direct communication regarding service delivery or support.
• Email Addresses: We collect email addresses for account creation, communication, newsletters, support tickets, transaction confirmations, and compliance notifications.
• Residential or Mailing Address: Addresses are used for user identity verification, billing, shipping (if applicable), service logistics, and geographical service targeting.
• User Photos: We may collect and store photographic images submitted by users as part of identity verification processes, profile creation, or service validation. This data may also be used to improve user trust and platform security.

3. Legal Basis and Purpose for Data Processing

The processing of personal data is conducted based on the following legal justifications:

• User Consent: Personal data is collected where you have voluntarily granted permission, such as through form submissions or application sign-ups.
• Contractual Necessity: Data is processed to fulfil our obligations under service agreements, such as providing access to digital services or dispatch operations.
• Compliance with Legal Obligations: Certain data processing is required to comply with regulatory, legal, or judicial mandates.
• Legitimate Interests: In cases where processing is essential for operational efficiency, platform security, service improvement, fraud prevention, or analytics, and where such interests do not override user rights.

Purposes of Processing Include:

• Providing tailored and location-based services
• Ensuring secure authentication and account management
• Facilitating customer support and communication
• Enabling data analysis for platform improvement
• Complying with legal and statutory requirements
• Protecting platform integrity and user trust

4. Data Retention and Storage

We retain your personal data only for as long as it is necessary to fulfill the purposes outlined in this policy, and as required by applicable law or regulatory frameworks.

Retention timelines vary based on data category:

• Location data is stored temporarily and discarded unless required for ongoing service validation.
• Identity information (e.g., phone number, email) is retained as long as your account remains active or as needed for legal purposes.

Upon expiry of the retention period or upon user request (where applicable), we will securely delete or anonymize the data to prevent identification.

All personal data is stored on secure, access-controlled servers employing industry-standard encryption and backup protocols.

5. Data Sharing and Third-Party Disclosures

We do not sell, rent, or trade personal information to third parties. However, data may be shared in the following circumstances:

• With Service Providers: Select third-party vendors who assist in delivering our services (e.g., data hosting, identity verification, SMS/email platforms) operate under confidentiality agreements and strict data protection protocols.
• Legal or Regulatory Requests: Where required by court orders, governmental authorities, or to comply with applicable laws.
• Platform Integrations and Partnerships: With trusted partners under strict contractual obligations, and solely for the delivery of integrated services aligned with this Privacy Policy.

All third-party processors are vetted and obligated to comply with data protection and cybersecurity best practices.

6. Data Security Measures

We apply advanced technical and organizational measures to secure user data from unauthorized access, alteration, loss, or destruction:

• Use of HTTPS/TLS encryption for all data in transit
• Encrypted storage of sensitive data at rest
• Firewalls and intrusion detection/prevention systems
• Role-based access control (RBAC) and audit logging
• Secure user authentication and password hashing
• Regular system updates, security patches, and penetration testing
• Employee training on data protection and security protocols

Despite these measures, users are advised to practice responsible data handling on their end, including using strong passwords and avoiding sharing personal credentials.

7. User Rights and Choices

You are entitled to the following rights concerning your personal data:

• Right of Access: Request a copy of your personal data held by us.
• Right of Rectification: Request corrections to inaccurate or incomplete data.
• Right to Erasure: Request deletion of personal data, subject to legal and operational constraints.
• Right to Restrict Processing: Limit processing under specific conditions.
• Right to Object: Object to processing where legitimate interests are not overriding.
• Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent.
• Right to Data Portability: Request transfer of your data to another service provider in a structured format.

Requests can be submitted via admin@rescuetap.org, and we will respond within the legally required time frame.

8. International Transfers

Should any personal data be transferred outside the jurisdiction of collection, we ensure that adequate safeguards are in place to maintain data protection standards equivalent to those outlined in this policy.

These safeguards may include:

• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (BCRs)
• Data protection agreements with third-party processors

9. Policy Updates and Notification

We reserve the right to update this Privacy Policy periodically to reflect changes in regulatory requirements, technology, or business operations.

Users will be notified of material changes via email, platform notifications, or in-app alerts. Continued use of our services after updates constitutes your acknowledgement and acceptance of the revised policy.

10. Contact Information

For questions, concerns, or requests related to this policy, please contact:

RescueTap LTD
Data Protection Officer
Email: admin@rescuetap.org
Phone: +2348078875322
Address: 22 Bambari Crescent, Wuse Zone 7, Abuja

By using our services, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy.