Skip to main content
Finora
Finora
Get Started Free

Privacy Policy

Last updated: November 29, 2025

Introduction

Finora Technologies Ltd ("Finora", "we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our business management and tax platform ("Finora Platform") and our marketing website at finorabusiness.com.

This policy is designed to comply with the Nigeria Data Protection Regulation (NDPR) issued by the National Information Technology Development Agency (NITDA).

Please read this Privacy Policy carefully. By accessing or using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

1. Who We Are

Finora Technologies Ltd is a business management and tax platform designed for Nigerian businesses. We help small to medium businesses manage invoicing, accounting, and tax compliance.

Contact Details:

  • Website: https://finorabusiness.com
  • App: https://app.finorabusiness.com
  • Email: privacy@finorabusiness.com
  • Address: [TO BE INSERTED]

Data Protection Officer: dpo@finorabusiness.com

2. Information We Collect

2.1 Information You Provide Directly

Account Information:

  • Name, email address, phone number
  • Password (stored in encrypted form)
  • Profile photo (optional)

Business Information:

  • Business name and address
  • Tax Identification Number (TIN)
  • CAC registration number
  • Industry and business type
  • Annual revenue range

Financial Information:

  • Invoice details (customers, amounts, dates)
  • Receipt information (vendors, amounts, items)
  • Expense records
  • Bank account details (for bank integration feature)
  • Product and inventory data
  • Accounting journal entries

Customer and Supplier Data (entered by you):

  • Names and contact details of your customers
  • Names and contact details of your suppliers

Communications:

  • Support inquiries
  • Feedback and surveys
  • Contact form submissions

2.2 Information Collected Automatically

Technical Data:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Time zone setting

Usage Data:

  • Pages viewed and features used
  • Actions taken within the platform
  • Session duration and frequency
  • Referring website or source

Cookies and Tracking Technologies:

  • Session cookies for authentication
  • Preference cookies
  • Analytics cookies (see our Cookies Policy)

2.3 Information from Third Parties

Bank Integration: When you connect your bank account via our bank integration feature, we receive:

  • Account balance
  • Transaction history
  • Account identifiers

Payment Processing (Paystack): When you subscribe to paid plans:

  • Payment status
  • Transaction reference
  • Card type (last 4 digits only)

We do not receive or store your full card number, CVV, or PIN.

Under NDPR Article 2.2, we process your personal data based on the following legal grounds:

Processing ActivityLegal Basis
Providing platform servicesPerformance of contract
Account managementPerformance of contract
Processing paymentsPerformance of contract
Tax calculationsLegal obligation
Customer supportLegitimate interests
Service improvementsLegitimate interests
Security and fraud preventionLegitimate interests
Marketing communicationsConsent
Compliance with lawsLegal obligation

4. How We Use Your Information

4.1 Providing Our Services

  • Creating and managing your account
  • Processing your invoices, receipts, and expenses
  • Generating financial statements
  • Calculating tax obligations (VAT, WHT, CIT)
  • Facilitating bank integration and reconciliation
  • Enabling accountant collaboration features

4.2 Communication

  • Sending service-related emails (account verification, password reset)
  • Subscription and billing notifications
  • Feature updates and product announcements
  • Responding to your inquiries and support requests

4.3 Improvement and Analytics

  • Understanding how users interact with our platform
  • Identifying and fixing technical issues
  • Developing new features based on usage patterns
  • Improving user experience

4.4 Security and Compliance

  • Detecting and preventing fraud or unauthorized access
  • Maintaining audit logs
  • Complying with Nigerian tax and data protection laws
  • Enforcing our Terms of Use
  • Sending promotional emails about Finora features
  • Sharing tips and resources for business management
  • Informing you about special offers or discounts

You can opt out of marketing communications at any time by clicking "Unsubscribe" in any marketing email or updating your preferences in Settings > Notifications.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following circumstances:

5.1 Service Providers

We engage trusted third-party service providers to help us deliver our services, including providers for authentication, database infrastructure, content delivery, bank integration, payment processing, and email delivery.

All service providers are carefully vetted and bound by data processing agreements in compliance with NDPR requirements. They are required to protect your data and only process it according to our instructions.

For specific inquiries about our service providers, please contact our Data Protection Officer at dpo@finorabusiness.com.

5.2 Professional Accountants (with your permission)

If you use our Accountant Collaboration feature, you may grant your accountant access to your business data for review and adjustment purposes.

We may disclose your information when required by law, such as:

  • Responding to court orders or legal processes
  • Complying with requests from tax authorities (FIRS)
  • Responding to requests from regulatory bodies (NITDA)
  • Protecting our legal rights

5.4 Business Transfers

If Finora is involved in a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside Nigeria, including the United States, where our cloud service providers (Firebase, Cloudflare) maintain data centers.

In accordance with NDPR Article 2.11, we ensure appropriate safeguards for international transfers through:

1. Standard Contractual Clauses: Agreements with service providers that include GDPR-compliant standard contractual clauses 2. Certifications: Service providers maintain SOC 2 Type II and ISO 27001 certifications 3. Encryption: Data encrypted in transit and at rest 4. Access Controls: Strict access limitations

7. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

Data TypeRetention Period
Active account dataDuration of account
Financial/tax records6 years (tax law requirement)
Deleted account data7 days to complete deletion
Audit logs2 years (NDPR requirement)
Backup data90 days after deletion
Contact form data2 years
Marketing preferencesUntil you unsubscribe

After the retention period, data is securely deleted or anonymized.

8. Your Privacy Rights

Under NDPR, you have the following rights regarding your personal data:

8.1 Right to Access

Request a copy of the personal data we hold about you.

8.2 Right to Rectification

Request correction of inaccurate or incomplete data.

8.3 Right to Erasure

Request deletion of your personal data (subject to legal retention requirements).

8.4 Right to Restrict Processing

Request that we limit how we use your data.

8.5 Right to Data Portability

Request your data in a portable, machine-readable format.

8.6 Right to Object

Object to processing based on legitimate interests or for marketing purposes.

Withdraw consent at any time where processing is based on consent.

How to Exercise Your Rights

Via Email: Send your request to dpo@finorabusiness.com

In the App: Go to Settings > Privacy > Data Requests

Response Time: We will respond within 30 days. If your request is complex, we may extend this by up to 60 days (we will notify you if this is necessary).

Verification: We may need to verify your identity before processing your request to protect your data from unauthorized access.

9. Data Security

We implement robust security measures to protect your personal data:

Technical Safeguards:

  • TLS 1.2+ encryption for all data in transit
  • AES-256 encryption for data at rest
  • Secure password hashing (bcrypt)
  • Multi-factor authentication (optional)
  • Regular security assessments and penetration testing

Organizational Safeguards:

  • Role-based access control
  • Employee confidentiality agreements
  • Regular security training
  • Incident response procedures

While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure. If you have reason to believe your interaction with us is no longer secure, please contact us immediately.

10. Children's Privacy

The Finora Platform is designed for businesses and is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children.

If you believe we have collected data from a child, please contact us at privacy@finorabusiness.com, and we will promptly delete the information.

Our website and platform may contain links to third-party websites or services. This Privacy Policy does not apply to those third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws.

How We Notify You:

  • Email notification to your registered email address
  • Prominent notice on our website
  • In-app notification

We encourage you to review this Privacy Policy periodically. Your continued use of our services after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices:

General Privacy Inquiries:

  • Email: privacy@finorabusiness.com

Data Protection Officer:

  • Email: dpo@finorabusiness.com
  • Phone: [TO BE INSERTED]

Mailing Address: Finora Technologies Ltd Attn: Privacy Team [TO BE INSERTED] Nigeria

NITDA Complaints: If you believe your data protection rights have been violated, you may lodge a complaint with NITDA:

  • Website: https://nitda.gov.ng
  • Email: info@nitda.gov.ng

Last updated: [TO BE INSERTED]