Privacy Policy

DropSwift ("DropSwift," "we," "our," or "us") is committed to protecting the privacy, confidentiality, and security of personal information belonging to our users, customers, riders, merchants, partners, and website visitors. This Privacy Policy explains how we collect, use, store, disclose, and protect your information when you access or use the DropSwift platform, including our mobile applications, websites, APIs, dashboards, and related services.

This Privacy Policy has been designed to align with applicable privacy and data protection laws in Africa and internationally, including principles reflected in:

• The Ghana Data Protection Act, 2012 (Act 843)
• Nigeria Data Protection Act (NDPA)
• Kenya Data Protection Act
• South Africa Protection of Personal Information Act (POPIA)
• The General Data Protection Regulation (GDPR) of the European Union
• International data privacy and cybersecurity best practices

By using DropSwift, you acknowledge that you have read and understood this Privacy Policy.

1. Scope of This Policy

This Privacy Policy applies to:

• Customers requesting delivery services
• Riders and delivery agents
• Merchants and business partners
• Visitors using our websites or applications
• Individuals communicating with our support team
• Users interacting with our APIs or integrations

This Policy applies regardless of the country or device used to access our services.

2. Information We Collect

We collect different categories of information depending on how you interact with our platform.

2.1 Personal Information

We may collect personal information including:

• Full name
• Email address
• Phone number
• Date of birth
• Residential or business address
• Government-issued identification
• Profile photographs
• Business registration details
• Vehicle information for riders
• Emergency contact information

2.2 Account and Authentication Data

When creating or accessing an account, we may collect:

• Login credentials
• Password hashes
• Authentication tokens
• Device identifiers
• Browser information
• Operating system details
• IP addresses
• Session activity

2.3 Location Data

DropSwift uses GPS and location technologies to provide delivery-related services. We may collect:

• Real-time rider location
• Pickup and drop-off coordinates
• Route history during active deliveries
• Approximate customer location
• Device-based location permissions

Location data helps us enable live delivery tracking, improve route optimization, prevent fraud, verify delivery completion, and enhance safety and support investigations. Location tracking may continue while the app is active or during deliveries depending on device permissions.

2.4 Transaction and Payment Information

We may collect transaction-related data including delivery fees, payment amounts, payment status, billing records, wallet balances, and transaction identifiers.

Payment card information is processed securely through authorized third-party payment processors such as Paystack and is not fully stored on our servers unless permitted by law and secured appropriately.

2.5 Communications and Support Data

We may collect information when you contact customer support, submit complaints, participate in surveys, send emails or messages, report incidents, or leave reviews or ratings. This may include recorded calls, chat logs, attachments, and communication metadata.

2.6 Automatically Collected Information

Our systems may automatically collect technical and analytical data including device model, app version, language settings, time zone, cookies and session data, usage patterns, crash reports, referring URLs, and network information.

3. How We Use Your Information

We use personal information for legitimate business and operational purposes including:

3.1 Service Delivery

• Processing deliveries
• Matching riders with customers
• Tracking deliveries in real time
• Verifying delivery completion
• Facilitating communication between users

3.2 Account Management

• Creating and managing user accounts
• Identity verification and KYC
• Password recovery
• Security monitoring
• Preventing unauthorized access

3.3 Payments and Financial Operations

• Processing transactions
• Managing payouts to riders
• Detecting fraudulent payments
• Issuing refunds where applicable
• Financial reporting and compliance

3.4 Safety and Security

• Detect fraud and abuse
• Investigate suspicious activities
• Prevent unauthorized platform access
• Monitor compliance with our policies
• Improve user safety

3.5 Communication

We may send delivery notifications, security alerts, service updates, account notices, and promotional communications where permitted. Users may opt out of certain non-essential marketing communications.

3.6 Analytics and Improvements

• Improve user experience
• Optimize delivery performance
• Enhance application stability
• Develop new features
• Conduct internal research

4. Legal Bases for Processing

Where required by applicable law, we process information under one or more legal bases including:

• User consent
• Performance of contractual obligations
• Compliance with legal obligations
• Legitimate business interests
• Protection of vital interests
• Fraud prevention and security purposes

5. Sharing and Disclosure of Information

We do not sell personal information to third parties. However, we may share information in the following situations:

5.1 Between Customers and Riders

To complete deliveries, limited information may be shared including names, contact numbers, pickup and delivery addresses, and live delivery location during active orders.

5.2 Service Providers

We may share information with trusted providers including payment processors, cloud hosting providers, analytics providers, customer support systems, SMS and email service providers, and security and fraud prevention vendors. These providers are contractually required to protect information appropriately.

5.3 Legal and Regulatory Authorities

We may disclose information where required to comply with applicable laws, respond to lawful requests, enforce our Terms and Conditions, protect users and public safety, or investigate fraud or criminal activity.

5.4 Business Transfers

If DropSwift undergoes a merger, acquisition, restructuring, or asset sale, personal information may be transferred as part of the transaction subject to applicable legal safeguards.

6. International Data Transfers

Because we may use international technology providers and cloud infrastructure, information may be transferred across borders and processed outside your country of residence.

Where international transfers occur, we implement reasonable safeguards including contractual protections, security controls, access limitations, and compliance measures aligned with global privacy standards.

7. Data Retention

We retain information only for as long as necessary to provide services, meet legal obligations, resolve disputes, prevent fraud, and enforce agreements.

Retention periods may vary depending on account activity, financial regulations, tax obligations, legal investigations, and security requirements. After retention periods expire, information may be securely deleted, anonymized, or archived.

8. Security Measures

DropSwift implements industry-standard technical and organizational safeguards including:

• HTTPS encryption
• Secure APIs
• Access controls
• Authentication systems
• Database security measures
• Security monitoring
• Role-based permissions
• Encrypted credentials where applicable

Despite these measures, no system can guarantee absolute security. Users are encouraged to use strong passwords, protect account credentials, avoid sharing login details, and report suspicious activity immediately.

9. Cookies and Tracking Technologies

We use cookies and related technologies to maintain user sessions, improve performance, remember preferences, analyze usage patterns, and enhance security.

Users may control cookies through browser settings, although disabling cookies may affect platform functionality.

10. User Rights and Choices

Depending on applicable laws, users may have rights including:

• Accessing personal information
• Correcting inaccurate data
• Requesting deletion
• Restricting processing
• Objecting to certain uses
• Requesting data portability
• Withdrawing consent where applicable

Requests may require identity verification before processing. To exercise privacy rights, users may contact us using the information provided below.

11. Children's Privacy

DropSwift services are not intended for children under the age permitted by applicable law without parental or guardian supervision. We do not knowingly collect personal information from children unlawfully. If we become aware of unauthorized child data collection, we may take steps to delete such information.

12. Third-Party Links and Services

Our platform may contain links or integrations with third-party websites, applications, or services. We are not responsible for the privacy practices of third parties. Users are encouraged to review third-party privacy policies independently.

13. Automated Decision-Making and Fraud Detection

DropSwift may use automated systems to detect fraudulent activities, monitor suspicious transactions, assess security risks, and improve operational efficiency. These systems may involve algorithmic analysis and risk scoring.

14. Data Breach Response

In the event of a security breach affecting personal information, DropSwift may investigate the incident, mitigate risks, notify affected users where legally required, cooperate with regulatory authorities, and improve security controls.

15. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect legal changes, security improvements, new technologies, operational updates, or service enhancements. Updated versions become effective upon publication on our platform.

Continued use of DropSwift after updates constitutes acceptance of the revised Policy.

16. Contact Information

For privacy-related questions, complaints, or requests, contact:

DropSwift Privacy Office
Email: privacy@dropswift.org
Support: support@dropswift.org
Location: Accra, Ghana

17. Regulatory Compliance

DropSwift aims to operate in accordance with applicable data protection and cybersecurity laws across jurisdictions where we provide services. Nothing in this Privacy Policy limits any rights granted under applicable law.

18. Consent

By using DropSwift, creating an account, or accessing our services, you consent to the collection, processing, storage, and disclosure of information as described in this Privacy Policy.