Compiler logo
Why ComplierOur companyPricing
Log in
Why ComplierOur companyPricing
Support
How it WorksHelp centerContact us
Log in

Privacy & Compliance Policy

OverviewWhat We CollectHow We Use DataSharing Your DataCross-Border TransferYour RightsData RetentionData SecurityChildren's DataData Protection OfficerPolicy UpdatesContact Us

Introduction

Tal Tech Nova Limited ("we", "us", or "our"), operating as Complier, is the data controller responsible for the personal data you provide to or generate through the Complier compliance technology platform ("the Platform"). Our contact details are set out at the end of this Privacy Policy

This Privacy Policy explains how we collect, use, store, share, transfer, protect, and manage your personal data in connection with your use of the Platform, in accordance with:

  • The Nigeria Data Protection Act 2023 ("NDPA");
  • The Nigeria Data Protection Commission General Application and Implementation Directive 2025 ("GAID"), effective 19 September 2025;
  • Section 37 of the Constitution of the Federal Republic of Nigeria 1999 (as amended), which guarantees the fundamental right to privacy;
  • Any other applicable Nigerian legislation governing the processing of personal data.

By using the Platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, you should discontinue your use of the Platform and contact us to request deletion of your data

What We Collect

  • Full name and professional role
  • Organization name and sector
  • Business contact details (email, phone number)
  • Account credentials and authentication details
  • Compliance filings and documents and submissions
  • Support requests and communications

When you use the Platform, we may automatically collect certain information about your device and your interaction with the Platform. We collect this information through cookies and similar technologies to improve the functionality, security, and performance of the Platform, and to enhance your user experience.

For more information about how we use cookies and similar technologies, please see our Cookies Policy (link to be inserted).

Data Collected through Your Interaction With Us

  • Create an account on the Platform
  • Apply for our products and services
  • Subscribe to our service or publications
  • Request marketing to be sent to you
  • Promotion or Survey
  • Give us feedback or contact us

Personal Data we collect from you include:

  • Full name
  • Contact data: email address, phone number, business address;
  • Account data: username, password (stored in encrypted form), account preferences;
  • Business data: company name, registration number, nature of business, industry sector;
  • Payment data: billing name, billing address, payment card details (processed by our appointed third-party payment processor — we do not store full card data);
  • Compliance task data: documents, filings, correspondence, forms, and information submitted in connection with compliance tasks carried out on the Platform;
  • Communications data: emails, messages, or support requests sent to or through us.
  • Technical data: IP address, browser type, device identifiers, operating system;
  • Usage data: pages visited, features accessed, time spent on the Platform, click patterns;
  • Log data: server logs, error reports, timestamps of Platform interactions;
  • Cookie and tracking data: as further described in our Cookies Policy.
  • Verification data received from regulatory bodies, corporate registrars, or government databases in the course of conducting compliance tasks on your behalf;
  • Data from payment processors or financial institutions in connection with subscription billing;
  • Data from professional vetting sources when verifying the credentials of Admin Professionals.

Special Categories of Personal Data

We do not seek to collect sensitive personal data (as defined under Section 30 of the NDPA-  including data relating to racial or ethnic origin, political opinions, religious beliefs, health, biometric data, or sexual orientation) as part of our standard Platform operations. If a compliance task incidentally requires the processing of such data, we will seek your explicit consent for that specific processing purpose, in accordance with the NDPA.

Consent

Where we rely on your consent for example, for marketing communications, non-essential cookies, or processing of sensitive personal data — we will obtain your freely given, specific, informed, and unambiguous consent prior to that processing. You may withdraw consent at any time without affecting the lawfulness of prior processing.

Compliance with legal obligation

We may process your data where necessary to comply with a legal obligation we are subject to. We will identify the relevant legal obligation when we rely on this.

Legitimate interest

We may process your data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and interests. Such interests include: improving and securing the Platform, fraud prevention, internal analytics, and service quality monitoring. We conduct a balancing test before relying on this basis.

Vital interest

In exceptional circumstances, we may process data to protect the vital interests of a data subject or another natural person.

Purposes for Which We Use Your Personal Data

We use the personal data we collect for the following purposes:

  • To create and manage your account on the Platform;
  • To deliver compliance services and assign tasks to Admin Professionals on your behalf;
  • To process payments and manage your subscription;
  • To communicate with you about your account, tasks, platform updates, and regulatory changes;
  • To verify the identity and credentials of Admin Professionals;
  • To comply with our legal and regulatory obligations as a business operating in Nigeria;
  • To detect, investigate, and prevent fraud, security incidents, and misuse of the Platform;
  • To maintain records of processing activities (RoPA) as required by the NDPA and GAID;
  • To improve the functionality, usability, and security of the Platform;
  • To enforce our Terms of Use and other legal agreements;
  • To send you marketing communications about our services — only with your prior consent, and with an easy opt-out at any time.

We will not process your personal data for any purpose incompatible with the purposes stated above without first informing you and, where required, obtaining your consent

Sharing Your Personal Data

We do not sell, rent, or trade your personal data to third parties for their own marketing or commercial purposes. We may share your personal data in the following limited circumstances:

Admin professionals

Personal data and compliance task materials will be shared with the Admin Professional assigned to your task, to the extent necessary for the performance of that task. Admin Professionals are bound by confidentiality obligations and, where required, Data Processing Agreements.

Service Providers and Data Processors

We engage third-party service providers to support Platform operations, including cloud hosting providers, payment processors, email delivery services, and customer support tools. These parties are appointed as data processors under written Data Processing Agreements that comply with the requirements of the NDPA and GAID, and they may only process your data on our documented instructions.

Regulatory and legal disclosure

We may disclose your personal data where required by applicable law, court order, or directive from a competent regulatory authority, including the Nigeria Data Protection Commission (NDPC), the Corporate Affairs Commission (CAC), the Federal Inland Revenue Service (FIRS), or any other relevant regulatory body.

Business transfers

If Tal Tech Nova Limited is involved in a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred to the acquiring entity, subject to equivalent data protection obligations.

“Speak to a lawyer” feature

If you use the "Speak to a Lawyer" feature on the Platform, the personal data you provide in connection with that engagement will be shared with the independent legal professional you are connected with, pursuant to their own professional obligations and separate terms and conditions.

Cross-Border Data Transfer

Tal Tech Nova Limited is incorporated in Nigeria and primarily processes data within Nigeria. Where the use of international cloud infrastructure or service providers necessitates the transfer of personal data outside Nigeria, we ensure that such transfers comply with Section 43 of the NDPA and the requirements of the GAID, including:

  • Transfer only to countries with an adequate level of data protection as determined by the NDPC, or as recognised by applicable law;
  • Use of standard contractual clauses or binding corporate rules approved by the NDPC;
  • Obtaining NDPC approval for cross-border transfer mechanisms where required under the GAID;
  • Documenting the basis and safeguards for all cross-border transfers in our Records of Processing Activities.

You may request details of any cross-border transfers of your data by contacting us at
hello@usecomplier.com

Your Rights as Data Subject

Under the NDPA and the GAID, you have the following rights in relation to your personal data. We will respond to valid requests within a reasonable time and in any event no later than 30 days of receipt, unless an extension is justified. We will not charge a fee for exercising your rights except in circumstances permitted by law.

Right to Access (Section 34, NDPA)

You have the right to request confirmation of whether we process your personal data and, if so, to obtain a copy of that data along with information about how it is lawfully processed.

Right to Rectification (Section 35, NDPA)

You have the right to request the correction of any inaccurate or incomplete personal data we hold about you. We may need to verify the accuracy of the new data you provide to us before making the correction.

Right to Erasure (Section 36, NDPA)

You have the right to request the deletion of your personal data in certain circumstances, including where the data is no longer necessary for the purpose for which it was collected, or where you withdraw consent and there is no other lawful basis for processing. This right is subject to our legal obligations to retain data.

Right to Object (Section 37, NDPA)

You have the right to object to the processing of your personal data where we rely on legitimate interests as our lawful basis, and where you have grounds relating to your particular situation. You also have an absolute right to object to processing for direct marketing purposes.

Right to Restrict Processing (Section 38, NDPA)

You have the right to request the restriction of processing of your personal data in certain circumstances- for example, while we verify the accuracy of data you have contested.

Right to Data Portability (Section 39, NDPA)

Where processing is based on consent or contract and carried out by automated means, you have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller.

Right to Withdraw Consent

Where we rely on your consent to process personal data, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

Right to Object to Automated Decision-Making (Section 40, NDPA)

You have the right not to be subject to a decision based solely on automated processing- including profiling- that produces legal or similarly significant effects on you, unless you have given explicit consent or such processing is authorised by law.

The Complier Platform does not currently employ solely automated decision-making in a manner that produces legal effects on users; however, we will notify you if this changes.

How to Exercise Your Rights

To exercise any of the above rights, please submit a written request to: hello@usecomplier.com, with the subject line "Data Subject Rights Request". Please include your full name, account email address, and a clear description of the right you wish to exercise. We may request proof of identity before processing your request.

Right to Lodge a Complaint

If you are dissatisfied with how we handle your personal data or respond to your rights request, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC):

Website:ndpc.gov.ng
Email:info@ndpc.gov.ng
Address: No. 5, Donau Crescent, Maitama, Abuja, FCT, Nigeria

We encourage you to contact us in the first instance to resolve any concern before escalating to the NDPC.

We take all inquiries seriously and will respond promptly to address any data-related issues or requests.

Data Retention

We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. Our key retention periods are:

  • Account data: retained for the duration of your subscription and for a period of 3 years following account closure, in accordance with statutory record-keeping obligations;
  • Compliance task documents: retained for 6 months from the date of task completion or closure, after which they are permanently deleted from our systems in accordance with our Data Retention Policy and the GAID's storage limitation principle;
  • Payment and billing records: retained for 6 years from the date of the transaction, in compliance with financial record-keeping requirements;
  • Communication records: retained for 2 years from the date of communication;
  • Audit logs and security data: retained for up to 12 months for security and fraud prevention purposes.

Upon expiry of the applicable retention period, personal data is securely and irreversibly deleted or anonymised. You will not be notified individually of each deletion unless required by law.

Data Security

Tal Tech Nova Limited implements appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, loss, destruction, alteration, or accidental harm. These measures include:

  • Encryption of data in transit using Transport Layer Security (TLS) protocols;
  • Encryption of data at rest on our servers;
  • Role-based access controls limiting staff access to data on a need-to-know basis;
  • Regular security assessments and penetration testing;
  • Staff training on data protection obligations under the NDPA and GAID;
  • Data Processing Agreements with all third-party processors.

No digital system can guarantee absolute security. In the event of a personal data breach that is likely to pose a high risk to your rights and freedoms, we will notify the NDPC within 72 hours of becoming aware of the breach, in accordance with Section 40 of the NDPA and the GAID. We will also notify affected individuals without undue delay in clear and plain language, along with guidance on protective steps you can take.

Children’s Personal Data

The Complier Platform is designed for use by business entities and adult individuals in a professional capacity. We do not knowingly collect personal data from persons under the age of 18. Under Section 31 of the NDPA, where we become aware that data has been collected from a person under 18 without appropriate parental or guardian consent, we will take immediate steps to delete such data. If you believe we have inadvertently collected personal data relating to a child, please contact us immediately at hello@usecomplier.com.

Data Protection Officer (DPO)

Pursuant to Section 32 of the NDPA and the requirements of the GAID, Tal Tech Nova Limited has designated a Data Protection Officer (DPO) where required by law. The DPO is responsible for monitoring compliance with the NDPA and GAID, advising on data protection obligations, and serving as the primary contact point with the NDPC

To contact our Data Protection Officer in respect of any matter relating to this Privacy Policy or our data processing practices, please write to:

  • Email: hello@usecomplier.com (subject line: "FAO: Data Protection Officer")
  • Postal address: Data Protection Officer, Tal Tech Nova Limited, [Registered Address]

Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices, applicable law, or regulatory guidance from the NDPC. Where changes are material, we will notify you by email to your registered address or by a prominent notice on the Platform at least 14 days prior to the changes taking effect.


The most current version of this Privacy Policy will always be available on the Platform. The "Last Updated" date at the top of this document reflects when changes were most recently made. Continued use of the Platform after the effective date of any update constitutes your acceptance of the revised Policy.

Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact:

Tal Tech Nova Limited (operating as Complier)
Email:hello@usecomplier.com
Website:www.usecomplier.com
Regulatory Authority: Nigeria Data Protection Commission (NDPC) —ndpc.gov.ng

Compiler logo
Call us 24/709065052406

My Account

  • Compliance
  • Subscription
  • Find a Lawyer

Quick links

  • Privacy policy
  • Cookie policy
  • Terms of service
  • Data protection

Support & resources

  • Blog
  • FAQs
  • Help center

Email us

support@usecomplier.com

Follow us on socials

Copyright reserved. © Compiler 2026