Home About Team Investors Press Contact SoroSoke Jobs →
HomePrivacy Policy
LEGAL

Privacy Policy

How SoroSoke collects, uses, stores, and protects your personal data. Compliant with the Nigeria Data Protection Act 2023 and the NDPR.

Effective 1 May 2026 · Last updated 5 May 2026

🛡 Plain English summary

SoroSoke collects only what we need to run the platform, pay you fairly, and protect you from fraud. We do not sell your data. You can read, correct, or delete your information at any time by emailing our Data Protection Officer at dpo@sorosokegpl.com. Anonymous posting is supported and we don’t link anonymous posts back to you in any product surface.

On this page

  1. Who we are
  2. What we collect
  3. Why we collect it
  4. When we share data
  5. How long we keep data
  6. Your rights under NDPR
  7. How we protect data
  8. Cookies and tracking
  9. Children and minors
  10. Changes to this policy
  11. Contact our DPO

1. Who we are

This Privacy Policy explains how SoroSoke Global Platforms Ltd (“SoroSoke”, “SGPL”, “we”, “our”) collects, uses, stores, and protects your personal data when you use our platforms — sorosokegpl.com, jobs.sorosokegpl.com, and any associated mobile applications.

SoroSoke Global Platforms Ltd is a company incorporated in Nigeria under RC No. 1801907. We act as the Data Controller for personal data processed through our platforms, and we are registered with (or in the process of registering with) the Nigeria Data Protection Commission (NDPC) under the Nigeria Data Protection Act 2023 (the “NDPA”) and the Nigeria Data Protection Regulation (the “NDPR”).

2. What we collect

We only collect data we need to run the platform, pay you, and keep the platform safe. Specifically:

2.1 Account data

  • Full name, phone number, email address, password (stored hashed and salted)
  • Date of birth (to verify you are 16+)
  • Profile information you choose to add (LGA, photo, bio)

2.2 Identity & contribution data (only for users who earn S-Points or apply via SJOB)

  • Government-issued ID number (NIN, BVN, or equivalent), captured securely and used only for verification
  • Bank account details for identity verification and platform account administration
  • Selfie or photo ID for liveness checks where required by law

2.3 Platform activity data

  • Posts, comments, votes, reactions, and S-Points activity you make on the platform
  • Login timestamps, device type, IP address (for fraud and abuse prevention)
  • Connections, follows, and groups you join

2.4 SoroSoke Jobs assessment data (SJOB users only)

  • Assessment answers, scores, and certification status
  • LGA assignment and Community Manager / Revenue Scout deployment records

We do not collect: your contacts list, your camera roll, your call history, your SMS, or any data from third-party apps on your device, except as you explicitly grant per-permission and per-feature.

3. Why we collect it

We process personal data on the following lawful bases under the NDPA / NDPR:

  • Performance of contract — to provide you the platform you signed up for, including S-Points recognition and platform participation tracking.
  • Legal obligation — to comply with KYC, AML, tax, and financial-services regulations (CBN, NIBSS, NDPC).
  • Legitimate interests — to keep the platform safe (fraud prevention, abuse moderation), to improve the service, and to communicate with you about your account.
  • Consent — for any processing not covered above (e.g., marketing emails, optional analytics cookies). You can withdraw consent at any time.

4. When we share data

We never sell your personal data. We only share it in the following limited circumstances:

  • Service partners — banks, NIBSS, and licensed providers, strictly to support account administration, verification, and platform operations.
  • Identity verification partners — licensed KYC vendors, only the minimum data needed to verify you are who you say you are.
  • Legal compliance — in response to a lawful order from a Nigerian court, regulator, or law enforcement agency, to the extent we are legally compelled.
  • Aggregated, anonymous insights — we may publish or share aggregated data (e.g., “42% of posts in LGA X concern infrastructure”) that cannot identify any individual user.
  • Service providers — cloud hosting, analytics, customer support tools, all bound by confidentiality and data-processing agreements equivalent to NDPA standards.

Where service providers are based outside Nigeria, we ensure data transfers comply with the cross-border transfer rules in the NDPA, including standard contractual clauses where required.

5. How long we keep data

  • Account data — for as long as your account is active, plus 12 months after closure (for fraud and dispute resolution).
  • KYC and payout records — 7 years after the last transaction, as required by Nigerian financial regulations.
  • Platform activity — posts, comments and reactions remain on the platform until you delete them or your account is closed; logs are retained for 90 days unless required for an active investigation.
  • Anonymous posts — the post stays; the link to your account is severed at deletion request and is not retained.

6. Your rights under NDPR

You have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right of rectification — correct any inaccurate or incomplete data.
  • Right of erasure — ask us to delete your data, subject to retention obligations above.
  • Right to data portability — receive your data in a machine-readable format you can take elsewhere.
  • Right to object — object to processing based on legitimate interests, including direct marketing.
  • Right to restrict processing — ask us to pause processing while we resolve a dispute.
  • Right to lodge a complaint — with the Nigeria Data Protection Commission (NDPC) directly.

To exercise any of these rights, email dpo@sorosokegpl.com. We respond within 30 days.

7. How we protect data

  • All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Passwords are hashed using industry-standard one-way functions (bcrypt / Argon2).
  • Access to personal data is logged and limited to staff with a documented operational need.
  • We maintain incident response procedures and will notify affected users and the NDPC within 72 hours of becoming aware of a notifiable breach.
  • We carry out periodic Data Protection Impact Assessments (DPIAs) on new features.

8. Cookies and tracking

We use a small number of cookies and similar technologies:

  • Essential — needed for login, security, and basic platform function. Always on.
  • Analytics — aggregate, anonymised usage data so we can improve the platform. Optional — you control via the consent banner.

We do not use third-party advertising trackers, cross-site trackers, or pixels.

9. Children and minors

SoroSoke is not intended for users under 16 years old. We do not knowingly collect data from anyone under 16. If we learn we have collected data from a person under 16 without verifiable parental consent, we will delete it. If you believe a minor has registered, please contact dpo@sorosokegpl.com.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top of this page and, for material changes, notify registered users via email and an in-app banner at least 30 days before the change takes effect.

11. Contact our Data Protection Officer

Data Protection Officerdpo@sorosokegpl.com
📍
Postal addressSoroSoke Global Platforms Ltd
(Data Protection Officer)
Lagos, Nigeria
RC No. 1801907
🇱🇬
RegulatorNigeria Data Protection Commission (NDPC)
ndpc.gov.ng