Privacy Policy

Pickknow (“we”, “us”, “our”) operates an online marketplace and related services primarily for users in Nigeria. This Privacy Policy describes our practices in plain language alongside the legal detail below.

Depending on where you live, additional rights may apply—for example, if you are in the European Economic Area (EEA), the United Kingdom, or Switzerland, certain GDPR-style rights apply as described in this policy. If you are in Nigeria, the Nigeria Data Protection Act 2023 (NDPA) and related rules may apply.

By using the Services, you acknowledge that you have read this policy. If you do not agree, please stop using the Services. Our Terms of Service apply alongside this policy.

We will not ask you to “confirm your account” by sending us your login credentials, OTPs sent to your phone, or screenshots of your authenticator app. Legitimate sign-in and recovery flows happen only through our official website or official apps when we publish them.

• Do not share passwords or OTPs with anyone claiming to be Pickknow support, a buyer, or a seller.
• Do not install remote-desktop software or “verification” apps at someone else’s request.
• We do not need access to your email inbox, bank app, or crypto wallet to “verify” your account.
• Official links use our real domain(s). Be cautious of look-alike domains and pasted links in chat.

If you are unsure whether a message is genuine, open the app or site yourself (type the address or use a bookmark) and contact us through Help & Support. Report phishing to us so we can investigate.

We collect information you give us, information generated when you use the Services, and (where allowed) information from devices and cookies.

Account and profile: name, email address, phone number, password (stored using strong one-way hashing—we do not store your password in plain text), profile photo, shop or display name, location or address fields you choose to provide, and verification information when we run identity or business checks.

Listings and commerce: titles, descriptions, prices, photos, categories, attributes, location of items, offer and order-related data where those features exist, and messages sent through our messaging tools.

Usage and device: IP address, approximate location derived from IP or device settings, browser and device type, operating system, pages viewed, referring URLs, timestamps, and diagnostic or performance data (including error logs) to keep the Services secure and reliable.

Support and safety: content you send when you contact support, reports, disputes, and records we need to enforce our policies or comply with law.

Cookies and similar technologies are described in our Cookies Policy (/cookies), including choices you may have where applicable.

We avoid collecting special categories of personal data (such as health, religion, or biometric data) unless necessary for a specific feature and where the law allows. Do not post unnecessary sensitive information in public listings or messages.

• Create and secure your account; authenticate you and prevent fraud.
• Operate the marketplace: show listings, enable search, messaging, offers, reviews, notifications, and optional features such as wallet or promotions when available.
• Personalise and improve the Services, including analytics and product development in aggregated or de-identified form where possible.
• Enforce our Terms, detect abuse, respond to reports, and protect users and the platform.
• Communicate with you about the Services, security alerts, policy updates, and (where permitted) marketing—you can opt out of marketing where the law requires.
• Comply with legal obligations and respond to lawful requests from regulators or courts.

Performance of a contract: processing needed to provide the Services you request (e.g. account, listings, messaging).

Legitimate interests: improving and securing the platform, fraud prevention, analytics that do not override your rights, and direct communication about similar services where allowed. You may object to certain processing as described in your rights section.

Consent: where we ask for optional cookies, marketing emails, or specific optional features, you may withdraw consent at any time without affecting processing that was lawful before withdrawal.

Legal obligation: where we must retain or disclose data to comply with law or respond to competent authorities.

We do not sell your personal data. We share data only as described here or with your direction (for example, when you message another user or publish a listing).

• Service providers (hosting, email delivery, analytics, customer support tools, payment processors if you use in-platform payments) who process data on our instructions under contract.
• Other users: information you choose to make public on your profile or listings (e.g. display name, shop name, general location).
• Legal and safety: regulators, law enforcement, or parties to a legal process when we believe in good faith that disclosure is required.
• Business transfers: a successor in a merger, acquisition, or asset sale, subject to appropriate safeguards.

We may process and store data in Nigeria and in other countries where we or our providers operate. If we transfer personal data from the EEA, UK, or Switzerland to countries not deemed adequate, we use appropriate safeguards such as Standard Contractual Clauses or other mechanisms recognised by applicable law.

We keep data only as long as needed for the purposes above, including legal, tax, accounting, and dispute-resolution requirements. When data is no longer needed, we delete or anonymise it. Some information may persist in backups for a limited period before automatic deletion.

Depending on your location, you may have the right to: access a copy of your personal data; correct inaccurate data; delete data (“right to be forgotten”) where applicable; restrict or object to certain processing; data portability in a machine-readable format; withdraw consent where processing was consent-based; and lodge a complaint with a supervisory authority.

Nigeria: You may have rights under the NDPA to request access, correction, deletion where appropriate, and information about processing. The Nigeria Data Protection Commission (NDPC) oversees compliance—you may contact them regarding complaints.

EEA/UK: You may contact your local data protection authority. For example, EU authorities are listed on the European Data Protection Board website; in the UK, the ICO (ico.org.uk).

To exercise rights, use in-app settings where available (e.g. profile, account) or contact us through Help & Support. We will respond within the timeframes required by law (typically within one month for GDPR, subject to extension for complex requests).

We may use automated systems to detect spam, fraud, policy violations, or to rank and surface content. We do not make solely automated decisions with legal or similarly significant effects about you without human review where required by law. If that changes, we will update this policy.

The Services are not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, contact us and we will take appropriate steps to delete it.

We use cookies and similar technologies for security, preferences, analytics, and (where you agree) marketing. Details, including how to manage preferences, are in our Cookies Policy at /cookies.

We may update this Privacy Policy from time to time. We will change the “Last updated” date and, where appropriate, provide additional notice (for example on the site or by email). Continued use after changes means you accept the updated policy where the law allows.

For privacy-related questions or requests, contact us through Help & Support in your account or the contact methods published on Pickknow. For general legal identity of the controller, use the entity name and address we publish on the site or in correspondence.

If you are not logged in, you may still reach support through any public contact channel we provide; we may need information to verify your identity before we discuss or change account data.