1. INTRODUCTION

At Philantify, we take your privacy seriously. This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you use our platform. By accessing or using Philantify, you agree to the terms set forth in this policy. If you do not agree with any aspect of this policy, please discontinue use of our services immediately.

1.1 Who We Are

Philantify is a philanthropic and collaborative digital platform operated by the PHILANTIFY IMPACT LTD/GTE. We connect philanthropists, donors, corporate sponsors, volunteers, delivery partners, community members, and beneficiaries to identify, fund, support, and execute social causes.

1.2 Purpose of This Privacy Policy

The purpose of this Privacy Policy is to provide a clear, transparent, and legally compliant explanation of:

• What personal information we collect and why we collect it.
• How we process and use your information in connection with our services.
• Who we share your information with, including third-party service providers.
• Your rights and choices regarding your data.
• Our security measures to protect your information from unauthorized access or misuse.
• How we comply with international privacy laws, including the General Data Protection Regulation (GDPR), and other applicable data protection laws.

1.3 Scope of This Privacy Policy

This Privacy Policy applies to:

• All users of Philantify's website, mobile application, and associated services.
• All stakeholders, including donors, philanthropists, sponsors, delivery partners, volunteers, community members, and beneficiaries.
• All individuals whose data is processed by Philantify in any form, including those who communicate with us, sign up for updates, or participate in surveys.

This Privacy Policy does not apply to:

• Third-party websites or services that we do not control, even if linked from Philantify. We encourage you to review the privacy policies of any external platforms you interact with.
• Information that has been fully anonymized and is no longer personally identifiable.

1.4 Legal Compliance & Your Rights

Philantify operates in multiple jurisdictions, and we adhere to the strictest international privacy standards, including but not limited to:

• GDPR (EU & UK) – Ensuring users in the European Economic Area (EEA) have rights to data access, correction, and deletion.
• African Data Protection Laws – Complying with regional regulations, such as Nigeria's NDPA, Kenya's Data Protection Act, and South Africa's POPIA.

Users have the right to access, correct, delete, or restrict processing of their data at any time. More details on your rights are outlined in Section 8 (User Rights & Data Control).

1.5 Future Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, regulatory, or operational changes.

• If the changes materially impact your rights or how we process your personal data, we will provide appropriate notice through email, in-app notifications, or our website.
• For minor updates that do not affect your rights, we may update the policy without prior notification.
• The date of the last update will always be visible at the top of this policy.
• Continued use of Philantify's services after updates constitutes acceptance of the revised policy.

1.6 Contacting Us

If you have any questions, concerns, or requests regarding this Privacy Policy, you may contact us:

📧 Email: support@philantify.org

📞 Phone: +234 913 969 4441

📍 Address:

Lagos, Nigeria

Plot 9, Gbagada Industrial Scheme, beside UPS, Gbagada-Oworonshoki Expressway, Lagos.

Mauritius Office

H21, Home Scene Building, Healthscape, Forbach, Mauritius

UAE Office

19760, M1 Floor, Twin Towers, PO Box 4422, Fujairah, United Arab Emirates.

2. INFORMATION WE COLLECT

At Philantify, we collect and process different types of personal and non-personal data to operate effectively, enhance user experience, and comply with legal requirements. This section explains what information we collect, why we collect it, and how it is obtained.

2.1 Categories of Information We Collect

We collect three main categories of data:

A. Personal Information (Directly Provided by Users)

This includes information you voluntarily provide when you register, donate, sponsor an impact project or otherwise interact with our platform. It may include and it is not limited to:

• Full Name (for identification and communication)
• Email Address (for account security, updates, and communications)
• Phone Number (for verification and support purposes)
• Physical Address (if required for fund disbursement or legal compliance)
• Profile Information (e.g., bio, preferences, areas of interest)
• Financial Details (e.g., bank account number or payment card details for donations or fund disbursement)
• Identity Verification Data (e.g., government-issued ID, tax identification number, or proof of business registration, only when required for fraud prevention or regulatory compliance)

B. Automatically Collected Information (Device & Usage Data)

When you use Philantify, we automatically collect certain technical and usage data to improve security and user experience. This may include:

• IP Address (to detect location-based restrictions, fraud prevention)
• Device Information (e.g., device type, operating system, browser type)
• Log Data (e.g., login timestamps, access logs)
• Usage Data (e.g., pages visited, time spent on the platform, interactions)
• Cookies & Tracking Data (See Section 6 - Cookies & Tracking for more details).

C. Information from Third-Party Sources

We may receive additional data about you from third-party sources, such as:

• Corporate Sponsors & Donation Partners (if they contribute on your behalf)
• Third-Party Payment Processors (e.g., transaction confirmations, fraud alerts)
• Public Databases & Social Media (only when users interact with Philantify through linked accounts)

2.2 Why We Collect Your Data

We only collect data for specific and legitimate purposes, including:

1. To Provide Our Services:
   • Enabling donations, sponsorships, and partnerships
   • Processing transactions securely
2. To Improve User Experience:
   • Customizing content and recommendations
   • Enhancing platform functionality and ease of use
3. For Security & Fraud Prevention:
   • Detecting suspicious activity and preventing scams
   • Complying with legal obligations and responding to law enforcement requests
4. To Communicate with You:
   • Sending account-related notifications
   • Providing updates on causes you support
   • Offering optional promotional content (users can opt-out anytime)

2.3 How We Ensure Data Transparency

• Users can access, update, or delete their personal information at any time.
• No hidden data collection – all data collection purposes are clearly communicated.
• We do not sell or rent personal data to third parties.

3. HOW WE COLLECT INFORMATION

Philantify collects information through three primary methods: direct input from users, automated technologies, and third-party sources. This section outlines the specific ways we obtain data while ensuring transparency and compliance with privacy laws.

3.1 Directly from Users

We collect personal information when users voluntarily provide it while interacting with our platform. This includes:

A. Account Registration & Profile Creation

• When you create an account, we collect name, email, phone number, and password.
• If applicable, additional details such as organization name, incorporation documents, names of key personnel, for corporate sponsors and delivery partners.

B. Donations & Financial Transactions

• When you make a donation, sponsor an impact project, or receive funds, we collect payment details (processed through third-party payment gateways).
• Transaction history and receipts are stored for compliance with tax and financial regulations.

C. User-Initiated Communications

• When you contact customer support or participate in forums, surveys, or feedback requests, we collect message content and contact details.
• Emails and live chat interactions may be recorded for quality assurance and fraud prevention.

D. Participation in Programs & Events

• Users signing up for Philantify-hosted events, volunteering programs, or funding initiatives may provide event-related personal data.

3.2 Automatically Through Technology

Philantify automatically collects certain data when users interact with the platform, helping us enhance security, analyze trends, and optimize user experience. This includes:

A. Device & Technical Data

• IP Address (to determine approximate location and prevent fraudulent activities)
• Browser Type & Version (to optimize website performance)
• Operating System & Device Type (for compatibility adjustments)

B. Usage & Log Data

• Time and date of access (for security audits)
• Pages visited, links clicked, session duration (for analytics and content improvement)
• Login attempts and account changes (for fraud detection)

C. Cookies & Tracking Technologies

• Cookies help store user preferences, enable faster logins, and improve experience (see Section 6 – Cookies & Tracking for details)
• Users can disable non-essential cookies at any time

3.3 From Third-Party Sources

We may receive additional data from third-party partners, but only where lawful and relevant to our services. These sources include:

A. Payment & Financial Institutions

• When you donate, receive funds, or make transactions, payment providers share transaction verification details (but not full financial information)

B. Corporate Sponsors & Funding Partners

• If a corporate sponsor donates on your behalf, we may receive limited user details for tax or compliance reporting

C. Social Media & External Platforms

• If users link their social media accounts, we may collect basic public profile information (name, profile picture) with consent.
• Users can disconnect external accounts at any time

D. Publicly Available Databases & Compliance Checks

• To prevent fraud and verify nonprofit legitimacy, we may access public charity registries or sanction lists
• This applies only to organizations or high-value transactions, not individual users.

3.4 Data Processing Agreement (DPA)

To ensure compliance with data protection laws and best practices, Philantify may enter into a Data Processing Agreement (DPA) with all third-party vendors that process user data on our behalf. This agreement will ensure that our third-party service providers:

• Adhere to strict data protection requirements.
• Implement appropriate technical and organizational measures to protect user data.
• Process data only in accordance with our instructions and for specified purposes.

This is critical for ensuring that any data shared with service providers, such as payment processors or cloud hosting services, is handled in a way that aligns with GDPR and other global data protection regulations. Users will be informed of any data sharing and can request further details regarding the DPA upon request.

3.5 User Control Over Data Collection

• Users can manage privacy settings in their account dashboard.
• Cookie settings allow opting out of tracking and marketing analytics.
• Users can request deletion of their data where legally permissible (see Section 8 – User Rights & Data Control).

4. HOW WE USE YOUR INFORMATION

This section details why we collect your data, how we use it, and the legal basis for processing. Philantify collects and processes your personal information only for legitimate, specific, and lawful purposes. We are committed to transparency and compliance with global data protection laws, including GDPR, and African data protection regulations.

4.1 Purposes of Data Processing

We use the information we collect for the following core purposes:

A. Providing & Improving Our Services

• To facilitate donations, sponsorships, and fund distributions securely
• To verify identity and eligibility for funding initiatives
• To personalize the platform based on user preferences and interests
• To enhance customer support and issue resolution

B. Security, Fraud Prevention & Compliance

• To authenticate user identity and prevent unauthorized access
• To detect fraudulent transactions, abuse, and violations of our Terms of Service
• To comply with legal obligations, tax reporting, and anti-money laundering regulations
• To respond to law enforcement requests where legally required

C. Communications & Engagement

• To send transaction confirmations, donation receipts, and service-related updates
• To provide impact project related updates, newsletters, and impact reports (only if you opt-in)
• To send marketing or promotional communications (users can opt-out at any time)

D. Research & Analytics

• To analyze user behavior, platform trends, and service effectiveness
• To develop new features and improve platform accessibility
• To conduct internal audits and system performance evaluations

4.2 Legal Basis for Processing (For GDPR Compliance)

For users covered under GDPR (EU/UK), we rely on the following legal grounds to process your data:

4.3 Automated Decision-Making & Profiling

Philantify does not engage in automated decision-making that significantly affects users without human intervention.

Where automated processing or decision making (e.g., fraud detection) occurs, users can request human review of decisions.

4.4 Data Anonymization & Aggregation

We may use anonymized, aggregated data for research, reporting, or improving services.

This data cannot be linked back to individual users.

4.5 Data Subject Access Requests (DSARs)

Philantify is committed to respecting users' rights regarding their personal data. Users have the right to access, correct, or delete their personal data at any time, subject to legal and operational requirements. In line with GDPR and other applicable laws, we will respond to Data Subject Access Requests (DSARs) promptly, within 30 days of receipt.

In addition, we have established the following process for DSARs:

• Access Request: Users can request a copy of the personal data we hold about them.
• Correction Request: Users can request that we update or correct any inaccuracies in their personal data.
• Deletion Request: Users can request the deletion of their personal data, subject to legal obligations (e.g., for tax reporting or fraud prevention).
• Restriction of Processing: Users can request that we temporarily restrict the processing of their data in specific circumstances (e.g., during data verification).

Users can submit their DSARs via the contact methods provided in this policy. If a request cannot be fulfilled within the legal timeframe, users will be notified and given a reasonable explanation.

5. DATA SHARING & THIRD-PARTY DISCLOSURES

Philantify does not sell, rent, or trade user data. However, we may share certain information with trusted third parties when necessary for providing our services, legal compliance, fraud prevention, or user-authorized purposes.

5.1 Who We Share Your Data With & Why

A. Service Providers & Partners

We share user data with trusted third-party vendors that help us provide core services, including:

B. Legal Compliance & Law Enforcement

We may disclose personal data if legally required to:

• Respond to subpoenas, legal claims, or regulatory investigations.
• Enforce our Terms of Service or protect Philantify from fraud or misuse.
• Prevent or investigate security threats, abuse, or illegal activities.

C. Publicly Available Information

If you sign up or create an impact project, your name, photo, campaign details, and donation history may be visible on Philantify.

Users control privacy settings for campaigns, allowing them to limit public visibility.

5.2 Third-Party Links & Integrations

Philantify may link to third-party websites, social media, or external services.

If users choose to engage with these external services, Philantify is not responsible for their privacy practices.

User Responsibility: We encourage users to review the privacy policies of any third-party platforms they interact with.

5.3 User Control Over Data Sharing

• Users can opt-out of marketing-related data sharing.
• Users cannot opt-out of sharing data essential for platform functionality (e.g., payment processing).
• Users may request a report on who their data has been shared with (where legally allowed).

6. COOKIES & TRACKING TECHNOLOGIES

Philantify uses cookies, tracking pixels, and similar technologies to enhance user experience, analyze platform performance, and ensure security. This section explains what these technologies are, why we use them, and how users can manage their preferences.

6.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help remember user preferences, track activity, and improve website functionality.

We also use tracking pixels and scripts (like Google Analytics and Meta Pixel) to analyze site traffic and user behavior.

6.2 Types of Cookies & Tracking Technologies We Use

7. DATA SECURITY & PROTECTION

At Philantify, we take data security seriously and implement industry-standard measures to protect user information from unauthorized access, loss, theft, or misuse. This section outlines how we protect your data, our security protocols, and what happens in the event of a data breach.

7.1 How We Protect Your Data

We use a combination of technical, administrative, and physical security measures to safeguard personal data, including:

A. Encryption & Secure Storage

• All user data is encrypted in transit (SSL/TLS) and at rest (AES-256 encryption)
• Sensitive financial information (such as payment details) is never stored directly on our servers. Instead, we use PCI-DSS-compliant payment processors

B. Access Control & Authentication

• Two-Factor Authentication (2FA) is required for sensitive transactions
• Strict role-based access control (RBAC) ensures that only authorized personnel can access personal data
• Users are encouraged to use strong passwords and update them regularly

C. Regular Security Audits & Monitoring

• We conduct regular penetration testing & security assessments
• We use intrusion detection systems (IDS) and automated monitoring to detect unauthorized access

7.2 How We Handle Data Breaches

While we take every reasonable step to protect user data, no system is 100% immune to breaches. In the unlikely event of a security breach, Philantify follows a strict Data Breach Response Plan:

A. Immediate Investigation

• Our security team investigates all suspected breaches within 24 hours.
• Affected systems are isolated and secured to prevent further access.

B. User & Regulatory Notification

• If a breach exposes personal data, affected users are notified within 72 hours (as required under GDPR).
• If required by law, we also notify regulatory authorities and law enforcement.
• Users will receive clear instructions on how to secure their accounts.

7.3 User Responsibilities for Security

While Philantify takes every reasonable measure to secure user data, we also rely on users to take responsibility for protecting their accounts and data. To ensure the security of personal information, users are encouraged to:

• Enable Two-Factor Authentication (2FA): Users are strongly encouraged to enable 2FA on their accounts for an added layer of security.
• Use Strong Passwords: Users should choose strong, unique passwords for their accounts and change them regularly.
• Protect Personal Information: Users should not share login credentials or sensitive personal data through email, SMS, or other insecure means. If a user suspects that their account has been compromised, they should immediately contact Philantify for assistance.
• Report Suspicious Activity: Users should report any suspicious activity or potential breaches to Philantify's support team at support@philantify.org.

By taking these measures, users help protect not only their personal data but also the security of the Philantify platform as a whole.

7.4 Third-Party Security & External Risks

Philantify is not responsible for data security on third-party websites linked to our platform.

Users should exercise caution when sharing personal data on external sites.

8. USER RIGHTS & DATA CONTROL

Philantify believes in transparency and user control over personal data. We comply with global privacy laws, including the General Data Protection Regulation (GDPR), and African data protection regulations. This section explains your rights, how you can manage your data, and the steps to exercise your rights.

8.1 Your Data Rights

Depending on your location and applicable privacy laws, you may have the following rights:

8.2 How to Exercise Your Rights

Users can submit data requests through the following methods:

📧 Email: support@philantify.org

📞 Phone: +234 913 969 4441

📍 Address:

Lagos, Nigeria

Plot 9, Gbagada Industrial Scheme, beside UPS, Gbagada-Oworonshoki Expressway, Lagos.

Mauritius Office

H21, Home Scene Building, Healthscape, Forbach, Mauritius

UAE Office

19760, M1 Floor, Twin Towers, PO Box 4422, Fujairah, United Arab Emirates.

Processing Timeframes: Requests are reviewed within 30 days (per GDPR regulations). In certain cases, we may require identity verification before processing a request.

8.3 Limitations & Exceptions to Data Rights

Your rights may be subject to limitations in the following cases:

• If Philantify is legally required to retain certain data (e.g., tax, fraud prevention).
• If deletion would interfere with ongoing transactions (e.g., an active donation).
• If data is required for legal claims or compliance with government regulations.
• If the request is unfounded, excessive, or repetitive (we may refuse requests in these cases).

8.4 Managing Your Data Preferences

Users can adjust privacy settings directly in their Philantify account dashboard, including:

• Enabling or disabling marketing communications.
• Managing cookie preferences (see Section 6 – Cookies & Tracking).
• Deleting account data, where permitted.

9. DATA RETENTION & DELETION POLICY

Philantify retains user data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. This section explains how long we keep your data, when we delete it, and your options for requesting deletion.

9.1 How Long We Retain Your Data

We apply different retention periods depending on the type of data and legal obligations:

9.2 Data Deletion & Account Closure

Users can request deletion of their data by:

📧 Email: support@philantify.org

📞 Phone: +234 913 969 4441

What Happens When You Request Deletion?

• Personal data is permanently deleted unless legally required to retain it.
• Anonymized data may be retained for analytics or reporting.
• Donation history may be retained for tax and legal compliance.
• Users may be required to verify their identity before deletion.

9.3 Exceptions to Data Deletion

Your deletion request may be denied if:

• The data is required for ongoing transactions.
• Philantify must retain the data for legal compliance (e.g., tax laws, fraud investigations).
• The request is unfounded, repetitive, or excessive.

9.4 Anonymized & Aggregated Data

Some data may be permanently anonymized (e.g., usage statistics, research data).

Anonymized data cannot be traced back to an individual user.

10. INTERNATIONAL DATA TRANSFERS

Philantify operates globally, meaning your personal data may be transferred, stored, or processed outside your country. We ensure that all international data transfers comply with applicable privacy laws, including GDPR, and African data protection regulations.

10.1 Why We Transfer Data Internationally

We may transfer data outside your country for the following legitimate purposes:

1. Cloud Storage & Hosting – Our servers may be located in different countries
2. Third-Party Service Providers – Payment processors, security services, and analytics providers may operate globally
3. Corporate Sponsorships & Partnerships – If a sponsor or funding entity is in another country, limited data may be shared as required
4. Fraud Prevention & Security Monitoring – Data may be processed in different jurisdictions for security purposes

11. CHILDREN'S PRIVACY

Philantify is not intended for children under the age of 16 and does not knowingly collect or process personal data from minors without verifiable parental or guardian consent.

11.1 Minimum Age Requirements

To comply with international privacy laws, Philantify enforces the following minimum age requirements:

11.2 How We Handle Underage Users

If we learn that a child under the minimum age requirement has provided personal information:

• We will immediately delete the data unless verifiable parental consent is obtained.
• We do not target children with marketing or behavioral tracking.
• If an account was created fraudulently, it will be suspended or removed.

11.3 Parental & Guardian Controls

Parents or guardians can request access, modification, or deletion of their child's data by contacting support@philantify.org.

If parental consent is required for underage users, we will use age-verification methods before collecting data.

11.4 Third-Party Links & External Content

Philantify does not control third-party links or content that may be accessible through the platform.

Parents are encouraged to monitor children's online activities if they access Philantify via a shared device.

User Responsibility: We advise users to review third-party privacy policies when minors access external content.

11.5 Images of Minors

Philantify is committed to protecting the privacy and dignity of children featured on its platform. Project Creators (Users submitting impact projects) are strictly responsible for ensuring that any image, video, or other media content containing minors (individuals under minimum age) is shared only with proper authorisation and consent.

By uploading such content, Project Creators confirm that:

• They have obtained verifiable parental or guardian consent for each identifiable child featured;
• The content is respectful, lawful, and used solely for the purpose of describing or promoting an impact project; and
• No image of a minor exposes the child to harm, exploitation, or privacy violations.

Philantify does not assume responsibility or liability for any unauthorised or unlawful use of children's images uploaded by users. In line with our child-protection and privacy commitments, we reserve the right to review, remove, or restrict access to any content involving minors that appears inappropriate, non-compliant, or ethically concerning.

12. CHANGES TO THIS PRIVACY POLICY

Philantify may update this Privacy Policy from time to time to reflect changes in legal requirements, industry standards, platform features, or data processing practices. This section explains how we notify users of updates and how those changes may impact their rights.

12.1 When & Why We Update This Policy

We may revise this Privacy Policy due to:

1. New laws or regulations that require changes to our data practices
2. Changes in our platform (e.g., new features, payment methods, or partnerships)
3. Security updates to improve data protection
4. Feedback from users or regulators requiring policy clarification

12.2 How We Notify Users of Changes

For minor updates (e.g., clarifications, formatting changes), we will post the revised policy on our website with the "Last Updated" date at the top.

For material changes (e.g., new data-sharing practices, changes in user rights), we will notify users via email or in-app alerts.

If legally required, we may request explicit user consent before implementing significant changes.

User Responsibility: Users should review this policy periodically to stay informed about their rights and our data practices.

12.3 Effective Date of Changes

Changes become effective immediately upon posting unless otherwise stated.

If a change materially affects user rights, we will provide at least 14 days' advance notice before implementation.

12.4 What Happens If a User Disagrees with Changes?

If you do not agree with an updated policy, you may:

1. Stop using Philantify's services and request account deletion.
2. Contact us for clarification before the changes take effect.

Continued use of Philantify after the effective date constitutes acceptance of the revised policy.

📧 For questions about policy updates, contact us at: support@philantify.org

13. CONTACT INFORMATION

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal data, or your rights, you can contact Philantify's Data Protection Team using the details below.

13.1 How to Reach Us

📧 Email: support@philantify.org

📞 Phone: +234 913 969 4441

📍 Address:

Lagos, Nigeria

Plot 9, Gbagada Industrial Scheme, beside UPS, Gbagada-Oworonshoki Expressway, Lagos.

Abuja, Nigeria

Il Bagno Building, Plot 679, Rachel T Owolabi Close, Gaduwa

Mauritius Office

H21, Home Scene Building, Healthscape, Forbach, Mauritius

UAE Office

19760, M1 Floor, Twin Towers, PO Box 4422, Fujairah, United Arab Emirates.

We encourage users to reach out if they:

1. Have questions about how their data is used.
2. Want to exercise their rights (data access, deletion, correction, etc.).
3. Need to report a security issue or potential privacy violation.
4. Have concerns about third-party data sharing or external service providers.

13.2 How We Handle Privacy Requests

• Response Time: We aim to respond to all privacy-related inquiries within 30 days (as required under GDPR).
• Identity Verification: Before processing sensitive requests, we may require users to verify their identity to protect personal data.
• Appeals & Complaints: If you are not satisfied with our response, you may contact your local data protection authority for further assistance.

Final Notes & User Acknowledgment

By using Philantify, you acknowledge that you have read and understood this Privacy Policy and agree to the data practices outlined.

If you do not agree with any part of this policy, you should:

1. Adjust your privacy settings in your account.
2. Opt out of non-essential data collection where applicable.
3. Contact us for clarifications before continuing use of our platform.

Last Updated: 22 January, 2025