🛡 Secure. Reliable. Built for trade.
Legal

Privacy Policy

This policy explains what data we collect, why we collect it, and how we protect it. It applies to https://tradicomm.com, the TRADICOMM platform, and the TRADICOMM mobile application.

Effective from: 22 June 2026

1. Who we are

TRADICOMM is a product brand operated by Hiveootech Ltd (RC 9438361), a private company limited by shares registered in the Federal Republic of Nigeria. Hiveootech Ltd is the data controller for all personal information processed through the TRADICOMM platform and website.

Registered office: Kuchiko No. 22B, After Cheetel Integrated Farm, Gurara Local Government Area, Niger State, Nigeria.

Privacy contact: privacy@tradicomm.com

2. Scope

This Privacy Policy applies to:

  • The TRADICOMM website at https://tradicomm.com
  • The TRADICOMM commerce and communication platform
  • The TRADICOMM mobile application (iOS and Android)

3. Information we collect

Account information

Name, phone number, email address, and any business profile details you provide during registration.

KYC information

Government-issued identity documents where regulatory compliance or merchant verification requires it.

Transaction information

Orders placed, deliveries arranged, payments initiated, and the counterparties involved.

Device and technical information

IP address, device identifier, operating system version, app version, and session metadata used for security and fraud prevention.

Communication content

User-to-user messages are end-to-end encrypted; we cannot read message content. We do process metadata (timestamps, delivery state, read receipts). Voice notes and file attachments follow the same encryption model.

Location data

Precise location is collected only with your explicit consent, and only during logistics handovers where location sharing is required to confirm delivery.

4. How we use your information

  • Provide and operate the TRADICOMM platform
  • Authenticate user accounts and verify identity
  • Detect, investigate, and prevent fraud and security incidents
  • Comply with legal and regulatory obligations
  • Improve the product and debug technical issues
  • Send transactional communications (order updates, delivery notifications, security alerts)
  • Send marketing communications — only with your explicit prior consent

5. SMS, OTP, and verification messages

Telco compliance — OTP policy

TRADICOMM uses SMS exclusively for security-critical authentication actions. We never include marketing content in SMS messages.

When we send OTPs

We use SMS to send one-time passwords (OTPs) for: account registration, login verification, password and PIN reset, security-sensitive account changes (e.g., new phone number, new payout account), payment and payout authorization, and suspicious-activity confirmation when our fraud-detection engine flags an unusual sign-in attempt.

How OTPs are generated

OTPs are generated server-side using a cryptographically secure random number generator (CSPRNG). They are 6-digit numeric codes with a 5-minute validity window.

Rate limiting

To prevent abuse: maximum 5 verification attempts per code; maximum 3 OTP requests per 15-minute window; 60-second cooldown between consecutive OTP requests.

Delivery partners

OTP messages are delivered through licensed Nigerian telecommunications partners (including Termii Inc.), which are contractually bound to process phone numbers solely for message delivery and not to use them for any other purpose.

What we never do

  • We never include marketing or promotional content in OTP messages
  • We never share your phone number with third parties for marketing purposes
  • TRADICOMM staff will never ask you to share your OTP with them

6. Encryption and security

User-to-user messages are end-to-end encrypted. We cannot read message content; we can only see metadata such as timestamps and delivery state.

All data in transit is protected by TLS 1.3. Sensitive data fields are encrypted at rest.

We conduct annual security reviews and maintain a coordinated disclosure policy for security researchers.

To report a security vulnerability, email security@tradicomm.com. We respond to critical reports within 24 hours.

7. Data sharing and third parties

We share your data only in the following circumstances:

(a) Service processors

Cloud hosting providers, licensed telecom partners (for OTP delivery), licensed payment processors, and fraud-prevention services — all bound by contractual data processing agreements and obligated to process data only as directed by Hiveootech Ltd.

(b) Law enforcement

When required by applicable Nigerian law, a court order, or regulatory demand. We will notify you where legally permitted to do so.

(c) Other users at your direction

When you send a chat message, initiate a transaction, or share your location during a delivery, you are explicitly directing us to share that information with the relevant counterparty.

We do not sell your data for advertising, data brokerage, or any other commercial purpose.

8. Your rights

Under the Nigeria Data Protection Regulation (NDPR) and applicable Nigerian data protection law, you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Ask us to correct inaccurate or incomplete data.
  • Erasure: Ask us to delete your data where we have no overriding legal basis to retain it.
  • Portability: Receive your data in a structured, machine-readable format.
  • Restriction: Ask us to stop processing your data in certain circumstances.
  • Objection: Object to processing based on legitimate interests.

To exercise any of these rights, email privacy@tradicomm.com. We will respond within the timeframe required by applicable law.

9. Cookies and tracking

The TRADICOMM website (tradicomm.com) uses strictly-necessary cookies only during the pre-launch phase. Product analytics via PostHog will be feature-flagged on at app launch, at which point a full cookie inventory will be published. We do not use third-party advertising cookies.

10. Children’s privacy

TRADICOMM is not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have collected data from a minor, we will delete it promptly. Contact privacy@tradicomm.com if you believe a minor’s data has been submitted.

11. International data transfers

Primary processing occurs in Nigeria. Some sub-processors (cloud infrastructure, analytics) may be located in the European Union, United Kingdom, or United States. Transfers to these jurisdictions are governed by standard contractual clauses and equivalent data-protection safeguards.

12. Changes to this policy

We will post material changes to this Privacy Policy at least 30 days before they take effect, and notify registered users via the platform or email. Your continued use of TRADICOMM after the effective date constitutes acceptance of the revised policy.

13. Contact

Hiveootech Ltd

Kuchiko No. 22B, After Cheetel Integrated Farm, Gurara LGA, Niger State, Nigeria

Privacy enquiries: privacy@tradicomm.com