Transparency

Data Promise

A field-by-field inventory of every piece of information SnapAct collects across buyers, partners, and riders. Why we collect it, who can see it, how it's protected, and the things we will never do. If a row below isn't true, we want to hear about it — email [email protected].

Last reviewed: May 19, 2026

We can only sell what we have. Most of what people fear we have, we don't. This page lists every field — and every commitment about how it's used.

1. Hard commitments

These are not aspirations. If we violate any of them, you have grounds for a public complaint and a regulatory one.

We do not sell personal data. Not to advertisers. Not to data brokers. Not to other partners. Not to anyone. SnapAct's business model is verified transactions and API access to derived signals, not raw user data.
We do not collect BVN from anyone. No buyer, no partner, no rider. Your BVN stays at your bank — it never reaches SnapAct's servers. The bank account number we hold for rider payouts is verified by Paystack against your bank's BVN-linked record on Paystack's side, not ours.
We collect a single director NIN per partner business — never general partner NINs. To stop fake businesses signing up, we require the NIN of one accountable director or proprietor. This is the same NIN that would appear on the CAC director list. It's encrypted at rest, only the SnapAct reviewer can read it, every access is audit-logged, and it never appears in any public API or third-party share. We do not collect NINs from any other partner staff.
Rider NIN is required and encrypted at rest. Riders handle high-value goods, so NIN verification is mandatory. The 11-digit number is encrypted before storage. Only the SnapAct reviewer can read it during application review, and every access is audit-logged. We never share rider NIN with partners, buyers, integrators, or any third party.
Our public APIs never return PII. The Trust API, Verified Delivery Proof API, and Verified Inventory API all return derived signals only — KYC tier (verified/unverified), trust score, completion rate, delivery proof signatures. No names. No phone numbers. No NIN. No BVN. No addresses. This is enforced in code, not policy.

2. What we collect from buyers

Buyers are people using the SnapAct mobile app to scan products, discover shops, and place orders.

FieldWhyWho can read it
Phone numberOTP login + delivery contactBuyer themselves; SnapAct ops for delivery coordination; never exposed in any public API
Email (optional)Receipts + account recoveryBuyer themselves; never exposed externally
Delivery addressesWhere to drop off purchasesBuyer + the assigned rider on the active order only
Photos you scanProduct recognition + matching to partner inventoryBuyer; processed by SnapAct's image pipeline; not shared with third parties
Order historyReceipts + dispute resolutionBuyer themselves; SnapAct ops on dispute; never sold or shared
Device coarse location (only when "Nearby" is used)Show shops within walking distanceBuyer's device only — not stored on our servers
NIN / BVN / bank accountNOT COLLECTED

3. What we collect from partners

Partners are shops, sellers, and businesses who list on SnapAct. We collect enough to verify the business is real and registered in Nigeria, and to route payments. We hard-reject applications where the documents are fake or unverifiable. Rejected applicants may reapply by email to [email protected].

FieldWhyEncrypted at rest?Who can read it
Business name / trading nameDisplay in buyer-facing listingsNo (public anyway)Public (it's the shop's name)
Shop addressGeolocation for buyer discovery + rider dispatchNo (operational)Public (shops want to be found); never combined with personal identifiers
Contact phone + emailOTP login + SnapAct support contactNo (operational)Partner themselves; SnapAct support; never in public APIs
Bank account for payoutsReceive earnings via our payment partnerYesPartner themselves; payout pipeline; never exposed in any API
CAC type + registration numberConfirm business is registered with Nigeria's Corporate Affairs CommissionYesSnapAct reviewer ONLY; audit-logged
CAC certificate (PDF/photo)Cross-check against the CAC number; reviewer verifies via publicsearch.cac.gov.ngStored in private bucket; service-role access onlySnapAct reviewer ONLY
TIN (Tax Identification Number)Confirm business is tax-registered with FIRSYesSnapAct reviewer ONLY; audit-logged
NAFDAC number (food / pharmacy / FMCG only)Confirm regulated products are licensedNo (NAFDAC numbers are public regulatory data)SnapAct reviewer; not in public APIs
Director / proprietor full legal nameIdentifies the accountable person at the businessNoSnapAct reviewer
Director NIN (11 digits)Confirms the director is a real, identifiable person — anti-fake-businessYesSnapAct reviewer ONLY; audit-logged at every access
Utility bill at shop addressProves the shop physically exists at the registered addressStored in private bucket; service-role access onlySnapAct reviewer ONLY
Catalog items (product photos, prices, stock)What buyers see when they shopNo (public catalog)Public via the Verified Inventory API — that's the point of being on SnapAct
Shelf-snap verification photosProve inventory is real, photographed within the last 24hNo (verification signal)Verification pipeline; aggregate signal exposed via Verified Inventory API; raw photos not shared
BVNNOT COLLECTED

4. What we collect from riders

Riders deliver high-value goods on behalf of partners and earn through SnapAct. Because goods worth money pass through their hands, our KYC is intentionally thorough — but never gratuitous.

FieldWhyEncrypted at rest?Who can read it
Phone numberDispatch coordination + payout notificationsNo (operational)Rider; SnapAct ops; the buyer whose order they're delivering (during active delivery only)
Full legal nameBank account match for Paystack payoutsNoSnapAct admin reviewer
Date of birthAge verification (must be 18+)NoSnapAct admin reviewer
NIN (required)Mandatory KYC — anti-fake-rider verificationYesSnapAct reviewer ONLY, audit-logged at every access
Bank account numberPayouts via our payment partnerYesSnapAct reviewer + the payout pipeline; never in any public API
Bike plate numberIdentify the bike in dispatch + post-incidentNoSnapAct ops; the buyer during active delivery
Driver's license numberVerify legal authority to ride commerciallyNoSnapAct admin reviewer
Next-of-kin name + phoneEmergency contact if rider has an accidentNoSnapAct ops in emergencies; not shared otherwise
Guarantor name + phoneFraud deterrent — someone vouches for the riderNoSnapAct admin reviewer
BVNNOT COLLECTED

5. What our public APIs return

The fields above are what flow into SnapAct. What flows out to API customers is much smaller — derived signals, never PII.

Trust API (/v1/partner/{id}, /v1/lookup?phone=…)

Marketplaces, banks, and platforms use this to verify a SnapAct partner or rider. The response shape is:

{
  "kyc_tier": "verified",
  "trust_score": 87,
  "completion_rate": 0.94,
  "dispute_count": 2,
  "tenure_days": 213,
  "bond_posted": true
}

No name. No phone. No address. No NIN. No BVN. The phone-lookup variant takes a phone in and returns the same signal shape — no PII echo.

Verified Delivery Proof API (/v1/delivery-proof/{escrowId})

Insurers and lenders use this to confirm a delivery happened. Response includes: GPS pickup/dropoff coordinates, timestamps, handoff phrase confirmation, rider KYC tier (verified/unverified — not name or NIN), and a cryptographic signature. No buyer identity. No rider identity. No goods description.

Verified Inventory API (/v1/inventory)

Brands and platforms use this to check shop-level product availability. Response includes: SKU, partner ID, last-shelf-snap timestamp, GPS coordinates. No partner owner name, no contact phone — the shop's public name and address only.

6. How it's protected

  • Encryption at rest: NIN and bank account numbers are encrypted with a server-managed key. System operators see only ciphertext, not the numbers.
  • Encryption in transit: HTTPS everywhere, HSTS preload, TLS 1.2+ required.
  • Server-mediated only: the frontend never reads the data store directly. Every read and write goes through SnapAct's authenticated API layer. Admin access requires email + password + TOTP-based multi-factor authentication.
  • Audit logging: Every sensitive admin action (rider KYC approval, partner profile change, payout configuration) writes to an append-only audit log. We can show you who accessed what, when, and from where.
  • Rate limiting: Every authentication and apply endpoint is rate-limited to defeat enumeration and credential stuffing.
  • Recurring security audits: systematic reviews conducted May 1, May 12, and May 15, 2026 — findings remediated and verified.

7. Your rights

Regardless of jurisdiction, SnapAct will honor the following requests when emailed from a verified address to [email protected]:

  • Export: get a copy of every field SnapAct holds about you, in machine-readable JSON.
  • Correction: fix typos or stale info in your profile.
  • Deletion: remove your account and associated personal data, subject to legal retention requirements (tax records, dispute history, anti-fraud signals). We will tell you what's retained and why.
  • Access log: see the audit trail of who at SnapAct has read your record. Always available on request.

We aim to respond within 14 days. Identity verification may be required before processing.

8. Contact

Privacy questions or data-rights requests: [email protected].
Security concerns (potential leak, vulnerability, suspicious activity): [email protected].
Read alongside our Privacy Policy for the legal framing of the same commitments.