Privacy Policy

This Privacy Policy describes how Gsoft Interactive Systems Ltd ("Gsoft", "we", "us", or "our") collects, uses, stores, shares and protects personal information when you visit gsoftinteractive.com, contact us, or engage us for services.

We are committed to handling your personal data lawfully, fairly and transparently — in line with the Nigeria Data Protection Regulation (NDPR) 2019, the Nigeria Data Protection Act (NDPA) 2023, and (where applicable) the EU General Data Protection Regulation (GDPR).

1. Who we are (the data controller)

Gsoft Interactive Systems Ltd, a software development company registered in Nigeria, with its registered office at 8 Providence Street, Opposite Halifield School, Lekki, Lagos State, Nigeria.

For privacy enquiries, contact our Data Protection Officer at info@gsoftinteractive.com or call +234 816 180 6959.

2. Information we collect

2.1 Information you give us

• Contact details — name, email, phone number, company, when you submit our contact form or email us.
• Project briefs — any information you share when requesting a quote or proposal.
• Communication content — emails, WhatsApp messages, call notes.
• Newsletter subscription — your email address if you opt in to receive updates.

2.2 Information collected automatically

• Device & browser data — IP address, browser type, operating system, screen size, device type.
• Usage data — pages visited, time on page, referring website, links clicked.
• Cookies and similar technologies — see Section 6 below.

2.3 Information from third parties

If you reach us through LinkedIn, Twitter/X, or a referral, we may receive limited profile information from those platforms.

3. Why we collect this information (lawful basis)

We process your personal data on the following lawful bases:

• Performance of a contract — to deliver the services you've engaged us for.
• Legitimate interest — to respond to enquiries, send proposals, improve our website, prevent fraud.
• Consent — for marketing emails, non-essential cookies, and analytics.
• Legal obligation — to comply with tax, accounting and statutory record-keeping requirements.

4. How we use your information

• Reply to your enquiries and prepare proposals.
• Deliver and support our software development services.
• Issue invoices, receipts and statutory records.
• Send service updates and (with your consent) marketing communications.
• Improve our website, services and customer experience.
• Detect, prevent and address technical or security issues.
• Comply with legal and regulatory obligations.

5. How we share your information

We do not sell your personal data. We share it only with:

• Service providers — hosting (DirectAdmin server), email (Google Workspace), form processing (Formspree), analytics (Google Analytics), advertising (Google Ads). These providers process data only on our instructions and under written contracts.
• Professional advisors — accountants, auditors and lawyers, where strictly necessary.
• Authorities — when required by law, court order, or to protect our legal rights.
• Successor entities — in the event of a merger, acquisition or restructuring.

Any cross-border transfer of personal data is made under safeguards required by the NDPA — including standard contractual clauses or your explicit consent.

6. Cookies & tracking technologies

We use cookies and similar technologies for:

• Strictly necessary — to make the site work (no consent needed).
• Analytics — Google Analytics 4 to understand how visitors use the site.
• Advertising — Google Ads tags to measure campaign performance.

You can disable cookies in your browser settings, but parts of the site may not function as intended. For Google's tracking, you can also opt out via the Google Analytics opt-out browser add-on.

7. How long we keep your data

• Enquiry data — 24 months from last contact.
• Active client data — for the duration of the engagement plus 7 years (statutory record-keeping).
• Marketing list data — until you unsubscribe.
• Analytics data — 14 months (Google Analytics default).

8. How we protect your data

We apply appropriate technical and organisational measures to protect your data, including:

• HTTPS encryption (TLS 1.2+) for all data in transit.
• Encrypted storage for sensitive records.
• Role-based access control — only staff who need the data can access it.
• Regular security reviews and patching.
• Documented incident response procedures.

No transmission over the internet can be guaranteed 100% secure, but we work hard to protect your information and address any breach within the 72-hour reporting window required by the NDPA.

9. Your rights

Under the NDPR / NDPA you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — ask us to correct inaccurate or incomplete data.
• Erasure — ask us to delete your data ("right to be forgotten"), subject to legal retention.
• Restriction — ask us to limit processing of your data.
• Portability — receive your data in a structured, machine-readable format.
• Objection — object to processing based on legitimate interest, including direct marketing.
• Withdraw consent — at any time, where processing is based on consent.
• Lodge a complaint — with the Nigeria Data Protection Commission (NDPC).

To exercise any of these rights, email info@gsoftinteractive.com. We will respond within 30 days.

10. Children's privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has submitted personal data to us, please contact us and we will delete it.

11. Third-party links

Our site links to third-party websites (social platforms, our portfolio clients). We are not responsible for the privacy practices of those sites — please read their policies separately.

12. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision. Material changes will be notified by email (where we have your address) or via a notice on this page.

13. Contact us

Questions, requests, or complaints about this policy:

• Email: info@gsoftinteractive.com
• Phone: +234 816 180 6959
• Post: Gsoft Interactive Systems Ltd, 8 Providence Street, Opposite Halifield School, Lekki, Lagos State, Nigeria.

You may also contact the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng if you believe your rights have been infringed.