Privacy Policy

Your data,
handled responsibly.

Last updated: 22 May 2026 Applies to: All Zenix services

Overview

ZENIX TECHNOLOGY SOLUTIONS ("Zenix", "we") respects your privacy. This policy explains what personal data we collect, why we collect it, how we use it, and your rights over it.

This policy applies when you visit zenix.ng, sign up for any Zenix service, contact us, or otherwise interact with us. It covers our compliance with the Nigeria Data Protection Act 2023 (NDPA), the EU/UK General Data Protection Regulation (GDPR), and other applicable privacy laws.

If you have questions, contact us at hello@zenix.ng.

What we collect

Information you give us directly

  • Account and contact information: name, email address, phone number, business name, business address.
  • Payment information: handled by our payment processors (Paystack, Flutterwave, Stripe, PayPal). We don't store your full card details on our servers, only references provided by the processor.
  • Service information: details about your website(s), hosting requirements, technical preferences, support requests.
  • Communications: emails, WhatsApp messages, contact form submissions you send to us.

Information collected automatically

  • Server and access logs: IP addresses, browser type, pages visited, timestamps, referrer URLs.
  • Hosting infrastructure data: bandwidth usage, disk usage, error logs from your hosted websites, collected to operate the service.
  • Basic analytics: aggregated, anonymised data about how the zenix.ng website is used.

Information from third parties

  • Payment confirmation and basic customer details from payment processors.
  • Public business information if we look up your company during onboarding.

Why we collect it

We collect personal data for these purposes:

  • To provide the services, set up your account, host your websites, perform fixes, send invoices.
  • To communicate with you, respond to support requests, send service notices, deliver onboarding information.
  • To bill you, process payments, send receipts, handle refunds.
  • To improve our services, analyse aggregate usage patterns, fix bugs.
  • To prevent abuse, detect security threats, prevent fraud, enforce our Acceptable Use Policy.
  • To meet legal obligations, tax records, regulatory reporting, response to lawful requests.

Under the NDPA and GDPR, we rely on the following legal bases for processing your personal data:

  • Contract: to deliver the services you've signed up for.
  • Legitimate interests: to operate and improve our business, prevent abuse, and communicate with customers, provided these don't override your rights.
  • Legal obligation: to comply with tax, accounting, and regulatory requirements.
  • Consent: where required (e.g., optional marketing emails). You can withdraw consent at any time.

Who we share data with

We don't sell your personal data. We share it only with the parties needed to operate the services, plus where legally required.

Service providers we use

  • Payment processors: Paystack, Flutterwave, Stripe, PayPal, for payment processing.
  • Email service providers: Zoho Mail, SendGrid, Brevo (or similar), for transactional and support email.
  • Hosting infrastructure providers: Contabo (Germany), Cloudflare (global), Backblaze B2 (cloud backup storage).
  • Analytics: if and where used, configured to minimise data collection and exclude personally identifying information where possible.

These providers only access data needed to perform their function and are bound by data processing agreements.

Other sharing situations

  • Legal requirements: if compelled by court order, government request, or law.
  • Business transfers: if Zenix is acquired or merged, customer data may transfer to the new entity. We'll notify you in that case.
  • To protect rights: to enforce our Terms, prevent fraud, or protect the safety of users or the public.

Cookies and tracking

The zenix.ng website uses minimal cookies. Specifically:

  • Essential cookies: required for basic site functionality (e.g., remembering your billing-cycle toggle preference). These can't be disabled without breaking the site.
  • Analytics cookies: if used, they collect aggregated data about how visitors use the site. Where applicable, we use privacy-respecting analytics that don't track individuals across sites.

We don't use advertising cookies, retargeting pixels, or third-party trackers on the marketing website.

You can disable cookies in your browser settings, though some site features may not work fully.

How long we keep data

We keep personal data only as long as needed for the purposes it was collected, then delete or anonymise it. Specifically:

  • Active customer data: kept for the duration of your account plus 12 months after termination.
  • Payment records: kept for 7 years for tax and audit purposes (Nigerian law requirement).
  • Server access logs: kept for 90 days, then deleted.
  • Email communications: kept for 3 years.
  • Marketing contacts: kept until you unsubscribe or request deletion.

Your rights

Depending on your location, you have some or all of these rights regarding your personal data:

  • Access: request a copy of the personal data we hold about you.
  • Correction: ask us to correct inaccurate or incomplete data.
  • Deletion: request we delete your personal data (subject to legal retention requirements).
  • Portability: receive your data in a machine-readable format.
  • Objection: object to processing based on our legitimate interests.
  • Restriction: ask us to limit how we process your data while you contest its accuracy or use.
  • Withdraw consent: where processing is based on consent.

To exercise any of these rights, email us at hello@zenix.ng. We'll respond within 30 days.

If you believe we've mishandled your data, you can also lodge a complaint with the Nigeria Data Protection Commission (NDPC), or with your local data protection authority if you're outside Nigeria.

Security

We protect your data with industry-standard measures:

  • Encryption in transit (HTTPS/TLS) for all web traffic.
  • SSH key-based authentication only on production servers (no password access).
  • Firewall (UFW) and brute-force protection (Fail2Ban) on all infrastructure.
  • Offsite encrypted backups (Backblaze B2).
  • Limited access on a need-to-know basis among the Zenix team.
  • Cloudflare WAF in front of all customer sites.

No system is perfectly secure. If we discover a data breach affecting your information, we'll notify you and the relevant regulator within 72 hours, as required by the NDPA.

International transfers

Zenix is based in Nigeria, but some of our infrastructure providers are based outside Nigeria, primarily in the EU (Germany) and the USA. This means your personal data may be processed in those jurisdictions.

Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including data processing agreements with our providers and the use of providers in jurisdictions that offer adequate data protection standards.

Children

Our services are not directed at children under 16. We don't knowingly collect personal data from children under 16. If you believe we've collected data from a child, contact us and we'll delete it.

Changes to this policy

We may update this policy from time to time. Material changes will be announced via email to active customers and noted at the top of this page. The "Last updated" date at the top of this page reflects the most recent revision.

Contact us

For privacy questions, data requests, or concerns, reach us at:

ZENIX TECHNOLOGY SOLUTIONS

Registration No.: RC 7855808

Based in: Lagos, Nigeria

Email: hello@zenix.ng

WhatsApp: +234 809 917 6920