OAR EXCHANGE PRIVACY POLICY

Please read our Privacy Policy before you may become a business or personal user of the OAR Exchange platform. The onus is on you to access our terms and condition, as well as any amendments made thereto, and to contact OAR Exchange Limited ("We, Us, Our") in the event of any queries you may have. By using any part of the OAR Exchange service, you acknowledge and agree to the processing of your personal data under the terms and conditions set out in this privacy policy

1.0 PRIVACY RIGHTS

This Privacy Policy describes your privacy rights regarding our collection, use, storage, sharing, and protection of your personal information. It applies to the OAR Exchange platform (which comprises of the OAR Exchange website and/or mobile applications), its applications, services, tools, and content regardless of how you access or use them.

2.0 LEGAL BASIS

2.1 The legal basis for processing this data shall be upon acceptance of this Privacy Policy when you sign up for, access, or use our products, services, content, features, technologies, or functions offered on our OAR Exchange platform, all related sites, applications, and services (collectively known as “OAR Exchange” or the “Platform”). This Policy governs the use of OAR Exchange by registered and non-registered users unless otherwise agreed through a written contract. We may amend this Privacy Policy at any time (and without recourse to you) by posting a revised version on our Platform and/or through email notification. The revised version will be effective seven (7) days after posting or any other date as may be communicated by us.

3.0. PERSONAL INFORMATION

3.1 When you use OAR Exchange services either as a registered or non-registered user, we collect information sent to us by your computer, mobile phone, Point of Sale (“POS”) terminal, or other electronic access devices. The information shall be collected automatically and shall include but not be limited to data about the pages on the OAR Exchange Platform that you access, your computer IP address, device ID or unique identifier, device type, geo-location information, computer and connection information, mobile network information, statistics on page views, traffic to and from the sites, referral Uniform Resource Locator (URL), ad data, and standard web log data.

3.2 We may also collect information you directly provide to us including but not limited to information on web forms, account update information, and correspondence with OAR Exchange support services. We also collect information about your transactions and your activities. In addition, we collect your contact information such as; name, address, phone number, email, etc. We also collect your Bank Verification Number (BVN), National Identification Number (NIN), and bank account name and numbers and these may be linked to your OAR Exchange profile, where applicable. Information obtained through survey responses, telephone conversations, user inquiries, and other means may also be collected and used by us.

3.3 We may also use information provided by third parties like social media sites and verification agencies. Information about you which are provided by you or any person to other websites or platforms is not controlled by OAR Exchange, and we are therefore not liable for how they use it.

3.4 If the information you have supplied to us is wrong, you can put in a request to update it quickly or to delete it – unless we have to keep that information for legitimate business or legal purposes, and when responding to a request to update your personal information, we may ask you to verify your identity before we can act on the request. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems). Where we can provide information access and correction, we will do so for free, except where it would require a disproportionate effort. We aim to maintain our services in a manner that protects information from accidental or malicious destruction. Because of this, after you delete information from our services, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems.

3.5 You can also let us know if you feel that your personal information is being processed in any way other than how you have consented to it being used. We will take reasonable steps to ensure that your personal information is processed in the manner in which you have consented to it, or we may delete it based on your instruction. However, we may not accede to your request if it is unrealistic, impractical, or inimical to our compliance with applicable regulations or laws.

4.0 USE OF PERSONAL DATA

Our purpose for collecting your personal information is to give you an efficient, enjoyable, and secure customer experience. We may use your information to:

4.1 Provide OAR Exchange Services and support;

4.2 Process transactions, and send notices about your transactions.

4.3 Verify your identity;

4.4 Resolve disputes, collect fees, and troubleshoot problems;

4.5 Manage risk, or detect, prevent, and/or remediate fraud or other potentially prohibited or illegal activities;

4.6 Detect, prevent, or remediate violations of policies or applicable user agreements;

4.7 Improve OAR Exchange Services by implementing aggregate user preferences;

4.8 Measure the performance of OAR Exchange Services and improve content, technology, and layout;

4.9 Manage and protect our information technology infrastructure;

4.10 Contact you at any time through your provided telephone number, email address, or other contact details;

4.11 Notify you of new products, services and/or offerings, newsletters, and similar messages (“promotional messages”); or any enhancements/amendments to existing products services, and/or offerings that we think may be of interest to you. If you do not want to receive such promotional materials from us, you may opt-out at any time by sending an email to info@oarexchange.com

4.12 Carry out other activities permitted by law including; the fulfillment of our contract with you, compliance with legal and/or regulatory requirements, to protect your vital interest, and so on.

4.13 If we intend to process your personal information for any purpose other than those listed in this policy, we shall provide you with relevant information on further processing and seek your consent before the processing commences.

5.0 COOKIES

5.1 Cookies are small files placed on your computer's hard drive that enable the OAR Exchange Platform or website to identify your computer as you view different pages. Cookies allow websites and applications to store your preferences in order to present content, options, or functions that are specific to you. Like most interactive websites and online platforms, OAR Exchange uses cookies to enable the tracking of your activity for the duration of a session. OAR Exchange uses only encrypted session cookies which are erased either after a predefined timeout period or once the user logs out of OAR Exchange and closes the browser. Session cookies do not collect information from the user's computer. They will typically store information in the form of a session identification that does not personally identify the user.

6.0 HOW WE PROTECT DATA SUBJECT PERSONAL INFORMATION

6.1 We store and process your personal information on our computers in Nigeria, Africa, and elsewhere in the world where our facilities are located. Data protection laws vary among countries, with some providing more protection than others. Regardless of where your information is processed, we apply the same protections described in this policy. You have a right (upon your request) to be informed of the appropriate safeguards for data protection in the foreign country.

6.2 We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls.

6.3 Furthermore, in the event of an actual or suspected breach of your personal information, we will use our best effort to remedy the breach within one (1) month from the date we report the breach to you.

7.0 ACCESS TO PERSONAL DATA

7.1 If you are a registered user on OAR Exchange, you may access your personal information using your secure login credentials to access the relevant system features for such purpose. If you are a non-registered user, you may request for your personal information by sending an email to support@oarexchange.com

7.2 This information should only be used for your own purposes and not to circumvent the OAR Exchange Platform or to be distributed to other parties who may use such information to the disadvantage of OAR Exchange Platforms

7.3 You will be able to access reports of your previous transactions up to seven years after the transaction date, subject to a continuous period of use. The applicability of the seven year period will re-commence if there has been a break in use for a period of more than three months. OAR Exchange Platform will advise you on any applicable fees to request access to data in such events.

7.4 You have the right to request that we stop using your data or return your data to you, or transmit the data directly to another data controller. The withdrawal of your consent at any time shall not affect the lawfulness of the processing based on your consent before its withdrawal. In the event you intend to exercise your right in this regard, kindly notify us through support support@oarexchange.com and your request shall be treated promptly.

HOW WE SHARE PERSONAL DATA

8.1 During your transaction, we may provide the corresponding party with information such as your name, account identification details, contact details, shipping and billing address, or other information needed to promote the integrity and security of the transaction. We may also provide details of unsuccessful transactions.

8.2 We work with third parties, including but not limited to merchants, to enable them to accept or send payments from or to you, using the OAR Exchange Platform In doing so, a third party may share information about you with us, such as your email address or mobile phone number, to inform you that a payment has been sent to you or when you attempt to pay a merchant or third party. We use this information to confirm that you are an OAR Exchange customer and that OAR Exchange as an Online trading platform can be enabled. We also validate your status as an OAR Exchange customer to third parties on your instruction.

8.3 We enter into contracts with third parties to perform certain business-related functions necessary to ensure the optimal provision of the service to you, including but not limited to payment processing, data storage, security, identity verification, fraud prevention, etc. We disclose relevant portions of your information to these third parties where reasonably necessary. With respect to the confidentiality of your personal information, these third parties are bound by extant laws and regulations on data protection, including the provisions of NDPA 2023 (including amendments or supplemental provisions).

8.4 Except in instances relating to clause 8.3 above, upon receiving your clear and unequivocal instruction, we may also share your personal information with third parties in a manner deemed reasonable and convenient for us, either physically or through any digital channel available at any point in time.

8.5 You accept that your pictures and testimonials on all social media platforms about OAR Exchange can be used for limited promotional purposes by OAR Exchange Platform or its agents. This does not include your trademark or copyright-protected materials.

8.6 We may also release data about you if, in our opinion, the disclosure is reasonable and legally permissible for the purpose of ensuring the integrity of our business operations. Additionally, in the event of a merger or corporate restructuring, we may also divulge your personal information to applicable parties.

8.7 From time to time we may send you relevant information such as product updates, new functionalities, tips on how to use OAR Exchange, and new service offerings.

8.8 We may also share your personal information in compliance with local or international regulatory requirements, with fraud prevention and risk management agencies, with our service providers, or in compliance with a court order.

8.9 We recognize the privacy of minors, and we do not knowingly collect personal information belonging to minors.

DATA SECURITY

9.1 We will always hold your information securely. To prevent unauthorized access to your information, we have implemented controls and security safeguards at technical and operational levels. This site uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure secure transmission of your personal data. You should see the padlock symbol in your URL address bar when accessing the site, www.oarexchange.com The URL address will also start with “https://oarexchange.com” depicting a secure webpage. SSL applies encryption between two points such as your personal computer (PC) or any other electronic device used by you to access OAR Exchange, and the connecting server. Any data transmitted during the session will be encrypted before transmission and decrypted at the receiving end. This is to ensure that data cannot be read during transmission.

10.0 DATA SUBJECT RIGHT

10.1 You have the right to request for copies of all information we keep on you, provided that you give us reasonable notice of such a request in writing. While OAR Exchange Platform is responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes but is not limited to adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login or transaction authentication details. You are ultimately responsible for the security of your platform login and transaction authentication details.

10.2 You have the right to request that we stop using your data or return your data to you. In the event you intend to exercise your right in this regard, kindly notify us via support@oarexchange.com and your request shall be treated promptly.

11.0 LIMITATION CLAUSE

11.1 OAR Exchange Platform will not be liable for loss of income, profits, business, opportunity, goodwill, contracts, or any indirect, special, incidental or consequential damages arising out of or in connection with the Service, any computation or failed transaction on OAR Exchange, arising out of any breach of this Policy.

11.2 We will not be liable for any loss or damage arising as a result of unauthorized access to the Service if (a) you intentionally or negligently fail to take reasonable precautions to protect your security, access codes, log in details, or any device used to access the Service, (b) you failed to promptly notify us that the Service was being accessed in an unauthorized way after becoming aware of it, or (c) you acted fraudulently.

11.3 Our liability to you or any third party in any circumstance of proven liability by us, shall not exceed the fees paid to us in respect of the specific transaction that gave rise to the claim or liability unless otherwise specified by a court of competent jurisdiction.

11.4 Notwithstanding any provision in clauses 12.1, 12.2, and 12.3, limitation of liability shall not apply if we breach any provision of the Nigeria Data Protection Act 2023 (“NDPA”).

12.0 FURTHER ENQUIRIES

12.1 Your information is regarded as confidential and will not be divulged to any third party except under legal and/or regulatory conditions. Any other complaints, questions, comments, and requests regarding this privacy policy are welcomed and should be addressed to our Data Protection Officer through support@oarexchange.com