This Privacy Policy applies to all users of the Converf platform, including:

• Project Owners managing construction projects
• Contractors and builders executing projects
• Team members and collaborators
• Visitors to our website

Converf operates across all 54 African countries. This Privacy Policy is designed to comply with data protection laws across our operating regions, including but not limited to:

• Nigeria Data Protection Regulation (NDPR)
• South Africa's Protection of Personal Information Act (POPIA)
• Kenya Data Protection Act
• Ghana Data Protection Act
• Other applicable national data protection laws

By using Converf, you consent to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree, please do not use the Platform.

Account Information:

• Full name
• Email address
• Phone number
• Country of residence
• Company name and details
• Account type (Project Owner or Contractor)
• Profile photograph (optional)

Contractor Verification (KYC) Information:

• Business registration number
• Years in business
• Construction specialization areas
• Professional license numbers
• Business address
• Tax Identification Number (TIN)
• Government-issued identification documents
• Business registration certificates
• Past project documentation and references
• Proof of address documents

Project Information:

• Project names and descriptions
• Project locations and addresses
• Construction type and phases
• Budget and timeline information
• Technical specifications
• Milestone data

Documentation:

• Uploaded photos and images (with embedded GPS and timestamp metadata)
• Construction drawings and plans
• Test results and inspection reports
• Compliance certificates
• Contract documents
• Communication records

Financial Information:

• Payment method details (processed through secure third-party payment processors)
• Billing address
• Transaction history
• Pricing plan selection

Communication Data:

• Messages sent through the Platform
• Support tickets and correspondence
• Feedback and survey responses

Usage Data:

• Login times and frequency
• Features accessed
• Pages viewed
• Time spent on Platform
• Click patterns and navigation paths
• Device information

Technical Data:

• IP address
• Browser type and version
• Operating system
• Device identifiers
• Cookies and similar tracking technologies

Quality Scoring Data:

• Quality assessment metrics
• Test completion rates
• Inspection approval rates
• Documentation upload compliance
• Ball-in-Court responsibility tracking
• Traffic light status history

Location Data:

• GPS coordinates embedded in uploaded photos
• General location based on IP address
• Project site locations

We may receive information from:

• Social media platforms (if you use social login)
• Payment processors
• Identity verification services
• Public databases and records
• Business partners and referrals

We use your information to:

• Create and manage user accounts
• Provide access to Platform features
• Process project management activities
• Calculate quality scores using our proprietary algorithm
• Generate accountability tracking through Ball-in-Court system
• Create and issue project completion certificates
• Enable communication and collaboration
• Process payments and billing

Your project data is used to:

• Calculate real-time quality scores (0-100%)
• Assign traffic light indicators (🟢🟡🔴)
• Track standards compliance (ASTM, ISO, AASHTO)
• Identify quality issues and risks
• Generate compliance reports
• Verify project milestone completion

We analyze aggregated, anonymized data to:

• Improve Platform functionality
• Develop new features
• Enhance quality scoring algorithms
• Optimize user experience
• Conduct research and analytics
• Generate industry benchmarks

We use your contact information to:

• Send account notifications
• Provide project updates and alerts
• Deliver Ball-in-Court responsibility notifications
• Share quality score reports
• Respond to support requests
• Send marketing communications (with your consent)
• Notify you of Platform updates

We process your information to:

• Verify user identity
• Prevent fraud and abuse
• Enforce our Terms of Service
• Comply with legal obligations
• Respond to legal requests
• Protect our rights and property

For contractor accounts, we use verification information to:

• Authenticate business registration and legitimacy
• Verify professional credentials and licenses
• Assess construction experience and capabilities
• Comply with anti-fraud and financial crime regulations
• Build trust and transparency in the marketplace
• Display verified badges and credentials on profiles
• Match contractors with appropriate project opportunities
• Maintain platform quality and safety standards

All KYC documents are:

• Stored with bank-level encryption
• Accessed only by authorized verification personnel
• Processed within 3-5 business days
• Retained according to regulatory requirements
• Deleted upon account closure (except where legally required to retain)

We use information for:

• Customer support
• Billing and payment processing
• Internal record-keeping
• Business analytics
• Mergers, acquisitions, or asset sales

Processing necessary to provide Platform services you've requested.

• Platform improvement and optimization
• Fraud prevention and security
• Business operations and analytics

Compliance with applicable laws and regulations.

Marketing communications and optional features (withdrawable at any time).

Project information is shared with:

• Team members you add to projects
• Contractors and collaborators you invite
• Project stakeholders with assigned access

We share information with trusted third parties who assist us:

• Cloud hosting providers (data storage)
• Payment processors
• Email service providers
• Analytics platforms
• Customer support tools
• Security services

All service providers are contractually obligated to protect your data and use it only for specified purposes.

We may disclose information when required by:

• Court orders or legal processes
• Government investigations
• Law enforcement requests
• Protection of our legal rights
• Prevention of fraud or illegal activity
• Emergency situations involving safety

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

We may share anonymized, aggregated data that cannot identify you:

• Industry reports and benchmarks
• Platform statistics
• Research publications

We will share information with third parties when you explicitly consent to such sharing.

As a Pan-African platform, your information may be transferred between African countries and potentially to servers located outside Africa for:

• Cloud hosting and data storage
• Service provider operations
• Technical support

When transferring data internationally, we implement safeguards such as:

• Standard contractual clauses
• Adequate data protection agreements
• Compliance with applicable transfer mechanisms

Where required by local law, we maintain data within specific jurisdictions. Users will be notified of data storage locations relevant to their projects.

We retain your information while your account is active and for as long as necessary to provide services.

Project information is retained for:

• Duration of the project plus 7 years (consistent with construction industry standards)
• Longer periods if required by law
• As necessary for legal claims or disputes

When you delete your account:

• Personal information is deleted within 30 days
• Project data may be retained if required by law or legitimate business purposes
• Anonymized data may be retained indefinitely

Some data must be retained to comply with:

• Tax regulations
• Financial record-keeping requirements
• Construction industry regulations
• Legal proceedings

You have the right to:

• Access your personal information
• Receive a copy of your data in portable format
• Request correction of inaccurate information

You can request deletion of your:

• Account and personal information
• Specific project data
• Communication records

Note: Some information may be retained as described in Section 7.

You can opt out of:

• Marketing emails (via unsubscribe links)
• Non-essential notifications
• Analytics tracking (through browser settings)
• Cookies (through cookie preferences)

You may request limitation of processing in certain circumstances, such as:

• Contesting data accuracy
• Processing is unlawful but you don't want deletion
• We no longer need the data but you need it for legal claims

You can object to processing based on legitimate interests or for direct marketing purposes.

You have the right to lodge a complaint with:

• Nigeria: National Information Technology Development Agency (NITDA)
• South Africa: Information Regulator
• Other countries: Relevant data protection authority

To exercise these rights, contact us at privacy@converf.com. We will respond within:

• 30 days (standard requests)
• 45 days (complex requests)

We implement industry-standard security measures:

• Encryption in transit (TLS/SSL)
• Encryption at rest
• Access controls and authentication
• Regular security audits
• Employee training
• Intrusion detection systems
• Backup and disaster recovery

Quality assessment data is protected through:

• Secure algorithm processing
• Limited access to raw calculation data
• Audit trails for score modifications
• Tamper-evident logging

You are responsible for:

• Maintaining password confidentiality
• Using strong, unique passwords
• Logging out of shared devices
• Reporting suspicious activity
• Securing your own devices

While we implement strong security, no system is completely secure. We cannot guarantee absolute security against unauthorized access, hacking, or data breaches.

In the event of a data breach, we will:

• Investigate promptly
• Notify affected users within 72 hours
• Report to relevant authorities as required by law
• Take corrective measures

We use:

• Essential Cookies: Required for Platform functionality
• Analytics Cookies: Track usage patterns and performance
• Preference Cookies: Remember your settings
• Marketing Cookies: Deliver relevant advertisements (with consent)

You can control cookies through:

• Browser settings
• Platform cookie preferences
• Third-party opt-out tools

Note: Disabling essential cookies may limit Platform functionality.

We respond to Do Not Track signals where technically feasible.

Converf is not intended for users under 18 years of age. We do not knowingly collect information from minors.

If we discover that a minor has provided information, we will delete it immediately. Parents or guardians who believe their child has provided information should contact us at privacy@converf.com.

The Platform may contain links to third-party websites. We are not responsible for their privacy practices.

Social media features on our Platform are subject to the privacy policies of those platforms.

Third-party integrations have their own privacy policies. Review them before use.

With your consent, we may send:

• Platform updates and new features
• Industry insights and best practices
• Special offers and promotions
• Newsletter content

You can opt out of marketing emails by:

• Clicking "unsubscribe" in any email
• Adjusting preferences in account settings
• Contacting support@converf.com

Note: You will still receive essential account and project notifications.

Categories of personal information collected and how it's used.

Request deletion of personal information.

Opt out of sale of personal information (Note: We do not sell personal information).

We will not discriminate against you for exercising your privacy rights.

You may designate an authorized agent to make requests on your behalf.

We may update this Privacy Policy to reflect:

• Changes in data protection laws
• New Platform features
• Business practice modifications
• User feedback

We will notify you of material changes through:

• Email notification
• Platform announcements
• In-app notifications

Changes become effective on the date specified in the updated policy. Continued use after changes constitutes acceptance.

For privacy-related inquiries:

[TO BE UPDATED WITH REGISTERED OFFICE ADDRESS]

For country-specific inquiries, please specify your location when contacting us.