Cizonet Solutions
Worldwide services
Privacy and security
This Privacy Policy applies to Cizonet Solutions Limited and our websites, products, apps, services, forms, support channels, and professional services that link to this policy. It is written to cover Cizonet's multi-product ecosystem, including Calmorah, Praxis, KudiPod, ChopView, HRAP Suite, HRAP Lite, HRAP Edu, training, recruitment, consulting, and related services.
1. Scope
"Cizonet", "we", "us", and "our" mean Cizonet Solutions Limited, located at Wuse II 900288, Abuja, Nigeria.
"Services" means our websites, business software, applications, APIs, forms, product modules, support channels, training programs, recruitment and talent platforms, consulting services, and any other Cizonet product or service that links to this policy.
2. Our Role
We act as a data controller when we decide why and how personal data is processed, such as when you visit our website, contact us, subscribe to updates, apply for a role, join a training program, create a direct account, or communicate with our team.
We act as a data processor or service provider when a customer organization uses our products to process personal data about its employees, students, parents, customers, vendors, job candidates, users, or other individuals. In those cases, the customer controls the data and is responsible for having a valid legal basis, notices, consents, and permissions for the data it submits to the Services.
3. Data We Collect
Depending on how you use the Services, we may collect the following categories of personal data.
| Category |
Examples |
| Identity and contact data |
Name, email address, phone number, job title, organization, address, country, and communication preferences. |
| Account and organization data |
Login details, role, workspace, team, subscription, billing contact, order history, admin settings, and support records. |
| Product and customer content |
Documents, messages, approvals, inventory records, invoices, menus, product media, HR records, attendance, payroll inputs, school records, academic data, parent communications, prompts, files, and other content submitted to a Cizonet product. |
| Payment and transaction data |
Plan, invoice, transaction reference, payment status, currency, tax details, and payment processor metadata. We do not intentionally store full card numbers where a payment processor handles the transaction. |
| Recruitment, training, and assessment data |
CVs, resumes, work history, education, skills, portfolio links, answers to application or assessment questions, interview notes, training enrollment, attendance, and certificates. |
| Device, usage, and security data |
IP address, browser, device type, operating system, pages viewed, referring pages, approximate location, logs, timestamps, error reports, anti-fraud signals, and security events. |
| Cookies and local storage |
Theme preferences, session or security technologies, embedded map behavior, anti-spam verification, and similar technologies described in our Cookie Policy. |
4. How We Use Data
We process personal data for the following purposes:
- Provide, operate, maintain, secure, and improve the Services.
- Create and manage accounts, workspaces, roles, permissions, subscriptions, billing, and support.
- Respond to inquiries, requests, demos, proposals, project work, training registrations, job applications, and talent pool submissions.
- Process product data for features such as HR administration, school management, sales, POS, inventory, e-commerce, approvals, automation, analytics, collaboration, AI assistance, and customer support.
- Protect against spam, abuse, fraud, unauthorized access, malware, security incidents, policy violations, and legal claims.
- Send service notices, security alerts, administrative messages, product updates, and marketing where permitted by law or consent.
- Comply with contracts, legal obligations, tax, accounting, employment, data protection, consumer protection, law enforcement, and regulatory requirements.
Legal Bases
Where a legal basis is required, we rely on one or more of the following: performance of a contract, steps before entering a contract, consent, compliance with legal obligations, legitimate interests that are not overridden by individual rights, protection of vital interests where necessary, and other bases permitted by applicable law.
5. AI and Automation Features
Some Services include AI-assisted features, automation, recommendations, analytics, summaries, classification, chat, or decision-support tools. These features may process prompts, uploaded content, business records, usage data, and outputs to provide the requested functionality.
Unless a product-specific notice, customer contract, or explicit setting says otherwise, we do not intentionally use customer content to train public AI models. Customers and users must not submit personal data, confidential information, or regulated data into AI features unless they have the authority to do so and the relevant product plan, agreement, and settings permit that processing.
AI outputs may be incomplete, inaccurate, or unsuitable for a particular purpose. Users are responsible for reviewing outputs before relying on them, especially in legal, financial, employment, education, HR, medical, safety, or other high-impact contexts.
6. How We Share Data
We may share personal data with:
- Customer organizations, workspace administrators, and authorized users where they control or manage the relevant account or workspace.
- Service providers and subprocessors that help us provide hosting, cloud infrastructure, storage, email delivery, support, analytics, security, anti-spam, payment processing, identity verification, communications, and professional services.
- Payment providers, banks, and finance partners where needed to process payments, refunds, taxes, billing, fraud checks, and disputes.
- Professional advisers, auditors, insurers, legal counsel, and compliance partners.
- Government, regulatory, law enforcement, court, or dispute-resolution bodies where required by law or necessary to protect rights, safety, security, or the integrity of the Services.
- Business transaction parties if we evaluate or complete a merger, acquisition, financing, reorganization, sale of assets, or similar corporate transaction.
We do not sell personal information. We do not share personal information for cross-context behavioral advertising unless a product-specific notice or consent mechanism says otherwise.
7. International Transfers
We are based in Nigeria and operate globally. Your data may be processed in Nigeria, the United States, the United Kingdom, the European Economic Area, and other countries where we, our customers, or our service providers operate.
Where required, we use appropriate safeguards for cross-border transfers, which may include contractual protections, data processing agreements, standard contractual clauses, adequacy decisions, transfer risk assessments, customer instructions, and other lawful transfer mechanisms.
8. Retention
We retain personal data only for as long as reasonably necessary for the purposes described in this policy, unless a longer period is required or permitted by law, contract, dispute, audit, security, backup, tax, accounting, or compliance obligations.
- Account and billing records are usually kept for the life of the account and for a reasonable legal, tax, accounting, and dispute period after closure.
- Customer content is retained according to the customer contract, product settings, backup cycle, and deletion instructions.
- Contact, support, and sales inquiries are kept for as long as needed to respond, manage the relationship, and maintain business records.
- Recruitment and talent pool data is kept for recruitment, future opportunities, compliance, and dispute purposes, unless you ask us to delete it and we have no lawful reason to retain it.
- Security logs may be kept as needed to protect the Services, investigate abuse, and maintain audit trails.
9. Security
We use administrative, technical, and organizational safeguards designed to protect personal data against unauthorized access, loss, misuse, alteration, and disclosure. These safeguards may include encryption in transit, access controls, least-privilege permissions, monitoring, backups, vendor review, security testing, incident response, and internal confidentiality obligations.
No online service can guarantee absolute security. You are responsible for using strong passwords, protecting account credentials, limiting authorized users, configuring permissions carefully, and promptly telling us about suspected unauthorized access.
10. Your Privacy Rights
Depending on your location and the context of processing, you may have rights to access, confirm, correct, update, delete, restrict, object to, or port your personal data; withdraw consent; opt out of marketing; opt out of certain sale, sharing, profiling, or targeted advertising activities; limit the use of sensitive personal information; and lodge a complaint with a regulator.
If we process your data on behalf of a customer organization, we may need to refer your request to that customer or ask you to contact them directly. To make a request, email contact@cizonet.com with the subject line "Privacy Request". We may need to verify your identity and authority before acting on a request.
California residents may request to know, delete, correct, opt out of sale or sharing, limit sensitive personal information use, and exercise non-discrimination rights where the California Consumer Privacy Act applies. EEA and UK residents may also have rights under GDPR-style laws, including rights to object, restrict processing, and complain to a supervisory authority. Nigerian data subjects may contact the Nigeria Data Protection Commission where applicable.
11. Children, Students, and Schools
Our general business websites and services are not directed to children under 13, and we do not knowingly collect personal data directly from children under 13 through those general services.
Some products, such as HRAP Edu or school-related services, may process student, parent, guardian, teacher, and school data under the direction of a school, institution, parent, guardian, or authorized customer. Those customers are responsible for providing notices and obtaining consents required by applicable education, child privacy, and data protection laws.
If you believe a child has provided personal data to us without proper authority, contact us so we can review and take appropriate action.
12. Third-Party Links and Services
The Services may link to or embed third-party websites, app stores, payment processors, social media platforms, maps, content, fonts, widgets, and integrations. Their privacy practices are governed by their own policies, not this policy.
13. Changes
We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify users, such as updating the effective date, posting a notice, sending a message, or using another method appropriate to the Services.
14. Contact
Cizonet Solutions Limited
Wuse II 900288, Abuja, Nigeria
Email: contact@cizonet.com
Phone: +234 901 007 2510