i2Medier Konceptz ("i2Medier", "we", "our", or "us") is committed to protecting your personal information. This Privacy Policy explains what data we collect, why we collect it, how we use it, and the rights you have over your information when you visit our website at i2medier.com or engage us to deliver digital services. Please read this policy carefully. By using our website or services, you agree to the practices described herein.
1. Overview
i2Medier Konceptz is a digital agency providing web design, web application development, mobile app development, SEO, UI/UX design, cloud architecture, and managed website services to businesses in Nigeria, the United Kingdom, and worldwide. This policy governs personal data we process both through our public website and in the course of delivering client engagements.
We comply with the Nigeria Data Protection Act 2023 (NDPA) and, where applicable to data subjects in the European Economic Area, the General Data Protection Regulation (GDPR). Where we act as a data processor on behalf of a client, we do so under the terms of a data processing agreement and the client's own privacy obligations apply to their end users.
2. Data We Collect
We collect information in the following ways:
Information you provide directly
- Enquiry and contact forms — name, email address, phone number, company name, project description, and any other details you voluntarily submit when contacting us or starting a project.
- Client onboarding — business information, billing details, domain credentials, hosting access, and other technical data necessary to deliver the agreed scope of work.
- Email correspondence — any personal information included in emails you send to us.
- Client portal — account credentials, uploaded files, support tickets, and communication history within the client management platform.
Information collected automatically
- Analytics data — pages visited, time on site, referring URL, browser type, operating system, and approximate geographic region. We use Google Analytics 4 for this purpose.
- Log data — IP address, request timestamps, server response codes, and error logs collected by our web infrastructure.
- Cookies and similar technologies — see Section 6 for details.
Information from third parties
- Payment processors — when payments are made via Paystack or Stripe, we receive confirmation of payment status, transaction reference, and billing name. We do not store full card numbers.
- Referrals — if a colleague or partner refers you to us, we may receive your name and contact details from that party.
3. How We Use Your Data
We use the personal data we collect for the following purposes:
- Service delivery — to scope, design, build, launch, and maintain websites, applications, and digital systems on behalf of clients.
- Communication — to respond to enquiries, provide project updates, send invoices, and manage ongoing client relationships.
- Billing and financial administration — to issue invoices, process payments, and manage accounts receivable in accordance with Nigerian financial regulations.
- Technical operations — to manage hosting environments, domain configurations, SSL certificates, server access, and deployment pipelines for client projects.
- Security and fraud prevention — to monitor for unauthorised access, protect client data, and investigate security incidents.
- Legal compliance — to meet obligations under Nigerian law, including tax requirements, record-keeping, and responding to lawful government requests.
- Service improvement — to understand how our website and services are used and to improve the quality and relevance of what we offer.
- Marketing (where consent is given) — to send newsletters, portfolio updates, or service announcements to subscribers who have explicitly opted in.
4. Legal Basis for Processing
Under the Nigeria Data Protection Act 2023 and GDPR (where applicable), we process personal data on the following lawful bases:
- Contract performance — processing necessary to enter into or fulfil a service agreement with you, including scoping work, delivering projects, and managing billing.
- Legitimate interests — processing necessary for our legitimate business interests, including improving our services, preventing fraud, managing our systems, and communicating with prospective clients — provided these interests are not overridden by your rights.
- Consent — for marketing communications and non-essential cookies, we rely on your freely given, specific, and informed consent, which you may withdraw at any time.
- Legal obligation — where processing is required to comply with a legal or regulatory requirement applicable to i2Medier under Nigerian law.
5. Data Sharing and Disclosure
We share personal data only to the extent necessary to deliver our services or meet legal obligations. Specifically, we may share your data with:
- Hosting and infrastructure providers — servers, CDN, and cloud services (e.g. DigitalOcean, AWS, Cloudflare) used to host and secure client websites and our own systems.
- Payment processors — Paystack and Stripe process billing transactions. Each operates under their own privacy policy and applicable financial regulations.
- Project subcontractors — on specific projects where specialist contributors are engaged, they receive only the minimum data necessary to complete their portion of the work, under confidentiality obligations.
- Professional advisors — solicitors, accountants, and auditors, subject to professional confidentiality duties.
- Regulatory or government authorities — where required by law, court order, or the lawful request of a Nigerian regulatory body.
We do not share your personal data with any third party for their own marketing or commercial purposes.
6. Cookies and Tracking Technologies
Our website uses cookies — small text files stored in your browser — to make the site function correctly and to help us understand how visitors use it.
Essential cookies
These are required for the website to function and cannot be disabled. They include session management, security tokens, and form submission state.
Analytics cookies
We use Google Analytics 4 to understand how visitors interact with our website — which pages they visit, how long they stay, and where they come from. This data is aggregated and anonymised. You can opt out by installing the Google Analytics Opt-out Browser Add-on.
Marketing cookies
We do not currently use advertising or retargeting cookies on this website.
Managing cookies
You can control cookies through your browser settings. Most browsers allow you to refuse new cookies, delete existing cookies, or be notified when a new cookie is set. Disabling essential cookies may affect site functionality.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law:
- Active client data — retained for the duration of the client relationship plus a period of five (5) years following the last engagement, in accordance with Nigerian tax and accounting regulations.
- Project files and credentials — retained for the duration of the project and for the managed service term. On termination, credentials are returned or deleted as specified in the service agreement.
- Enquiry and contact data — retained for up to two (2) years from the date of last contact if no engagement results, or until you request deletion.
- Financial records — invoices, payment confirmations, and transaction records are retained for seven (7) years as required under Nigerian financial legislation.
- Marketing contacts — retained until you unsubscribe or request deletion.
8. Your Data Rights
Under the Nigeria Data Protection Act 2023 and, where applicable, the GDPR, you have the following rights regarding your personal data:
- Right of access — you may request a copy of the personal data we hold about you.
- Right to rectification — you may request that inaccurate or incomplete data be corrected.
- Right to erasure — you may request deletion of your personal data where we have no lawful basis to continue processing it.
- Right to restrict processing — you may request that we limit how we use your data in certain circumstances.
- Right to data portability — you may request your data in a structured, machine-readable format where technically feasible.
- Right to object — you may object to processing based on legitimate interests or for direct marketing purposes.
- Right to withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.
To exercise any of these rights, email us at [email protected] with your name and a description of your request. We will respond within 30 days. We may need to verify your identity before processing a request.
If you are unsatisfied with our response, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.
9. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include:
- HTTPS encryption across all web properties
- Role-based access controls limiting data access to authorised personnel only
- Encrypted credential storage and secure vault practices for client access details
- Regular security updates to servers, software, and dependencies
- Strict confidentiality obligations for all team members and subcontractors
While we take every reasonable precaution, no method of data transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but commit to notifying affected parties promptly in the event of a confirmed data breach that poses a risk to individuals' rights.
10. Third-Party Links
Our website may contain links to third-party websites, tools, and resources. This Privacy Policy applies only to i2Medier's own website and services. We are not responsible for the privacy practices of any third-party sites and encourage you to review their privacy policies before submitting any personal information.
11. Children's Privacy
Our website and services are directed at businesses and professionals. We do not knowingly collect or solicit personal data from individuals under the age of 18. If we become aware that we have inadvertently collected personal data from a minor, we will delete it promptly. If you believe we have collected data from a child, please contact us at [email protected].
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. When we make material changes, we will update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website or services after changes are posted constitutes your acceptance of the updated policy.
13. Contact Us
If you have questions, concerns, or requests relating to this Privacy Policy or the handling of your personal data, please contact us:
Email: [email protected]
Website: i2medier.com
Country of operation: Federal Republic of Nigeria
We aim to respond to all privacy-related enquiries within 10 business days.