HomeReviewsInterviewsNominatePublicationsPay invoice
Log in

Privacy Policy

Last updated: 14th April 2026

Introduction

At Spurt! (“we”, “us”, “our”), we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our websites and applications.

We process personal data in accordance with applicable data protection laws, including the Nigeria Data Protection Act 2023 and the General Data Protection Regulation (GDPR) where applicable, and other applicable data protection laws.

By using our Services, you agree to the collection and use of information in accordance with this Policy.

Scope and Services Covered

This Privacy Policy applies to all products and services offered by Spurt!, including but not limited to:

  • SpurtX – Sync!, Toolkit and Score!
  • Solutions
  • MadeIn
  • S.T.E.P
  • Paperclip
  • Spurt.Group

Our Privacy Commitment

We understand that trust is essential. Spurt! is committed to handling your data with care, transparency, and responsibility. We aim to clearly explain what we do with your information and ensure it is always protected against misuse or unauthorised access.

Principles of Data Processing

We process your data, adhering to the following data processing principles:

  • Transparency and fairness
  • Adequacy and relevance to purpose of collection
  • Accuracy
  • Security

Lawful Basis for Processing

We process your personal data based on:

  • Consent – where you have given clear permission
  • Contract – where processing is necessary to provide our services
  • Legal obligation – where required by law
  • Legitimate interests – such as improving our services and ensuring security

Information We Collect

We may collect the following types of personal data:

1. Identity and Contact Data

  • Name
  • Email address
  • Username or account details
  • Phone number
  • Financial details

2. Technical and Usage Data

  • IP address
  • Browser type and device information
  • Pages visited and interactions within the platform

3. Profile Data

  • Login credentials
  • Preferences and settings

4. Communications Data

  • Messages, feedback, and support enquiries

5. Product-Specific Data

The specific data collected varies by product:

  • Toolkit (Spur!, Spot!, Spark!): Employee names, contact details, job titles, salary, location, phone number, performance review data, assessment scores and analytics.
  • Sync: Project Information, email addresses, payment information.
  • Score: Employee names, invoice data, event data, bank account details, financial transaction records.
  • Solutions: Client contact details, business information shared during consulting engagements.
  • MadeIn: User names, email addresses, business and product listing information.
  • S.T.E.P: User names, email addresses.
  • Paperclip: User documents.

Google User Data

If you choose to sign in or connect your account using Google services, we may access limited Google user data such as:

  • Email address
  • Basic profile information

We use this data strictly to:

  • Authenticate users securely
  • Create and manage user accounts
  • Enable core application features

We do not:

  • Sell Google user data
  • Use it for advertising purposes

How We Collect Your Data

Google User Data

If you choose to sign in to our application using your Google account, we may access limited information from your Google profile, such as your email address and basic profile details.

How We Use Your Data

We only use Google user data to:

  • Authenticate and securely log you into your account
  • Create and manage your user profile
  • Enable essential features of the application

We do not use your Google data for advertising, profiling, or any unrelated purposes.

How We Share Your Data

We do not sell or rent your Google user data.

We only share your data in the following limited situations:

  • With trusted service providers who help us operate our application (e.g., hosting or security services), under strict confidentiality obligations
  • When required to comply with legal obligations or enforce our policies

We do not share your data for marketing or advertising purposes.

Data Storage & Protection

We take your privacy seriously and implement appropriate security measures to protect your data, including:

  • Secure storage systems
  • Access controls to limit who can view your data
  • Protection against unauthorized access, misuse, or disclosure

We retain your Google user data only for as long as necessary to provide our services. After that, it is securely deleted or anonymized.

Your Control Over Your Data

You are always in control of your data. You can:

  • Revoke access to your Google account at any time via your Google account settings
  • Request deletion of your account and associated data by contacting us

Compliance with Google Policies

Our use of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

This means your data is only used to provide or improve user-facing features and is never used for unauthorized purposes.

Automated Decision-Making and Profiling

Some of our products may use automated processes to support decision-making. For example, Toolkit may generate analytics based on data inputs. You have the right to request a human review of such processing to obtain an explanation.

Data Sharing

We do not sell your personal data.

We may share your data with:

  • Trusted service providers (e.g., hosting, analytics tools, storage providers)
  • Legal or regulatory authorities, where required

All third parties are required to process data securely and only for authorised purposes.

Data Storage and Security

We take appropriate measures to protect your data, including:

  • Encryption in transit (HTTPS)
  • Secure servers and cloud infrastructure
  • Access controls and authentication safeguards

We retain your data only for as long as necessary to provide our Services or meet legal obligations.

In the unlikely event of a data breach, we will take steps to mitigate the situation, and where applicable, notify you and the Nigeria Data Protection Commission (NDPC).

Cross-Border Data Transfers

Spurt! operates across multiple jurisdictions. As a result, your personal data may be transferred to, stored, or processed in a country other than the one in which it was originally collected.

Where we transfer personal data outside of Nigeria, we will ensure that your data is secured to the same standard as it would within Nigeria, in accordance with applicable data protection and privacy laws.

Your Rights

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion (where applicable)
  • Withdraw consent
  • Object to certain types of processing

To exercise your rights, please contact us at: support@spurt.group

Cookies and Tracking

We use cookies and similar technologies to improve your experience and analyse usage. For more information, please see our Cookie Policy.

Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this Policy, unless a longer retention period is required by law.

Updates to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page.

Contact Us

If you have any questions or concerns about this Privacy Policy or how your data is handled, please contact us at: support@spurt.group. You have a right to lodge a complaint with the Nigerian Data Protection Commission (NDPC): Website: https://www.ndpc.gov.ng Email: info@ndpc.gov.ng.