Melu Vendors Privacy Policy

Last updated: 01 August 2025

Thank you for choosing Melu Vendors ("Melu Vendors", "we", "our", "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you install, register with, or use the Melu Vendors mobile application, website, and related services (collectively, the "Service").

If you have any questions or concerns about our practices, please contact us at support@kloud45.tech.

1. Scope

This Policy applies to vendors, merchants, restaurant owners, pharmacy operators, and service providers who access and use the Melu Vendors Service within the Federal Republic of Nigeria. It covers all business verticals available in the Melu ecosystem: Restaurants, Supermarkets/Grocery stores, Pharmacies, Courier services, and Bus operators.

2. Information We Collect

2.1 Business Information You Provide to Us

  • Business registration details – business name, registration number, tax identification number (TIN), business address, business type.
  • Owner/Manager details – full name, email address, mobile number, password, profile photo, government-issued ID.
  • Banking & payment information – bank account details, BVN (Bank Verification Number), mobile money wallet information for settlements.
  • Business licenses – food handler's permit, pharmacy license, transport operator license, or other relevant certifications.
  • Product & service catalog – item descriptions, prices, images, availability status, menu categories.
  • Operational information – business hours, delivery zones, preparation times, capacity limits.
  • Staff information – names and contact details of authorized personnel who manage your account.
  • Customer support content – chat transcripts, voice call recordings (with notice), emails, dispute reports, and feedback.

2.2 Information We Collect Automatically

  • Location data – business location coordinates, delivery radius settings, and location-based analytics.
  • Device information – hardware model, OS version, unique device identifiers, mobile network, language, time zone.
  • Usage data – app usage patterns, order management activities, response times, acceptance rates, crash logs via Google Firebase Analytics and Crashlytics.
  • Transaction data – order volumes, revenue analytics, payment processing information, settlement records.
  • Performance metrics – order fulfillment times, customer ratings, delivery success rates, inventory turnover.
  • Cookies and similar technologies on the Melu Vendors website or in-app web views.

2.3 Information from Third Parties

  • Payment processors – transaction status, settlement confirmations, chargeback information.
  • Banking partners – account verification status, transaction processing results.
  • Regulatory bodies – license verification, compliance status updates.
  • Customer feedback – ratings, reviews, and complaints from Melu app users.
  • Delivery partners – pickup confirmations, delivery status updates, driver feedback.

3. How We Use Your Information

We use personal and business data to:

  • Provide and maintain the Service – process vendor registration, manage product catalogs, facilitate order processing, handle payments and settlements.
  • Business operations – send order notifications, provide sales analytics, manage inventory, coordinate deliveries.
  • Compliance and verification – verify business licenses, conduct KYC (Know Your Customer) checks, ensure regulatory compliance.
  • Performance monitoring – track order fulfillment, measure customer satisfaction, generate business insights.
  • Communication – send order alerts, policy updates, promotional opportunities, training materials, and support messages.
  • Platform improvement – analyze usage patterns, optimize app performance, develop new features for vendors.
  • Financial services – process payments, manage settlements, provide financial reporting, detect fraudulent activities.
  • Legal compliance – respond to lawful requests, enforce Terms of Service, maintain tax records, meet industry regulations.

4. Lawful Bases for Processing

Melu Vendors processes personal data in line with the Nigeria Data Protection Regulation (NDPR 2019). The lawful bases we rely on are:

Purpose NDPR lawful basis Notes
Vendor registration, order processing, payments Contract Necessary to deliver the vendor services you request.
Business analytics, performance monitoring, marketing Legitimate interest We balance our business interests against your rights; you can opt out of marketing.
Location tracking for delivery coordination Consent You grant or revoke location permission in device settings.
KYC verification, business license validation Legal obligation and Contract Required for regulatory compliance and platform security.
Financial reporting, tax compliance, fraud prevention Legal obligation and Legitimate interest Covers tax, anti-money-laundering (AML), and regulatory requirements.

You may withdraw consent at any time via in-app settings or by emailing support@kloud45.tech. Withdrawing consent does not affect processing that has already occurred.

5. Sharing & Disclosure

We share vendor data only as described below:

  • Melu customers – business name, location, menu/catalog, ratings, estimated preparation times, and contact information for order coordination.
  • Delivery partners – pickup address, order details, contact information for coordination.
  • Payment partners – banking details and transaction information for settlement processing.
  • Regulatory authorities – business registration details, license information when required for compliance verification.
  • Cloud providers – data is hosted on Google Cloud (Firebase) and Amazon Web Services with appropriate security measures.
  • Analytics & monitoring tools – Firebase Analytics, Crashlytics, Sentry for app performance and business insights.
  • Legal authorities – when required by law, court order, or to protect rights, safety, or property.
  • Business transfers – in case of a merger, acquisition, or asset sale, we will notify you before your data is transferred.
  • Service providers – third-party vendors who help us operate the platform (with appropriate data processing agreements).

We never sell your personal or business data for monetary consideration.

6. Cookies & Similar Technologies

Cookies and local storage help us keep you signed in, remember preferences, track business performance, and measure website traffic. You can disable cookies in your browser, but some features may not work correctly.

7. Data Retention

We retain vendor account data for as long as your business account remains active. Financial records and transaction data are kept for at least 7 years to meet tax and regulatory requirements. Business performance data is retained for 3 years for analytics purposes. Location data is stored for 90 days unless needed to resolve disputes. Crash logs are retained for 24 months.

8. International Transfers

Your data may be stored and processed on servers outside your country of residence, including in the United States, the European Union, and Singapore. We rely on Standard Contractual Clauses and other safeguards for cross-border transfers to ensure adequate protection.

9. Security

We implement industry-standard safeguards: TLS/HTTPS encryption in transit, AES-256 encryption at rest, role-based access controls, regular security audits, and penetration testing. Banking and payment information receives additional protection through PCI DSS compliance. Despite our efforts, no method of transmission or storage is 100% secure.

10. Your Rights

Under the NDPR you have the right to:

  • Access, correct, or delete your personal and business data;
  • Object to or restrict processing;
  • Withdraw consent at any time;
  • Receive a copy of your data (data portability);
  • Lodge a complaint with your data protection authority;
  • Request information about automated decision-making that affects your business.

To exercise these rights, email support@kloud45.tech or use the in-app Privacy Center. Please note that some data may be retained for legal or regulatory compliance even after deletion requests.

11. Business Account Management

If you manage a business account on behalf of others, you are responsible for ensuring that all staff members understand this Privacy Policy. You must have appropriate authorization to provide personal information of your employees or business partners to Melu Vendors.

12. Financial Data & Settlements

Melu Vendors processes financial transactions and settlements on behalf of vendors. All banking information is encrypted and processed through certified payment partners. Settlement reports and financial analytics are provided to help you manage your business, but individual customer payment details are not shared with vendors.

13. Compliance & Regulatory Requirements

As a vendor on the Melu platform, you may be subject to specific regulatory requirements based on your business type (food service, pharmacy, transportation, etc.). We may collect and process additional information as required by relevant authorities and share this information for compliance verification.

14. Third-Party Links & Services

The Service may contain links to third-party websites or services that are not operated by Melu Vendors. We are not responsible for their privacy practices. We encourage you to review their policies before providing any data.

15. Changes to This Policy

We may update this Policy from time to time. We will notify you of material changes via email or an in-app alert and update the "Last updated" date above. Continued use of the Service after such updates constitutes acceptance of the revised Policy.

16. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact our Data Protection Officer:

Email: support@kloud45.tech

Website: https://kloud45.tech

Vendor Support: Available 24/7 through the Melu Vendors app