ARMS IT Nigeria FIRS Compliant E-Invoicing Logo

Privacy Policy

Last Updated: January 2025

1. Introduction

ARMS IT Nigeria ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our E-Invoicing platform and services. By using our services, you consent to the data practices described in this policy.

This policy is designed to comply with the Nigeria Data Protection Regulation (NDPR) 2019 and other applicable Nigerian data protection laws.

2. Information We Collect

We collect the following types of information:

  • Business Information: Company name, Tax Identification Number (TIN), business address, registration details.
  • Contact Information: Name, email address, phone number, postal address.
  • Transaction Data: Invoice details, customer information, product/service information, payment records.
  • Technical Data: IP address, browser type, device information, usage patterns, log files.
  • Account Information: Username, password (encrypted), subscription details, billing information.

3. Data Sharing and Disclosure

We respect your business confidentiality. We do not sell your data. However, data is shared in the following specific circumstances:

  • Federal Inland Revenue Service (FIRS): As an E-Invoicing solution provider, we are mandated to transmit specific invoice data to FIRS for validation and tax reporting purposes.
  • Service Providers: We may employ third-party companies (e.g., cloud hosting providers like AWS/Azure) to facilitate our service, under strict confidentiality agreements.
  • Legal Obligations: We may disclose information if required to do so by Nigerian law or in response to valid requests by public authorities (e.g., a court or government agency).

4. Data Security

We employ industry-standard security measures to protect your data, including:

  • Encryption: All data is encrypted in transit (using TLS/SSL) and at rest.
  • Access Controls: Strict role-based access control (RBAC) ensures only authorized personnel can access your account.
  • Regular Audits: We conduct regular security audits and vulnerability assessments.

5. Your Rights Under NDPR

Under the Nigeria Data Protection Regulation, you have the right to:

  • Request access to the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your personal data (subject to tax record-keeping laws which may require data retention for a specific period).
  • Withdraw consent for marketing communications.

6. Data Retention

We retain your transaction and business data for as long as your account is active or as needed to provide you services, and thereafter for the period required by Nigerian Tax Laws (typically 6 years) for audit and compliance purposes.

7. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer:

ARMS IT Nigeria
No.22, Glover Road
Brains & Hammers Estate
Lifecamp, Abuja, FCT
Nigeria
info@armsit.ng
+234 909 999 2276