Legal

Privacy Policy

We take the privacy of every tailor and customer on Tailora seriously. This policy explains what we collect, how we use it, and your rights over your data.

Effective: 21 March 2026 Last updated: 21 March 2026 Applies to: Tailora mobile app and web services
01

Overview

Tailora ("we", "us", "our") is a business management platform built for independent tailors and fashion designers across Africa. We are committed to protecting your personal information and handling it transparently.

This Privacy Policy applies to the Tailora mobile application, our website at tailora.app, and all related services. By using Tailora, you agree to the collection and use of your information as described in this policy.

We will never sell your personal data to third parties. Your business data — customers, measurements, orders, payments — belongs to you.

02

Information We Collect

Information you provide directly

  • Account details: your name, phone number, email address, and business name
  • Profile information: country, currency preference, and business description
  • Customer data: names, phone numbers, email addresses, and body measurements of your clients
  • Order data: garment details, pricing, payment records, due dates, and delivery information
  • Identity documents: BVN (Bank Verification Number) or NIN (National Identification Number) — collected only for wallet KYC verification and stored encrypted
  • Transaction PIN: stored as a one-way bcrypt hash — we cannot view or recover your PIN

Information collected automatically

  • Device token: for push notification delivery (Firebase Cloud Messaging)
  • Device type: iOS or Android, for notification routing only
  • App usage: general feature usage patterns to improve Tailora (no keystroke logging or screen recording)
  • IP address: logged temporarily for security and fraud prevention

Information from third-party services

  • Rubies MFB: wallet account number, balance, and transaction records when you connect a wallet
  • RUUT (WhatsApp API): delivery status of WhatsApp messages we send on your behalf
03

How We Use Your Data

We use the information we collect only to operate and improve Tailora. Specifically:

  • To create and manage your Tailora account
  • To provide the order management, customer tracking, and payment features of the app
  • To set up and operate your Tailora Wallet via Rubies MFB
  • To verify your identity (KYC) as required by financial regulations before enabling wallet withdrawals
  • To send you automated WhatsApp notifications about your orders, payments, and business performance — only based on the preferences you configure
  • To send push notifications to your device about order updates and payment receipts
  • To detect and prevent fraud, particularly on wallet withdrawal requests
  • To respond to support requests and resolve technical issues
  • To improve Tailora features based on aggregate, anonymised usage data

We do not use your data for advertising, profiling, or any purpose beyond operating the Tailora service.

04

Data Sharing

We share your data only with third-party services that are strictly necessary to operate Tailora:

Rubies MFB (Banking-as-a-Service)

When you set up a Tailora Wallet, we share your verified identity information (name, BVN or NIN, date of birth, phone number) with Rubies Microfinance Bank to create your wallet account, as required by CBN financial regulations. Rubies handles your financial data under their own privacy policy and CBN regulatory requirements.

RUUT (WhatsApp Messaging)

We use RUUT's WhatsApp API to send automated messages on your behalf — OTP codes, payment alerts, weekly summaries, and order reminders. Only your phone number and the content of the specific message are shared with RUUT.

Firebase (Google) — Push Notifications

We use Firebase Cloud Messaging to deliver push notifications to your device. Your device token is shared with Firebase for this purpose only.

Legal Requirements

We may disclose your information if required to do so by law, court order, or in response to a valid request from a regulatory authority (such as the CBN or EFCC), or to protect the rights, property, or safety of Tailora, our users, or the public.

We do not sell, rent, or trade your personal data to advertisers, data brokers, or any other third parties.

05

Data Security

We implement industry-standard security measures to protect your data:

  • All data transmitted between the Tailora app and our servers is encrypted using HTTPS/TLS
  • BVN and NIN numbers are stored encrypted in our database — they are never stored as plain text
  • Transaction PINs are hashed using bcrypt — we cannot view or recover your PIN under any circumstances
  • Wallet withdrawals are restricted to accounts that match your verified BVN identity — protecting against fraud even if your account is compromised
  • JWT authentication tokens expire every 24 hours
  • OTP codes used for login and password reset expire after 10 minutes

While we take every reasonable precaution, no system is 100% secure. If you discover a security vulnerability in Tailora, please contact us immediately at security@tailora.app.

06

Data Retention

We retain your data for as long as your account is active. Specifically:

  • Account and profile data: retained for the life of your account
  • Customer and measurement data: retained for the life of your account
  • Order and payment records: retained for a minimum of 7 years to comply with Nigerian financial record-keeping requirements
  • Wallet transaction records: retained for a minimum of 7 years as required by CBN regulations
  • KYC identity data (BVN/NIN): retained for the life of your wallet account and for 7 years after account closure, as required by AML regulations
  • OTP codes: deleted immediately after use or expiry
  • Device tokens: deleted when you log out or when the token becomes invalid

If you delete your account, we will anonymise or delete your personal data within 30 days, except where retention is required by law.

07

Your Rights

You have the following rights over your personal data:

  • Access: You can request a copy of all personal data we hold about you
  • Correction: You can update your name, phone, email, and business details directly in the app Settings at any time
  • Deletion: You can request deletion of your account and personal data by contacting support
  • Portability: You can request an export of your customer and order data in a standard format
  • Notification preferences: You can configure or disable all automated notifications in the app Settings at any time
  • Withdraw consent: You can withdraw consent for any non-essential data processing by contacting us

To exercise any of these rights, contact us at privacy@tailora.app. We will respond within 30 days.

08

WhatsApp & Notifications

Tailora uses WhatsApp to send you business-critical messages including OTP codes, payment alerts, order reminders, and weekly business summaries. By registering with your phone number, you consent to receive these messages.

You can control which automated notifications you receive from the Settings screen in the app. You may disable any or all notification types at any time. However, certain messages — such as OTP codes required for login — cannot be disabled as they are essential to account security.

Tailora will never send you promotional or marketing messages via WhatsApp without your explicit opt-in.

09

Wallet & Financial Data

The Tailora Wallet is powered by Rubies Microfinance Bank, a CBN-licensed financial institution. When you use the wallet:

  • Your KYC identity verification (BVN or NIN) is processed by both Tailora and Rubies MFB in compliance with CBN Know Your Customer requirements
  • Your wallet account number, balance, and transaction history are stored on both Tailora's servers and Rubies MFB's systems
  • All wallet transactions are subject to the regulatory oversight of the Central Bank of Nigeria
  • Rubies MFB's own privacy policy governs how they process your financial data — we encourage you to review it

Your transaction PIN is stored only as a bcrypt hash on our servers. Tailora staff cannot view, reset, or recover your PIN. If you forget your PIN, you must set a new one using the Change PIN feature in the app.

10

Children's Privacy

Tailora is a business management platform intended for use by adults aged 18 and over. We do not knowingly collect personal information from anyone under the age of 18. Our wallet and KYC process requires users to be at least 18 years old.

If you believe a minor has created a Tailora account, please contact us at privacy@tailora.app and we will promptly delete the account.

11

Changes to This Policy

We may update this Privacy Policy from time to time as Tailora evolves. When we make material changes, we will:

  • Update the "Last updated" date at the top of this page
  • Send a notification via WhatsApp or push notification to active users
  • For significant changes, display an in-app prompt requiring you to review and acknowledge the update before continuing to use Tailora

Continued use of Tailora after the effective date of any update constitutes acceptance of the revised policy.

12

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please contact us:

We aim to respond to all privacy-related enquiries within 30 days.