Privacy Policy

Last Updated: November 28, 2025

At Ekogni, we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, store, share, and protect your personal data when you use our computer-based testing (CBT) platform.

This policy complies with the Nigeria Data Protection Regulation (NDPR) 2019 and other applicable data protection laws. By using our Service, you consent to the data practices described in this policy.

Quick Summary: We collect your name, email, student/staff ID, and profile picture (optional) to provide our CBT platform. We store data in the EU (Ireland) and share it only with payment processors (Paystack), email providers (Postmark), and security services (hCaptcha). You can request access, correction, or deletion of your data at any time by contacting support@ekogni.com.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account:

For institutional accounts:

Payment Information:

1.2 Information Collected Automatically

Technical Data:

Exam Activity Data:

1.3 Information from Third Parties

2. How We Use Your Information

We use your personal information for the following purposes:

2.1 To Provide and Improve Our Service

2.2 To Manage Subscriptions and Billing

2.3 To Communicate with You

2.4 To Ensure Security and Prevent Abuse

2.5 To Comply with Legal Obligations

3. How We Store and Protect Your Information

3.1 Data Storage Location

Your personal data is stored in the European Union (EU-West-1 region - Ireland) using Supabase's PostgreSQL database infrastructure. This constitutes a cross-border data transfer from Nigeria to the EU.

NDPR Compliance: We rely on the following safeguards for cross-border data transfer:

3.2 Security Measures

We implement industry-standard security measures to protect your data:

3.3 Data Retention

Active Accounts: We retain your personal data for as long as your account is active and you continue to use the Service.

Closed Accounts: If you close your account or your subscription expires, we will delete your personal data within 90 days, except where we are legally required to retain it.

Legal Retention Requirements:

4. How We Share Your Information

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes. We only share your data with the following trusted service providers:

4.1 Third-Party Service Providers

Paystack (Payment Processing):

Postmark (Email Delivery):

Supabase (Database and Authentication):

hCaptcha (CAPTCHA Verification):

For the current and always-up-to-date list of our subprocessors, please see our Subprocessors page.

4.2 Legal Disclosures

We may disclose your information if required by law or in response to:

4.3 Organizational Data Sharing (Institutional Accounts)

If you are part of an institutional (school) account:

5. Your Rights Under Nigerian Data Protection Regulation (NDPR)

Under the NDPR, you have the following rights regarding your personal data:

5.1 Right to Access

You have the right to request a copy of all personal data we hold about you. To request your data, contact us at support@ekogni.com with the subject line "Data Access Request."

5.2 Right to Correction

You can update your account information (name, email, profile picture, student ID) at any time by logging into your account and visiting the Account Settings page. If you need assistance, contact support@ekogni.com.

5.3 Right to Deletion (Right to be Forgotten)

You can request deletion of your account and personal data by contacting support@ekogni.com with the subject line "Account Deletion Request." We will delete your data within 90 days, except where we are legally required to retain it (e.g., billing records for tax purposes).

5.4 Right to Data Portability

You have the right to export your data in a structured, machine-readable format (JSON). To request a data export, contact support@ekogni.com.

5.5 Right to Object

You may object to the processing of your personal data for certain purposes. However, if you object to essential processing (e.g., authentication, billing), we may not be able to provide the Service to you.

5.6 Right to Withdraw Consent

You may withdraw your consent to data processing at any time by closing your account or contacting support@ekogni.com. Withdrawal of consent does not affect the lawfulness of processing conducted prior to withdrawal.

5.7 Right to Lodge a Complaint

If you believe we have violated your data protection rights, you may lodge a complaint with the Nigeria Data Protection Commission (NDPC) or the National Information Technology Development Agency (NITDA).

6. Children's Privacy

Our Service is used by students, some of whom may be under 18 years of age. If you are under 18, you must have permission from a parent, guardian, or your educational institution to use the Service.

We do not knowingly collect personal information from children under 13 without parental or school consent. If we become aware that we have collected data from a child under 13 without proper consent, we will delete the information immediately.

Institutional Account Consent Responsibilities: For students using Ekogni under an institutional (school) license, the school is responsible for obtaining all necessary parental or guardian consent before creating student accounts. By approving student accounts, the school certifies that:

Ekogni relies on schools to fulfill this consent obligation and is not responsible for a school's failure to obtain proper parental consent.

7. Cookies and Tracking Technologies

7.1 Cookies We Use

We use cookies to provide essential functionality:

7.2 Third-Party Cookies

Third-party services (Supabase, hCaptcha) may set their own cookies. Refer to their privacy policies for details.

7.3 Managing Cookies

You can disable cookies in your browser settings, but doing so may prevent you from using the Service.

8. International Data Transfers

As mentioned in Section 3.1, your data is stored in the EU (Ireland). If you access our Service from Nigeria, your data will be transferred across borders.

We ensure that data transfers comply with NDPR requirements by:

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service features. When we make material changes, we will:

Your continued use of the Service after such notification constitutes acceptance of the updated Privacy Policy. If you do not agree to the changes, you must stop using the Service and request account deletion.

10. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Ekogni Support
Email: support@ekogni.com
Phone: +234 810 248 6199
Hours: Monday-Friday, 8:00 AM - 6:00 PM WAT

Data Protection Inquiries: support@ekogni.com


By using the Ekogni Service, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.

12. Platform-Specific Notes

12.1 Desktop App (Windows/macOS)

12.2 Website