Privacy Policy
1. WHO WE ARE
Roma Insight and Analytics ("Roma Intelligence", "we", "us", or "our") acts as the data controller for the personal information processed through our research marketplace and analytics platform.
Our designated Data Protection Officer can be reached directly at privacy@romaintelligence.com for any inquiries regarding our data practices or to exercise your statutory rights.
2. DATA WE COLLECT
analyticsFor Researchers
- Organisation name and registration details
- Professional email address and phone number
- Billing information and transaction history
- Project briefs and research parameters
groupsFor Participants
- Legal name and verified NIN information
- Demographic data (Age, Gender, Location, Education)
- Employment status and industry focus
- Digital wallet and payment disbursement details
- Survey responses and research contributions
3. HOW WE USE YOUR DATA
Researchers
Used for account authentication, research project matching, service billing, and platform analytics to improve curation accuracy.
Participants
Used for identity verification through NIMC, demographic matching for surveys, incentive payments, and ensuring data integrity.
4. LEGAL BASIS
NDPR Compliance
We process data under Article 2.2(a) Consent, (b) Contractual Necessity, and (f) Legitimate Interest of the Nigeria Data Protection Regulation.
GDPR Alignment
For users within the EEA, processing is based on Article 6(1)(a) Consent, (b) Performance of a contract, and (f) Legitimate interests.
5. DATA SHARING
We only share your information with trusted third-party service providers who assist in operating our platform:
Paystack, Flutterwave, Stripe
NIMC (National Identity Management Commission)
Termii, Infobip
AWS (Amazon Web Services)
6. DATA RETENTION
7. YOUR RIGHTS
You maintain full control over your personal information. Under applicable data protection laws, you have the following rights:
8. COOKIES
We use essential cookies solely to maintain your session and ensure platform security. We do not use third-party advertising or tracking cookies for marketing purposes.
9. SECURITY
We employ industry-standard encryption. In the unlikely event of a data breach, we commit to notifying affected users and relevant authorities within 72 hours.
10. Children's Data
Our services are strictly not intended for individuals under the age of 18. We do not knowingly collect personal data from minors.
11. International Transfers
Where data is processed outside of Nigeria or the EU, we ensure appropriate safeguards (such as Standard Contractual Clauses) are in place to maintain the same level of protection.
12. Changes to this Policy
We may update this policy periodically. We will provide at least 14 days' notice via email or platform notification before any material changes take effect.