Privacy Policy

Last updated: June 2025

Oosri Global operates as an online marketplace connecting independent sellers and buyers internationally. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use the Oosri platform, and what rights you have over your data.

Who We Are
Information We Collect
How We Use Your Information
How We Share Your Information
Data Retention
Security
Your Rights
Cookies and Tracking Technologies
International Transfers
California Residents (CCPA/CPRA)
Children's Privacy
Changes to This Policy
Contact Us

1. Who We Are

Oosri Global ("Oosri," "we," "us," or "our") is an online marketplace that connects independent sellers and buyers internationally. Oosri facilitates payments, logistics integrations, and dispute support, while buyers contract directly with sellers for purchases. For most personal data processed through the platform, Oosri acts as the data controller. Sellers are independent controllers for their own processing of buyer data outside of Oosri's platform purposes.

This Privacy Policy applies to all users of the Oosri website, mobile applications, and related services (collectively, the "Services").

2. Information We Collect

We collect information in the following categories:

Information you provide to us

Account information: name, email address, phone number, password, and gender when you register.
Order and transaction information: shipping address, payment details (processed via our payment processor — we do not store full card numbers), and order history.
Communications: messages sent through our platform, support requests, and feedback.
Seller information: business details, bank/payout information, and identity verification documents where required.

Information collected automatically

Device and usage data: IP address, browser type, operating system, pages visited, and clickstream data.
Cookies and similar technologies: session identifiers, analytics data, and preference settings. See our Cookies section for details.
Location data: approximate location inferred from IP address; precise location only if you grant permission.

Information from third parties

Payment processors and logistics/carrier partners (for transaction confirmation and delivery status).
Fraud detection and identity verification services.
Analytics providers (aggregated or pseudonymized usage data).
Social login providers (such as Google), if you choose to sign in or register using a third-party account.

3. How We Use Your Information

We use personal information for the following purposes:

Operating the marketplace: processing registrations, orders, payments, and returns.
Customer support: responding to enquiries, disputes, and complaints.
Fraud prevention and security: detecting and preventing unauthorized access, fraud, and abuse.
Legal compliance: meeting obligations under applicable law including tax, accounting, and regulatory requirements.
Service improvement: analyzing usage to improve features, performance, and user experience.
Communications: sending transactional messages (order confirmations, shipping updates) and, where you have opted in, promotional messages.
Personalization: remembering your preferences and tailoring your experience.

Where required by law (including under Nigeria's Data Protection Act 2023, UK GDPR, and Canada's PIPEDA), we will identify and rely on a valid lawful basis for each processing activity, such as contract performance, legal obligation, legitimate interests, or consent.

With sellers

When you place an order, we share your name, delivery address, contact details, and order information with the relevant seller to enable fulfillment, shipping, customer support, and returns. Sellers are independent controllers for their own processing of this data and must comply with applicable privacy laws and Oosri's Seller Privacy Addendum.

With service providers and processors

We share data with trusted third-party service providers who process data on our behalf, including payment processors, logistics and carrier partners, cloud infrastructure providers, fraud detection services, customer support platforms, and analytics providers. These parties are bound by contractual obligations to process data only as instructed and to implement appropriate security measures.

For legal and safety reasons

We may disclose personal information to law enforcement, regulators, or other third parties where required or permitted by law, or where necessary to protect the rights, property, or safety of Oosri, our users, or the public.

Business transfers

If Oosri is involved in a merger, acquisition, or sale of all or part of its assets, personal information may be transferred as part of that transaction. We will notify you of any such change via a prominent notice on our website or by email.

We do not sell your personal information to third parties for their own marketing purposes.

5. Data Retention

We retain personal information only as long as reasonably necessary for the purposes for which it was collected, or as required by law. The table below sets out our general retention periods:

Data Category	Primary Purpose	Retention Period
Account profile data	Account management, platform use	Duration of account + 2 years after closure
Order and transaction data	Order fulfillment, dispute resolution	7 years (legal/tax compliance)
Fulfillment data (name, address, phone)	Delivery, customer support	24 months after order completion
Invoices and tax records	Compliance, accounting	7 years
Dispute / chargeback files	Fraud prevention, dispute defense	3 years after dispute closure
Seller-to-buyer messages	Support and dispute evidence	24 months
Device / analytics data	Security, service improvement	13 months (rolling)
Marketing consent records	Demonstrating lawful basis	Until consent withdrawn + 3 years

When data is no longer needed, we delete, anonymize, or securely destroy it in accordance with our data disposal procedures.

6. Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, loss, alteration, or disclosure. These include encryption in transit and at rest, access controls, and regular security reviews.

In the event of a personal data breach that is likely to result in risk to your rights and freedoms, we will notify the relevant regulatory authority within 72 hours of becoming aware of the breach (as required under Nigeria's NDPA and UK GDPR) and will notify affected individuals without undue delay where the breach is high-risk. California residents will be notified as required by California breach notification law.

While we take data security seriously, no system is completely secure. You are also responsible for keeping your account credentials confidential.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Access: request a copy of the personal data we hold about you.
Correction: request that we correct inaccurate or incomplete data.
Deletion: request that we delete your personal data, subject to legal retention obligations.
Restriction: request that we restrict processing of your data in certain circumstances.
Objection: object to processing based on legitimate interests or for direct marketing purposes.
Portability: receive your data in a structured, commonly used format (where applicable).
Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
Automated decision-making: you have the right not to be subject to solely automated decisions that have legal or similarly significant effects, and to request human review, express your view, and contest such decisions.

To exercise your rights, please contact us at support@oosri.com. We will respond within the timeframe required by applicable law. You also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

8. Cookies and Tracking Technologies

We use cookies, pixels, and similar technologies to operate the marketplace, remember your preferences, detect fraud, measure performance, and (where permitted) show relevant advertising.

Cookie categories

Category	Purpose	Consent Required?
Strictly necessary	Session management, authentication, security, fraud prevention	No
Functional	Language/region preferences, saved cart	Yes (where required)
Analytics	Usage measurement and service improvement (e.g. Google Analytics)	Yes
Marketing	Advertising attribution and targeting (e.g. Meta, TikTok)	Yes

You can manage your cookie preferences at any time through our Cookie Settings. If you are in certain locations, you may also send an opt-out preference signal (such as Global Privacy Control) through your browser settings and we will honor it where required by law.

9. International Transfers

Oosri operates globally and your personal information may be transferred to and processed in countries outside your own, including countries that may not provide the same level of data protection as your home jurisdiction.

Where we transfer personal data from the UK or EEA, we rely on appropriate safeguards such as the UK International Data Transfer Agreement (IDTA) or Standard Contractual Clauses. For transfers from Nigeria, we comply with the cross-border transfer conditions under the Nigeria Data Protection Act 2023. For transfers involving Canadian personal information, we use contractual and other measures to maintain accountability for data transferred to third-party processors.

10. California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA:

Right to know: request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, purposes, and third parties we share it with.
Right to delete: request deletion of your personal information, subject to certain exceptions.
Right to correct: request correction of inaccurate personal information.
Right to opt out of sale/sharing: you may direct us not to sell or share your personal information for cross-context behavioral advertising.
Right to limit sensitive personal information: where applicable, request that we limit the use of sensitive personal information beyond authorized purposes.
Non-discrimination: we will not discriminate against you for exercising your rights.

We honor recognized opt-out preference signals (such as Global Privacy Control) where required. To submit a request, email us at support@oosri.com. We will verify your identity and respond within the time required by California law.

11. Children's Privacy

Our Services are not directed to children under the age of 13 (or 16 where required by applicable law). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at support@oosri.com and we will delete the information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will post the updated policy on this page with a revised "last updated" date. For material changes, we will provide additional notice such as an email notification or a prominent banner on our website. Your continued use of the Services after any changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

Email: support@oosri.com

Website: oosri.com

You also have the right to lodge a complaint with the relevant data protection authority in your jurisdiction, including the Nigeria Data Protection Commission (NDPC), the UK Information Commissioner's Office (ICO), or the Office of the Privacy Commissioner of Canada (OPC).