In the course of business, Arya MarketPlace collects and stores personal data of our customers, employees, sellers, suppliers, contractors and other individuals (“Data Subjects"). This information is a valuable and sensitive asset, that must be managed respectfully, and in accordance with all applicable local and international laws.
This Policy explains how any personal information which we process (or which are processed by others on our behalf) must be used in accordance with the law both local and international, and for Arya Marketplace legitimate business purposes only. It provides information on how Arya Marketplace collects and processes your personal data when you visit our website or mobile applications. It sets out what we do with your personal data and how we keep it secure and explains the rights that you have in relation to your personal data.
-
all processing of such personal data, including all collection, recording, organization, storage, use, disclosure, transfer, deletion and any other handling of personal data.
APPLICATION
This Policy applies to all Arya Marketplace employees; and to Arya Marketplace sellers, suppliers, contractors and other third parties responsible for processing personal data for or on behalf of Arya Marketplace, referred to in this Policy as our "Partners".
We expect all Partners to maintain our standards of data privacy, as set out in this Policy.
WHAT IS PERSONAL DATA?
Personal data is any information relating to an identified or identifiable person, including: name; address; date or place of birth; photographs or videos (including CCTV footage); contact details (e.g. telephone number, email, address); national identifiers (e.g. ID numbers); professional status (e.g. job title, employer); location; online identifiers (e.g. IP addresses); and personal preferences (e.g. shopping and browsing habits), among numerous other types of personal data. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his/her physical, mental, economic, cultural or social identity.
Sensitive personal data or special category personal data contains information relating to a person's race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health and sexual life or orientation.
HOW TO MANAGE PERSONAL DATA: THE KEY PRINCIPLES OF PERSONAL DATA PROTECTION
Arya Marketplace adheres to the highest personal data protection standards which require personal data to be processed in accordance with the principles set out below.
LAWFULNESS AND FAIRNESS
Personal data must be processed fairly and lawfully.
Arya Marketplace shall only process personal data if so required to comply with applicable laws (e.g. for the purpose of employee tax deductions) or if it has received affirmative consent i.e. the Data Subject must make a positive statement or tick a box by way of consent.
Processing of personal data in reliance on any other legal basis, and without consent of the Data Subject, requires express written approval from the Arya Marketplace General Counsel, and is otherwise strictly prohibited.
TRANSPARENCY
Personal data must be processed in a transparent manner.
DATA PRIVACY POLICY
Arya Marketplace ensures that Data Subjects are duly informed before they disclose their personal data, by a clear and comprehensive privacy notice.
PURPOSE LIMITATION AND DATA MINIMIZATION
Personal data must be collected only for specified, explicit and legitimate purposes.
Data collected must be adequate, relevant and limited to what is necessary for the identified purpose.
Personal data must be accurate and kept up to date where necessary. Arya Marketplace endeavors to maintain the accuracy of our records though:
DATA SUBJECT'S RIGHTS AND REQUESTS
Data Subjects are entitled to exercise various rights with respect to their own personal data, including but not limited to the following:
Arya Marketplace's Data Subject Rights Handling Guidance sets out processes for managing and responding to Data Subject requests, including mechanisms for communicating with Partners who may hold the relevant personal data in order to execute such responses.
Personal data must not be kept for any longer than is necessary. Arya Marketplace requires personal data to be anonymized or destroyed once the purpose for retaining that data, or the relevant time in the Document Retention Policy, has expired (as contained in schedule 2).
SECURITY, INTEGRITY AND CONFIDENTIALITY
Personal data must be processed in a manner which ensures its security using appropriate technical and organizational measures to protect against accidental loss, destruction or damage.
Security measures should be proportionate to the level of confidentiality and sensitivity of the personal data.
It is Arya Marketplace's goal to ensure security of personal data by:
-
carrying out due diligence, as part of the supplier onboarding process, to verify that any third-party suppliers who hold or have access to personal data on our behalf, meet our data protection standards.
TRANSFER LIMITATION
Personal data must not be transferred across borders without the appropriate safeguards and consents being in place.
Arya Marketplace maintains a record of all personal data transfers and requires you to inform and obtain approval from the Arya Marketplace General Counsel in respect of any personal data that is transferred across borders.
PRIVACY IMPACT ASSESSMENTS
Privacy Impact Assessments are a tool which allow you to identify, assess and mitigate privacy risks. They can also help you to design more efficient and effective processes for handling personal data.
Arya Marketplace requires a Privacy Impact Assessment to be completed where the activity falls outside Arya Marketplace's existing data map e.g. transferring data to a new supplier or collecting a new category of data.
Arya Marketplace maintains a full and accurate data map of all personal data processing activities and data flows, including details of records of Data Subjects consents and the procedures for obtaining consents.
We expect our Partners to maintain detailed data maps in respect of all personal data that they process on behalf of Arya Marketplace, and to make this information available to Arya Marketplace.
MANAGING DATA PRIVACY BREACHES
Arya Marketplace has in place procedures to deal with any suspected personal data breach and will notify affected individuals and applicable regulators where legally required to do so.
If you know or suspect that a personal data breach has occurred, immediately contact legal@arya.market.
EFFECTS OF VIOLATION OF THIS POLICY
Failure to comply with this Policy is a serious compliance breach.
Non-compliance is a disciplinary matter for employees. If you are a contractor, seller or supplier, it may constitute a breach of your contract with Arya Marketplace and we may review, and/or terminate, your assignment with us.
The following documents contain further helpful information on how Arya Marketplace manages personal data:
If you are an employee of Arya Marketplace and you have any questions about this Policy, or require approval of the General Counsel, please contact the lawyer responsible for your market.
If you are a Partner of Arya Marketplace and you have any questions about this Policy or you require any approvals, please contact your Arya Marketplace relationship manager.
If you know or suspect that a personal data breach has occurred, immediately contact legal@arya.market.
Adopted on the 1st day of July 2025
Schedule 1: Our Privacy Notice
To better serve you and understand your needs and interests, Arya Marketplace collects, transfers, and uses your information. This is done with proper notice, your consent when required by law, and any necessary filings with data protection authorities.
This means that when you visit the Website or use our App, we may record your IP address and use cookies and other Internet technologies (referred to below as Automated Tools and Embedded Web Links) to gather information about you as our visitors and your interests. Such information includes your user ID, website preferences and your interest in Arya Marketplace's products.
Depending on the Automated Tools used, the gathered data comprises, in addition to your IP address, the cloud identity we assign to you when you register with Arya Marketplace's, the type of browser you use, the Websites you have visited, the objects you have clicked on a certain Website, the time you have spent on a certain website, the referring website from which you have accessed the Website and the foreign destination website which you access from the Website.
We may further collect and process any Personal Data that you volunteer to us, e.g. when you register for events or other offerings of Arya Marketplace subscribe to newsletters, participate in online surveys, discussion groups, forums or Arya Marketplace's chat service, or when you make purchases or otherwise submit your contact details to Arya Marketplace. In case you provide Arya Marketplace with your IDs of social media, Arya Marketplace may retrieve publicly available information about you.
To enhance your experience and better understand your preferences, Arya Marketplace uses cookies to collect and process information. This is done with appropriate notice, your consent where legally required, and in compliance with any necessary data protection authority filings.
Note that, any data you send us will be used in a lawful way, we won't do anything with it that we did not tell you about in advance, and it will all remain private unless you give us permission to send specific data to a third party for a good reason.
Schedule 2 :Data Retention Policy
Effective Date: -01/07/25-----------
Last Updated: --23/07/25-
This Data Retention Policy outlines how Arya Marketplace ("we", "our", or "us") collects, stores, retains, and deletes personal and transactional data of users interacting with our shopping website and mobile application ("Platform"). The goal is to retain data only as long as necessary for business, legal, and compliance purposes.
This policy applies to all personal data processed by the Platform, including data collected through:
3. Data Categories and Retention Periods
|
|
|
|
|
|
5 years after last activity or deletion
|
Customer service, fraud prevention, legal
|
|
|
|
Tax, audit, and business recordkeeping
|
|
|
Not stored (tokenized via payment gateway)
|
Payment security (PCI DSS compliance)
|
Shipping/Billing Addresses
|
|
Order fulfillment, returns, fraud checks
|
|
|
|
Quality assurance and dispute resolution
|
|
|
Until user opts out or account is deleted
|
Consent-based communication
|
|
|
12–24 months (based on cookie type)
|
Analytics, performance optimization
|
4. Data Deletion and Anonymization
Once the retention period ends, we will:
Under applicable data protection laws GDPR, CCPA, users have the right to:
Users can exercise their rights by contacting legal@arya.market.
6. Legal and Regulatory Compliance
We may retain certain data for longer periods if required by:
This policy is reviewed annually or upon significant changes in regulations or business operations.
For questions or concerns about this policy, contact us at:
Email: legal@arya.market
Address: No 2 Bangui Street, Wuse 2, FCT, ABUJA.
Apparel & Textiles
.jpg)
Beauty And Personal Care
Health & Medical Equipment
Shoes
Electronics And Appliances
Machinery & Equipment
Automobile & Transportation
Agriculture & Food
Industrial & Raw Materials
Home Décor
Office & School Supplies
.jpg)
Sports, Entertainment & Gifts
.png)
Packaging Products
Leather Goods
Accessories
