Privacy Policy

1. Introduction

Smart Creator Lab (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, share, and protect your information when you interact with us through our website, courses, lead forms, email lists, WhatsApp communications, social media accounts, and any related services (collectively, “our Services”).

This policy applies to anyone who:

  • Visits our website or landing pages
  • Subscribes to our email list or downloads our free resources
  • Opts into our WhatsApp messages or broadcast lists
  • Submits information through our Facebook or Instagram lead forms
  • Purchases a course, ebook, template, or other digital product from us
  • Joins our community groups or coaching programmes
  • Contacts us through any channel

By using our Services, you agree to the practices described in this policy. If you do not agree, please do not use our Services.

2. Who We Are (Data Controller)

For the purposes of applicable data protection laws, the data controller responsible for your personal data is:

Smart Creator Lab Legal business name: SMART CREATOR LAB Business address: Abuja, Nigeria Email: support@smartcreatorlab.com] Phone / WhatsApp: +2348035455929

3. Information We Collect

We collect personal data in three main ways: information you provide to us directly, information collected automatically when you use our Services, and information we receive from third parties.

3.1 Information You Provide Directly

When you interact with us, you may share:

  • Contact details — your full name, email address, WhatsApp / phone number
  • Account information — username and password if you create an account on our learning platform
  • Payment information — billing name, billing address, and transaction details (full card or bank details are processed directly by our payment providers and never stored on our systems)
  • Course and community content — messages, questions, assignments, and other contributions you submit
  • Survey, feedback, and communication content — anything you share when you reply to our emails, message us on WhatsApp, or fill in a survey or form
  • Marketing preferences — your choices about how we contact you

3.2 Information Collected Automatically

When you use our website or interact with our emails, we may automatically collect:

  • Device and browser information — IP address, browser type, operating system, device model
  • Usage data — pages viewed, time spent, links clicked, referring website, and similar interaction data
  • Email engagement — opens, clicks, and similar metrics tracked by our email platform
  • Cookies and similar technologies — see Section 8 below

3.3 Information From Third Parties

We may receive information about you from:

  • Meta (Facebook and Instagram) — when you submit a lead form on our ads, Meta passes your name, email, phone number, and any custom answers you provide
  • Payment processors — such as Paystack, Flutterwave, Selar, or Nestuge, which confirm successful payments and share buyer details
  • Course hosting platforms — that confirm enrolment and progress
  • Marketing automation tools — such as Mailchimp, Serlzo, ManyChat, or similar, which may share engagement signals
  • Public sources and referrals — when someone refers you, or when you mention us publicly on social media

4. How We Use Your Information

We use the information we collect for the following purposes:

Delivering our products and services

  • Sending you the lead magnets, free guides, or resources you requested
  • Providing access to courses, communities, or coaching programmes you purchased
  • Processing payments and issuing receipts
  • Responding to questions, requests, and customer support enquiries

Communicating with you

  • Sending you transactional emails (course access, payment receipts, important updates)
  • Sending you marketing emails, WhatsApp messages, or SMS — only where you have given consent
  • Notifying you of new resources, offers, or events that may interest you

Improving our services

  • Analysing how people use our website, emails, and content
  • Improving our courses based on student feedback and progress
  • Testing new features, offers, and messaging

Marketing and personalisation

  • Showing you relevant ads on Facebook, Instagram, Google, and similar platforms
  • Creating lookalike audiences to find new potential students
  • Personalising the content you see based on your interests and past interactions

Legal, safety, and fraud prevention

  • Complying with our legal obligations under Nigerian law and other applicable laws
  • Detecting and preventing fraud, abuse, or unauthorised access
  • Enforcing our terms and policies

5. Legal Basis for Processing

Under the Nigeria Data Protection Act 2023 (NDPA) and similar laws such as the EU General Data Protection Regulation (GDPR) where applicable, we rely on the following legal grounds to process your personal data:

  • Consent — when you actively opt in to receive marketing communications, download a lead magnet, or submit a form
  • Performance of a contract — to deliver the products, courses, or services you purchased
  • Legitimate interests — for purposes such as improving our services, securing our systems, and basic analytics, provided your rights and freedoms are not overridden
  • Legal obligation — where the law requires us to process or retain certain data

Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing already carried out (see Section 12 — Your Rights).

6. How We Share Your Information

We do not sell your personal data. We share it only in the following circumstances:

With service providers (data processors)

We work with trusted third parties that help us run our business. These include, but are not limited to:

  • Payment processors (e.g. Paystack, Flutterwave, Selar, Nestuge) for handling transactions
  • Course hosting platforms (e.g. Selar, Nestuge, or similar)
  • Email marketing platforms (e.g. Mailchimp, ConvertKit, Beehiiv, or Serlzo)
  • Customer messaging tools (e.g. WhatsApp Business, ManyChat, Serlzo)
  • Analytics and advertising platforms (e.g. Google Analytics, Meta Pixel, Facebook Ads, TikTok Ads)
  • Cloud storage and productivity tools (e.g. Google Workspace, Notion, Canva)

These providers are only allowed to use your personal data to perform the services we ask of them, and are required to protect it.

With legal and regulatory authorities

We may disclose personal data when required by law, court order, or government regulator — including the Nigeria Data Protection Commission (NDPC) — or when necessary to protect our legal rights, prevent fraud, or address security issues.

In business transfers

If Smart Creator Lab is involved in a merger, acquisition, restructuring, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.

With your consent

We will share your personal data with any other party only with your explicit, informed consent.

7. International Data Transfers

Some of our service providers are located outside Nigeria — including in the United States, the United Kingdom, the European Union, and other regions. When we transfer your personal data internationally, we take steps to ensure it receives an adequate level of protection through measures such as:

  • Choosing providers that are certified under recognised data protection frameworks
  • Using contractual safeguards approved under applicable data protection laws
  • Limiting the data transferred to what is strictly necessary

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to recognise your device, remember your preferences, and analyse how visitors use our site. We use the following categories of cookies:

  • Essential cookies — required for the website to function (e.g. shopping cart, login sessions)
  • Analytics cookies — help us understand how visitors use our site (e.g. Google Analytics)
  • Marketing cookies — used to deliver relevant ads and measure their effectiveness (e.g. Meta Pixel, TikTok Pixel)

You can control cookies through your browser settings. Blocking some cookies may affect your experience on our site.

9. Marketing Communications

With your consent, we may send you marketing emails, WhatsApp messages, or SMS about our courses, new resources, promotions, and events.

You can opt out of marketing communications at any time by:

  • Clicking the “unsubscribe” link at the bottom of any marketing email
  • Replying “STOP” to any marketing WhatsApp or SMS
  • Emailing us at [your contact email] with the subject “Unsubscribe”

Even if you opt out of marketing, we may still send you transactional messages (e.g. payment confirmations, course access, important policy updates).

10. Data Retention

We keep your personal data only for as long as needed to fulfil the purposes outlined in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. In practice:

  • Email subscriber data — retained while you remain subscribed, and for up to [12] months after you unsubscribe, for record-keeping purposes
  • Customer purchase records — retained for at least [6] years after the transaction to comply with tax and accounting requirements
  • Course access data — retained while you have access to the course, and for [12] months after access ends
  • Marketing analytics data — typically retained for [26] months in aggregated form

After these periods, we either delete your data or anonymise it so it can no longer be linked to you.

11. Data Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures include:

  • Using reputable third-party platforms with established security practices
  • Restricting access to personal data to people who need it to do their jobs
  • Using strong passwords and two-factor authentication on our admin accounts
  • Encrypting payments through trusted processors

However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we will notify you and the relevant authority in the event of a personal data breach as required by law.

12. Your Rights

Subject to applicable law, you have the following rights regarding your personal data:

  • Right of access — request a copy of the personal data we hold about you
  • Right of rectification — correct inaccurate or incomplete data
  • Right of erasure — request deletion of your data, subject to legal exceptions
  • Right to restrict processing — limit how we use your data in certain situations
  • Right to data portability — receive your data in a structured, machine-readable format
  • Right to object — object to processing based on our legitimate interests, including direct marketing
  • Right to withdraw consent — at any time, where we rely on consent to process your data
  • Right not to be subject to solely automated decision-making that produces legal effects

To exercise any of these rights, contact us using the details in Section 15. We will respond within 30 days, or such other period as required by applicable law.

13. Children’s Privacy

Our Services are intended for people aged 18 and above. We do not knowingly collect personal data from children under 18. If you believe a child has provided us with personal data, please contact us immediately and we will take steps to delete it.

14. Third-Party Links

Our website, emails, and communications may contain links to third-party websites, products, or services. We are not responsible for the privacy practices or content of these third parties. We encourage you to read their privacy policies before sharing your personal data with them.

15. How to Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

Smart Creator Lab Email: support@smartcreatorlab.com WhatsApp / Phone: +2348035455929

16. How to Lodge a Complaint

If you believe we have not handled your personal data in accordance with this policy or applicable law, you have the right to lodge a complaint with the relevant supervisory authority.

For Nigerian residents:

Nigeria Data Protection Commission (NDPC) Website: ndpc.gov.ng We would, however, appreciate the chance to address your concerns first — please contact us before approaching the NDPC.

If you reside outside Nigeria, you may also have the right to lodge a complaint with the data protection authority in your country of residence.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will:

  • Update the “Last updated” date at the top of this policy
  • Notify you by email or through a notice on our website
  • Where required by law, request your renewed consent

We encourage you to review this policy periodically to stay informed about how we protect your data.

End of Privacy Policy.