🏡
NestHQ
HomeTermsRefund

Privacy Policy

Last updated: July 2025

Table of Contents

1. Information We Collect2. How We Use Your Information3. Data Storage4. Third-Party Services5. Data Sharing6. Your Rights7. Cookies and Local Storage8. Data Retention9. Children's Privacy10. Security Measures11. Changes to This Policy12. Contact for Data Requests13. Legal Compliance

At NestHQ, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our platform.

1. Information We Collect

We collect the following types of information:

Personal Information:

  • Full name (provided during registration)
  • Email address (used for authentication and communication)
  • Phone number (Ghana mobile number for WhatsApp contact)
  • Ghana Card images (front and back, for KYC verification of agents and sellers)
  • User role selection (Buyer, Seller, or Agent)

Property Information:

  • Property details (type, location, price, description, photos)
  • Property documents (site plans, indentures, title certificates)

Payment Information:

  • Subscription plan selection and billing history
  • Payment method details (processed and stored by Paystack, not by NestHQ)

Technical Information:

  • Device type and browser information
  • IP address and approximate location
  • Usage patterns and page interactions

2. How We Use Your Information

We use the information collected for the following purposes:

  • Account Management: Creating and maintaining your account, processing OTP verification
  • Property Matching: Showing relevant listings based on your preferences and search history
  • Communication: Sending account notifications, listing updates, and platform announcements
  • KYC Verification: Verifying the identity of sellers and agents to maintain platform trust
  • Payment Processing: Managing subscription billing and payment records
  • Analytics: Understanding platform usage to improve our services
  • Security: Detecting and preventing fraud, unauthorized access, and platform abuse

3. Data Storage

Your data is stored securely using the following infrastructure:

  • All data is stored on Supabase cloud infrastructure with encryption at rest and in transit
  • Ghana Card images for KYC are stored in secure, access-controlled storage buckets
  • Database access is protected by Row Level Security (RLS) policies
  • Service role access is restricted to authorized backend operations only

4. Third-Party Services

NestHQ integrates with the following third-party services:

  • Supabase: Authentication (OTP email verification), database storage, and file storage
  • Paystack: Secure payment processing for subscriptions (MoMo, card payments)
  • Termii: SMS notifications and communication services
  • Unsplash: Stock imagery used on the platform (no user data shared)

Each third-party service operates under its own privacy policy. We encourage you to review their respective policies.

5. Data Sharing

We share your information only in limited circumstances:

  • Agent/seller phone numbers are shared with interested buyers who initiate contact via WhatsApp
  • Basic listing information (property details) is publicly visible on the platform
  • Payment data is shared with Paystack solely for transaction processing
  • We may disclose information if required by law or court order in Ghana

We do not sell your personal data to third parties. We do not share your Ghana Card images with anyone outside our verification team.

6. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data (subject to legal retention requirements)
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing of your data for specific purposes

To exercise any of these rights, contact us via the channels listed in Section 12.

7. Cookies and Local Storage

NestHQ uses the following browser storage mechanisms:

  • Authentication Sessions: Stored via Supabase auth tokens to keep you signed in
  • Theme Preferences: Your display preferences stored in local storage
  • Rate Limiting: Session storage to prevent abuse of OTP requests

We do not use third-party tracking cookies or advertising cookies.

8. Data Retention

  • Active Accounts: Your data is retained for as long as your account remains active
  • Deleted Accounts: Personal data is purged within 90 days of account deletion
  • Payment Records: Transaction records are retained as required by Ghana tax law
  • KYC Documents: Ghana Card images are deleted within 90 days of account closure

9. Children's Privacy

NestHQ is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a person under 18, we will take steps to delete that information promptly.

10. Security Measures

We implement the following security measures to protect your data:

  • End-to-end encryption for data in transit (HTTPS/TLS)
  • Encryption at rest for stored data
  • Row Level Security (RLS) policies ensuring users can only access their own data
  • Service role protection for backend operations
  • OTP-based authentication (no passwords stored)
  • Client-side rate limiting to prevent brute force attacks
  • Regular security reviews and updates

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes:

  • The "Last updated" date at the top will be revised
  • Significant changes will be communicated via platform announcement or email
  • Continued use of the platform after changes constitutes acceptance of the updated policy

12. Contact for Data Requests

For any privacy-related questions or data requests, contact us:

  • WhatsApp: +233 244 000 000
  • Email: privacy@nesthq.dev
  • Location: Juaboso District, Western North Region, Ghana

We will respond to data requests within 30 days.

13. Legal Compliance

NestHQ operates in compliance with the Ghana Data Protection Act, 2012 (Act 843). This legislation governs the collection, processing, and storage of personal data in Ghana.

For users in the European Union, we also respect the principles of the General Data Protection Regulation (GDPR) where applicable, including data minimization, purpose limitation, and the right to erasure.

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Data Protection Commission of Ghana.

Terms of ServiceRefund PolicyBack to Home