Services Work ThreatFade About Blog Pricing Careers Start a project →
HomePrivacy Policy

Privacy Policy

Last updated: April 2025 · Tinlance Limited

1. Who we are

Tinlance Limited ("Tinlance", "we", "us", "our") is a registered engineering studio in Nigeria (RC: RC: 7962164). We operate the website https://tinlance.com and the ThreatFade cybersecurity product. We are committed to protecting your personal data in accordance with the Nigeria Data Protection Regulation (NDPR) 2019, the Nigeria Data Protection Act 2023 (NDPA), and applicable international standards including the EU General Data Protection Regulation (GDPR) where applicable.

Data Controller contact: [email protected]

2. What data we collect

We collect the following categories of personal data:

  • Contact data: Name, email address, company name, project description — when you submit an enquiry or contact form.
  • Waitlist data: Name, email, use case, organisation — when you join the ThreatFade waitlist.
  • Newsletter data: Email address — when you subscribe to our newsletter.
  • Payment data: Billing information is processed directly by our payment providers (Paystack, Stripe, LemonSqueezy). We store invoice amounts and references but never store card numbers.
  • Usage data: IP address, browser type, pages visited, referral source — collected via analytics tools (Google Analytics, Microsoft Clarity) with your consent.
  • Cookie data: See our Cookie Policy.

3. How we use your data

We use your data for the following purposes and legal bases:

  • Responding to project enquiries — Legitimate interest / pre-contractual necessity
  • Sending invoices and processing payments — Contract performance
  • Sending the ThreatFade waitlist confirmations and updates — Consent
  • Sending newsletters you subscribed to — Consent
  • Analytics and site improvement — Consent (cookie consent)
  • Security monitoring and fraud prevention — Legitimate interest
  • Legal compliance and record-keeping — Legal obligation

We do not sell, rent, or share your personal data with third parties for marketing purposes.

4. Data retention

We retain personal data for as long as necessary for its purpose:

  • Enquiries: 3 years from date of submission, or the duration of a client relationship.
  • Invoice and payment records: 7 years (Nigerian tax and financial record requirements).
  • Newsletter subscribers: Until you unsubscribe. You can unsubscribe at any time via the link in any email.
  • Waitlist: Until ThreatFade launches or you request removal.
  • Analytics data: As per Google Analytics and Microsoft Clarity default retention settings.

5. Third-party services

We use the following third-party processors who may access your data as part of service delivery:

  • Paystack — payment processing (Nigerian cards)
  • Stripe — international payment processing
  • LemonSqueezy (Stripe-owned) — merchant of record for international digital sales
  • Google Analytics & Google Tag Manager — website analytics
  • Microsoft Clarity — session recording and heatmaps
  • Tawk.to — live chat support

Each processor is subject to their own privacy policy and data protection obligations.

6. Your rights

Under the NDPR, NDPA, and GDPR (where applicable), you have the right to:

  • Access a copy of the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict processing of your data
  • Withdraw consent at any time (where processing is consent-based)
  • Lodge a complaint with the Nigeria Data Protection Commission (NDPC) or your local supervisory authority

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

7. Cookies

We use cookies for analytics and functionality. You can manage your cookie preferences via our cookie consent banner or our Cookie Policy page. You can also disable cookies in your browser settings.

8. Security

We implement technical and organisational measures to protect your data, including encrypted data transmission (HTTPS/TLS), hashed password storage, rate limiting, and access controls. However, no transmission over the internet is 100% secure.

9. Changes to this policy

We may update this policy from time to time. Material changes will be notified via the website or by email. The "Last updated" date at the top indicates when the policy was last revised.

10. Contact

Tinlance Limited
Email: [email protected]
Nigeria