DURODOLA Subscribe

Legal

Privacy Policy

This policy explains how durodola.africa collects, uses, and protects your data. It covers your rights under Nigerian, European, and US law.

NDPR — Nigeria GDPR — European Union CCPA — California, USA

Last updated: June 18, 2026  ·  Effective: June 18, 2026

1. Who We Are

This website, durodola.africa, is operated by Durodola Abdulhad A., Founder and CEO of Ascent Tech Hub Africa, based in Nigeria. References to "we," "us," or "our" in this policy refer to Durodola Abdulhad and durodola.africa.

This site publishes Africa opportunity intelligence — analysis, research, and strategic insight on African fintech, venture capital, business strategy, and technology ecosystems.

Data Controller contact:
Email: privacy@durodola.africa
Website: https://durodola.africa

2. Data We Collect

We collect only what is necessary to operate this website and serve our readers. We do not sell your personal data.

2.1 Data You Provide Directly

  • Email address — when you subscribe to our newsletter or contact us
  • Name — optional, when submitted via contact or consulting inquiry forms
  • Message content — when you contact us directly via email or inquiry form

2.2 Data Collected Automatically

  • IP address — collected by our analytics provider (Google Analytics 4), anonymised
  • Browser type and version
  • Device type (mobile, desktop, tablet)
  • Pages visited, time spent, scroll depth — via Google Analytics 4
  • Referring URL — where you came from before visiting this site
  • Country/region — approximate geographic location derived from IP address
  • Cookie identifiers — see Section 5 for full cookie details

2.3 Data We Do NOT Collect

  • Payment card or financial account details
  • Government-issued ID numbers
  • Health or biometric data
  • Precise geolocation data
  • Social media passwords or private account data

3. How We Use Your Data

We use collected data for the following purposes:

  • Delivering the newsletter — sending intelligence reports and articles to subscribers
  • Responding to inquiries — replying to consulting requests and messages
  • Improving the website — understanding which content performs well and how visitors navigate the site (via analytics)
  • Displaying relevant advertising — through Google AdSense (see Section 4)
  • Legal compliance — fulfilling obligations under applicable data protection laws
  • Security — detecting and preventing fraudulent or abusive access

We do not use your data for automated decision-making, profiling for marketing purposes, or any purpose incompatible with those listed above.

4. Third-Party Services

This site uses the following third-party services that may process your data:

Third-Party Data Processors
  • Google Analytics 4 — website analytics. Data processed in the US. IP anonymisation enabled. Google Privacy Policy
  • Google AdSense — advertising. May set cookies to serve relevant ads. Google Ads Policy
  • Substack — newsletter delivery platform. Email addresses are shared with Substack to deliver newsletters. Substack Privacy Policy
  • LinkedIn — content distribution platform. No personal data from site visitors is shared with LinkedIn. LinkedIn Privacy Policy
  • Dev.to (Forem) — article republication platform. Canonical URLs link back to durodola.africa. Dev.to Privacy Policy
  • Meta (Facebook, Instagram, Threads) — content distribution. No visitor data from this site is shared with Meta. Meta Privacy Policy
  • Vercel — website hosting. Server logs may include IP addresses and request metadata. Vercel Privacy Policy

Each third-party processor operates under their own privacy policy and data processing agreements. We have selected providers who meet GDPR adequacy standards where applicable.

5. Cookies

Cookies are small text files stored in your browser. This site uses the following categories of cookies:

5.1 Strictly Necessary

Required for the site to function. Cannot be disabled. These do not collect personal data.

5.2 Analytics Cookies

Google Analytics 4 sets cookies to measure site usage. Data is aggregated and anonymised. Cookie names include _ga, _ga_XXXXXXXXXX. These cookies expire after 2 years. You can opt out via Google Analytics Opt-out Browser Add-on.

5.3 Advertising Cookies

Google AdSense may set cookies to serve relevant advertisements based on your browsing behaviour. You can manage ad preferences via Google Ads Settings or opt out via Network Advertising Initiative.

5.4 Managing Cookies

You can control cookies through your browser settings. Disabling analytics or advertising cookies will not affect your ability to read content on this site. Instructions for major browsers:

6. Data Retention

  • Newsletter subscriber emails — retained until you unsubscribe. On unsubscription, deleted within 30 days.
  • Inquiry/contact form messages — retained for 12 months after final correspondence, then deleted.
  • Analytics data — retained for 14 months in Google Analytics (maximum for GA4 free tier), then automatically deleted.
  • Server logs — retained by Vercel for up to 30 days for security purposes.

You may request deletion of your data at any time — see Section 13.

7. Your Rights Under Nigerian Law (NDPR)

NDPR — Nigeria Data Protection Regulation

The Nigeria Data Protection Regulation (NDPR) 2019, issued by the National Information Technology Development Agency (NITDA), grants Nigerian residents the following rights:

NDPR Rights
  • Right to Consent — We collect your data only with your informed consent or another lawful basis under the NDPR.
  • Right of Access — You may request a copy of the personal data we hold about you.
  • Right to Rectification — You may request correction of inaccurate or incomplete data.
  • Right to Erasure — You may request deletion of your personal data where we no longer have a lawful basis to retain it.
  • Right to Object — You may object to processing of your data for marketing purposes at any time.
  • Right to Complain — You may lodge a complaint with NITDA: www.nitda.gov.ng

Our lawful basis for processing personal data under the NDPR is:

  • Consent — for newsletter subscriptions and optional form submissions
  • Legitimate interest — for website analytics to improve content
  • Legal obligation — where required by Nigerian law

8. Your Rights Under EU Law (GDPR)

GDPR — General Data Protection Regulation

If you are located in the European Economic Area (EEA), you are protected by the General Data Protection Regulation (EU) 2016/679. You have the following rights:

GDPR Rights
  • Right of Access (Article 15) — Request a copy of your personal data and information about how we process it.
  • Right to Rectification (Article 16) — Request correction of inaccurate data.
  • Right to Erasure / "Right to be Forgotten" (Article 17) — Request deletion of your data where processing is no longer justified.
  • Right to Restriction of Processing (Article 18) — Request that we limit how we use your data in certain circumstances.
  • Right to Data Portability (Article 20) — Request your data in a machine-readable format to transfer to another controller.
  • Right to Object (Article 21) — Object to processing based on legitimate interests or for direct marketing.
  • Rights Related to Automated Decision-Making (Article 22) — We do not use automated decision-making or profiling that produces legal effects.
  • Right to Withdraw Consent — Where processing is based on consent, you may withdraw at any time without affecting prior processing.
  • Right to Lodge a Complaint — With your national supervisory authority (e.g., ICO in the UK, CNIL in France, DPC in Ireland).

Legal Basis for Processing (GDPR Article 6)

  • Article 6(1)(a) — Consent: Newsletter subscriptions
  • Article 6(1)(f) — Legitimate interests: Website analytics, security monitoring, responding to direct inquiries
  • Article 6(1)(c) — Legal obligation: Where required by applicable law

International Data Transfers

Some third-party processors (Google, Vercel, Substack) are based in the United States. Transfers to these processors are covered by Standard Contractual Clauses (SCCs) or equivalent adequacy mechanisms under GDPR Chapter V. By using this site, you acknowledge these transfers.

9. Your Rights Under California Law (CCPA/CPRA)

CCPA — California Consumer Privacy Act

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) grants you the following rights:

CCPA/CPRA Rights
  • Right to Know — You may request disclosure of the categories and specific pieces of personal information we have collected about you in the past 12 months, including the sources, business purposes, and third parties with whom it is shared.
  • Right to Delete — You may request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Correct — You may request correction of inaccurate personal information we hold about you.
  • Right to Opt-Out of Sale or SharingWe do not sell your personal information. We do not share your personal information with third parties for cross-context behavioural advertising. Google AdSense may use cookies for ad personalisation — you can opt out via Google Ads Settings.
  • Right to Limit Use of Sensitive Personal Information — We do not collect sensitive personal information as defined by CPRA.
  • Right to Non-Discrimination — We will not discriminate against you for exercising your CCPA rights. We will not deny services, charge different prices, or provide lower quality service.

Categories of Personal Information Collected (CCPA)

  • Identifiers — Email address (newsletter subscribers only), IP address (analytics)
  • Internet or network activity — Pages visited, browsing behaviour on this site (via Google Analytics)
  • Geolocation data — Country/region only, derived from anonymised IP. Not precise location.
  • Inferences — Google Analytics may generate inferences about content preferences

Submitting a CCPA Request

To submit a "Request to Know," "Request to Delete," or "Request to Correct," email us at privacy@durodola.africa with the subject line "CCPA Privacy Request." We will respond within 45 days. We may need to verify your identity before processing the request.

California residents may also designate an authorised agent to submit requests on their behalf.

10. Children's Privacy

This website is not directed at children under the age of 13 (or 16 in the EU under GDPR). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us immediately at privacy@durodola.africa and we will delete it promptly.

11. Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These measures include:

  • HTTPS encryption for all data transmitted to and from this site
  • Hosting on Vercel's secure, SOC 2-compliant infrastructure
  • Access controls limiting who can access subscriber data
  • Regular review of third-party processor security practices

No method of transmission over the internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. Continued use of durodola.africa after changes are posted constitutes acceptance of the updated policy.

For significant changes affecting your rights, we will notify newsletter subscribers directly by email.

13. Data Deletion Request

You have the right to request deletion of your personal data at any time, regardless of your location. To request deletion:

How to Request Data Deletion

Option 1 — Email request:
Send an email to privacy@durodola.africa with the subject line: "Data Deletion Request". Include the email address associated with your account/subscription. We will confirm deletion within 30 days.

Option 2 — Newsletter unsubscribe:
Click the "Unsubscribe" link at the bottom of any newsletter email. This removes your email from our mailing list immediately. Analytics data (which does not contain your email) is retained per Section 6.

Upon receiving a verified deletion request, we will:

  • Delete your email from our newsletter list
  • Delete any stored consultation inquiry messages associated with your email
  • Request deletion from Substack if your email was synced there
  • Confirm completion of deletion to you in writing within 30 days

Note: Anonymised analytics data (not linked to your identity) and server log data required for security purposes may be retained per our standard retention periods.

14. Contact Us

For any questions, requests, or complaints about this Privacy Policy or our data practices, contact us at:

Durodola Abdulhad A.
Data Controller, durodola.africa
Email: privacy@durodola.africa
Website: https://durodola.africa

We aim to respond to all privacy inquiries within 5 business days. For formal rights requests (access, deletion, portability), we will respond within the legally required timeframe for your jurisdiction: 30 days (NDPR/GDPR) or 45 days (CCPA).

Supervisory Authorities

If you are not satisfied with our response, you may contact the relevant supervisory authority for your jurisdiction:

  • Nigeria: National Information Technology Development Agency (NITDA) — nitda.gov.ng
  • European Union: Your national data protection authority (list at edpb.europa.eu)
  • United Kingdom: Information Commissioner's Office (ICO) — ico.org.uk
  • California: California Privacy Protection Agency — cppa.ca.gov