Legal

Privacy Policy

Last updated: June 18, 2026 · CipherSense AI Technologies Ltd.

Compliance framework: Nigeria Data Protection Act 2023 (NDPA) & Nigeria Data Protection Regulation 2019 (NDPR).

1. Introduction

CipherSense AI Technologies Ltd. ("CipherSense", "we", "our", or "us") is committed to protecting the privacy of every individual and organisation that interacts with our platforms. This Privacy Policy explains how we collect, use, store, share, and protect personal data when you access or use:

ciphersense.ai: our primary corporate website
CipherSense Agents (agents.ciphersense.ai): our enterprise AI agent orchestration platform
DataLens Africa (datalens.africa): our hyperlocal data platform
CropSense AI (cropsense.africa): our agricultural intelligence platform

Collectively referred to as the "Platforms". By accessing or using any of these Platforms, you consent to the practices described in this Policy.

2. Data Controller

CipherSense AI Technologies Ltd. is the data controller responsible for all personal data collected across our Platforms. For data processed by affiliate platforms (DataLens Africa, CropSense AI, CipherSense Agents), CipherSense AI Technologies Ltd. acts as the primary data controller unless otherwise stated in a separate data processing agreement.

Registered Name: CipherSense AI Technologies Ltd.
Contact: hello@ciphersense.ai
Phone: +234-916-000-3266

3. Information We Collect

We collect different categories of data depending on the Platform you use and how you interact with it.

3.1 Information You Provide Directly

Identity Data: Full name, job title, company name, and professional role.
Contact Data: Email address, phone number, and physical or registered business address.
Account Credentials: Usernames, passwords (stored in hashed form), and authentication tokens.
Communications: Messages, support tickets, demo requests, and feedback submitted through any Platform.
Agricultural Data (CropSense AI): Field identifiers, crop types, plot coordinates, farm size, and yield data submitted by users of the CropSense AI platform.
Enterprise Workflow Data (CipherSense Agents): Business process descriptions, task configurations, tool integrations, and agent instructions provided when setting up or running AI agents.
Dataset Submissions (DataLens Africa): Data files, annotations, labelling inputs, or other data assets submitted by users for processing, enrichment, or export through the DataLens platform.

3.2 Information Collected Automatically

Usage Data: Pages visited, features used, session duration, click paths, and interaction patterns across all Platforms.
Technical Data: IP address, browser type and version, device type, operating system, screen resolution, and network information.
Log Data: Server logs, error reports, API call records, and agent execution logs (CipherSense Agents).
Location Data: Approximate geolocation derived from IP address. For CropSense AI, precise GPS coordinates may be collected where explicitly enabled by the user.
Cookies & Tracking: Session cookies, preference cookies, and analytics identifiers. See Section 9 for full details.

3.3 Information from Third Parties

Satellite & Remote Sensing Data (CropSense AI): Satellite imagery and spectral data from third-party providers, linked to field coordinates you supply.
Integration Data (CipherSense Agents): Data retrieved from your connected third-party tools, ERP systems, databases, or APIs as part of agent task execution, processed only as instructed by you.
Public & Licensed Datasets (DataLens Africa): Publicly available or licensed data sources combined with user-provided data to enrich datasets.
Referral Sources: Information about how you found us (e.g., via a partner, event, or social platform) where voluntarily disclosed.

4. How We Use Your Data

We process your data only for lawful purposes. The table below maps data uses to their legal basis:

Operate and deliver our Platforms and servicesContract performance

Authenticate users and manage account accessContract performance / Legitimate interest

Execute AI agent tasks as configured by you (CipherSense Agents)Contract performance

Process, enrich, and return datasets (DataLens Africa)Contract performance

Generate satellite-based crop analytics (CropSense AI)Contract performance

Send transactional emails (receipts, alerts, system notices)Contract performance

Respond to support requests and enquiriesLegitimate interest

Improve product features and user experienceLegitimate interest

Send marketing communications (with opt-out)Consent

Detect and prevent fraud, abuse, and security threatsLegitimate interest / Legal obligation

Comply with applicable Nigerian and international lawLegal obligation

Enforce our Terms of ServiceLegitimate interest

5. Platform-Specific Data Practices

5.1 CipherSense Agents

When you use CipherSense Agents to orchestrate AI workflows, the platform processes data your agents retrieve from connected systems. This data is processed solely on your instruction and is not used for CipherSense's own purposes. Agent execution logs are retained for audit and governance purposes for a period of 90 days unless otherwise agreed. Human-in-the-loop review records are retained for the duration of your subscription.

5.2 DataLens Africa

DataLens Africa processes datasets submitted or commissioned by enterprise users. Data submitted for annotation, enrichment, or validation is handled by vetted human reviewers bound by confidentiality agreements. Raw submitted data is retained for the period required to complete processing and then deleted or returned as agreed. Enriched outputs and derived datasets may be retained in anonymised or aggregated form to improve platform quality.

5.3 CropSense AI

CropSense AI collects field coordinates, crop metadata, and satellite imagery to generate agricultural intelligence. Precise geolocation data is treated as sensitive and is only processed with your explicit consent. Field-level data is linked to your account and is not shared with third parties except to the extent required to source satellite imagery. Aggregated, anonymised crop pattern data may be used to improve platform models.

6. Data Sharing & Disclosure

We do not sell, rent, or trade your personal data. We may share data in the following limited circumstances:

Service Providers: Cloud hosting, infrastructure, analytics, and payment providers who process data on our behalf under written data processing agreements.
Satellite Data Providers (CropSense AI): Third-party providers of satellite imagery who receive field coordinates solely to return relevant imagery.
Regulatory Authorities: Government bodies or regulators where disclosure is required by law, court order, or regulatory investigation.
Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the successor entity subject to equivalent protections.
With Your Consent: Any sharing beyond the above will only occur with your explicit, informed consent.

7. Data Retention

We retain personal data only for as long as necessary for the purposes set out in this Policy, or as required by law. General retention periods:

Account Data: Retained for the duration of your account plus 12 months after closure, unless a longer period is required by law.
Agent Execution Logs (CipherSense Agents): 90 days, unless extended by agreement.
Dataset Processing Records (DataLens Africa): 30 days post-delivery, after which raw inputs are deleted.
Field & Crop Data (CropSense AI): Retained for the active subscription period plus 6 months.
Marketing Data: Until you withdraw consent or opt out.
Legal & Compliance Records: Up to 7 years as required by Nigerian law.

8. Data Security

We implement technical and organisational measures appropriate to the sensitivity of the data we process, including:

Encryption of data in transit (TLS 1.2+) and at rest (AES-256)
Role-based access controls limiting data access to authorised personnel
Regular security assessments and penetration testing
Incident response procedures and breach notification protocols
Confidentiality agreements for all staff and contractors with data access

No method of transmission over the internet is completely secure. While we take all reasonable precautions, we cannot guarantee absolute security. You should use strong passwords, keep credentials confidential, and notify us immediately if you suspect unauthorised access to your account.

9. Cookies & Tracking Technologies

Our Platforms use the following categories of cookies:

Strictly Necessary: Required for basic platform functionality such as authentication and session management. Cannot be disabled.
Performance & Analytics: Help us understand how users interact with our Platforms so we can improve them. Includes tools such as anonymised analytics trackers.
Functional: Remember your preferences and settings to personalise your experience.
Marketing: Used only with your consent to deliver relevant content and track campaign effectiveness.

You can manage cookie preferences through your browser settings at any time. Disabling certain cookies may limit the functionality of our Platforms.

10. Your Rights

Under the Nigeria Data Protection Act 2023 and NDPR 2019, you have the following rights in relation to your personal data:

Right of Access: Request a copy of the personal data we hold about you.
Right to Rectification: Ask us to correct inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal data where there is no lawful reason for us to continue processing it.
Right to Restrict Processing: Ask us to pause processing your data in certain circumstances.
Right to Data Portability: Receive your data in a structured, machine-readable format.
Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent: Where processing is based on consent, withdraw that consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at hello@ciphersense.ai. We will respond within 30 days. We may request proof of identity before processing your request.

11. Children's Privacy

Our Platforms are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a minor, we will promptly delete it. If you believe a minor has provided data to us, please contact us immediately.

12. International Data Transfers

Our Platforms are hosted on cloud infrastructure that may be located outside Nigeria. Where personal data is transferred internationally, we ensure that adequate safeguards are in place, including standard contractual clauses or equivalent protections, in compliance with the NDPA 2023.

13. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Material changes will be notified via email or prominent notice on our Platforms at least 30 days before taking effect. The "Last updated" date at the top of this page reflects the most recent revision. Continued use of our Platforms after any change constitutes acceptance of the revised Policy.

14. Contact & Complaints

For privacy-related questions, requests, or complaints, please contact our Data Protection Officer:

Email: hello@ciphersense.ai
Phone: +234-916-000-3266

If you are not satisfied with our response, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.