Privacy Policy

Last updated: 29 May 2026

Goallord Creativity Limited ("Goallord", "we", "us") operates goallordcreativity.com, including our creative agency services and Goallord Academy. This policy explains what personal data we collect, why, and your rights under the Nigeria Data Protection Act (NDPA) 2023 and related regulations.

1. Information we collect

Contact & enquiry data: name, email, phone number and message when you submit a contact, project enquiry, or live-chat request.
Academy application data: name, email, phone, track/programme of interest, background and goals when you apply.
Account data: name, email and a securely hashed password for student, lecturer and staff dashboards.
Payment data: amounts, references and status. Card details are entered directly with our payment processor (Paystack) and are never stored on our servers.
Order data: products purchased and delivery/contact details for shop orders.
Technical data: IP address, browser type and usage analytics for security and improving the site.

2. How we use your data

To respond to enquiries and provide our services.
To process academy applications, enrolment, payments and issue receipts.
To operate dashboards, attendance, assignments and communications.
To send service emails (and SMS for payment confirmations) and, where you consent, updates.
To secure our systems, prevent fraud, and meet legal obligations.

3. Lawful basis

We process data on the basis of your consent, the performance of a contract (e.g. delivering a programme or service you paid for), our legitimate interests in operating and securing the business, and compliance with legal obligations.

4. Sharing & third parties

We share data only with service providers that help us operate, under appropriate safeguards:

Paystack — payment processing.
Cloudinary — image/file hosting.
Brevo — transactional email & SMS.
Supabase — database hosting.

We do not sell your personal data.

5. Cookies

We use essential cookies for authentication and security (including a session token and a CSRF token) and limited analytics. You can control cookies in your browser; disabling essential cookies may break sign-in.

6. Data retention

We keep personal data only as long as needed for the purposes above or as required by law (e.g. financial records). You may request deletion subject to those obligations.

7. Your rights

Under the NDPA you have the right to access, correct, delete, or restrict processing of your data, to object, and to data portability. To exercise these rights, contact us at hello@goallordcreativity.com.

8. Security

We use HTTPS, hashed passwords, optional two-factor authentication, and access controls. No method of transmission is 100% secure, but we take reasonable measures to protect your data.

9. Children

Our services are intended for users 16 and older. We do not knowingly collect data from children without guardian consent.

10. Changes & contact

We may update this policy and will revise the date above. Questions or requests: hello@goallordcreativity.com, Goallord Creativity Limited, No. 1 Mission Road, Onitsha, Anambra State, Nigeria.