Privacy Policy

Effective date: 3 April 2026 · Last updated: 3 April 2026

This Privacy Policy describes how Lift (“we”, “us”, or “our”) collects, uses, stores, and shares personal information when you use the Lift mobile application, related websites (including this site), and our services (collectively, the “Services”). Lift operates a technology platform connecting riders, drivers, and transport operators for inter-city and related travel, primarily in Nigeria.

1. Who is responsible?

The data controller for personal data processed through the Services is the entity operating Lift as disclosed in the app, on your receipt or contract, or as required by law. For privacy requests, use the support channel identified in the app or the contact details you have been given for your region.

2. Information we collect

Depending on how you use Lift, we may collect:

• Account and contact data: phone number (often in E.164 format), OTP verification events, and optional profile details such as display name or email if you provide them.
• Identity and vehicle data (drivers): information and documents submitted for KYC (e.g. licence details, vehicle information, photographs) as required to operate safely and comply with our rules.
• Trip and booking data: routes, schedules, seat selections, prices, booking status, arrival or completion signals, ratings, and messages needed to run trips.
• Manifest and safety data (where applicable): for certain operator-run “public line” trips, we may collect passenger name, contact number, address, next-of-kin, and related notes as required for manifests and passenger safety. You will be asked to agree before we use this data for that trip.
• Payment data: wallet top-ups and payouts are processed by payment partners (e.g. Paystack). We do not store your full card number on Lift servers; we receive tokens, references, and transaction status needed to operate wallets and ledgers.
• Technical data: device type, app version, push notification tokens, IP address, and logs used for security, fraud prevention, and reliability.
• Communications: messages you send to support, dispute notes, and records needed to resolve incidents.

3. How we use information

We use personal data to:

• create and secure accounts (including OTP and SMS from providers such as Termii or others we configure);
• match riders and drivers, display trips, and operate bookings and escrow;
• verify drivers and vehicles where required;
• share necessary booking or manifest details with drivers, operators, or crew where the product requires it;
• process payments, settlements, refunds, and chargebacks in line with our Terms;
• detect, investigate, and prevent fraud, abuse, and security incidents;
• comply with legal obligations and respond to lawful requests;
• improve the Services and communicate service-related notices.

4. SMS and OTP

By providing your phone number, you agree to receive automated OTP and service messages as needed to verify your identity and protect your account. Message frequency varies. Message and data rates may apply depending on your carrier. You can contact support if you need help managing verification.

5. Sharing

We may share information with:

• Other users where needed to perform a trip (e.g. driver/rider contact or trip details).
• Operators you book with, including manifest fields where applicable and where you have consented.
• Service providers who host infrastructure, deliver notifications, process payments, or help us detect fraud — under appropriate contracts and safeguards.
• Authorities when required by law or to protect rights, safety, and security.

We do not sell your personal information.

6. Retention

We keep data only as long as needed for the purposes above, including legal, tax, and accounting requirements, dispute resolution, and fraud prevention. Some records may be retained longer where the law requires.

7. Security

We use administrative, technical, and organisational measures designed to protect personal data. No method of transmission or storage is 100% secure; we encourage strong device security and prompt reporting of suspicious activity.

8. Your rights

Depending on applicable law (including the Nigeria Data Protection Act where it applies), you may have rights to access, correct, delete, or restrict processing of your personal data, or to object to certain processing. You may also have the right to lodge a complaint with a supervisory authority. To exercise rights, contact us through support in the app or the contact channel we publish for your region.

9. International transfers

Our service providers may process data in Nigeria and other countries. Where we transfer personal data, we take steps designed to ensure appropriate safeguards consistent with applicable law.

10. Children

Lift is not directed at children under the minimum age required to enter a binding contract in your jurisdiction. We do not knowingly collect personal information from children.

11. Changes

We may update this Privacy Policy from time to time. We will post the updated version on this page and adjust the “Last updated” date. Continued use of the Services after changes means you accept the updated policy, except where your consent is required for material changes under applicable law.

12. Contact

Website: https://getlift.ng/. For privacy questions, email support@getlift.ng or use the in-app support flow in the Lift application.

This document is provided for transparency and does not constitute legal advice. You should have it reviewed by qualified counsel for your business and jurisdiction.