Compliance

Data Protection Impact Assessment

Public summary - last reviewed 2026-05-18. Full DPIA available on request to [email protected].

Purpose of Processing

Pejji is a professional website + business operations service for Nigerian businesses. We use AI to onboard customers via WhatsApp in 5 minutes, render their business website, and operate ongoing customer-facing communications on their behalf.

We process personal data for three concrete purposes: (1) to onboard the business owner and configure their site; (2) to render the public-facing website that serves the business's customers; (3) to maintain customer-support communications between the business owner and Pejji's service team.

Categories of Data Subjects

  • Pejji subscribers -business owners onboarding their business with us
  • Site visitors -members of the public visiting Pejji-built websites (limited to anonymous request metadata + opt-in contact form submissions)

Categories of Personal Data

  • Identification + contact -business name, location, business owner phone number, business operating hours
  • Content -product descriptions, product photos, voice notes (transcribed to text)
  • Service interaction -WhatsApp message history between subscriber and Pejji service team
  • Payment metadata -Paystack-issued subscription IDs and payment timestamps (NO card numbers; Paystack handles those)

Recipients

  • Cloudflare -CDN + hosting + WAF infrastructure
  • Paystack (Nigeria) -subscription billing + payment processing
  • Meta Platforms (via WhatsApp Cloud API) -WhatsApp message delivery
  • Anthropic (United States) -AI processing for conversational onboarding, site copy generation, and voice transcription
  • Pejji operator (Kingsley Olukanni / BlessedOps Group) -service supervision + escalation handling

Third-Country Transfers

Two recipients process data outside Nigeria:

  • Anthropic (United States) -AI inference. Governed by Standard Contractual Clauses (SCCs) incorporated into our service agreement. Inputs limited to minimum necessary; NOT retained for model training.
  • Meta / WhatsApp (United States, with edge presence) -message delivery only. Governed by the WhatsApp Business Policy + our Cloud API agreement.

Cloudflare's edge processing happens near the requester; persistent data is stored in our Nigerian-anchored configuration where the product supports it.

Retention Periods

  • Customer record (business profile + site config) -lifetime of subscription + 90-day re-activation grace period, then deletion
  • Product photos -up to 12 months after last login OR within 30 days of subscription cancellation
  • Voice notes (audio) -deleted within 30 days of receipt
  • Voice transcript (text) -retained only when used as site copy
  • WhatsApp message history -retained for 24 months for service quality + support
  • Payment metadata -retained per Paystack + tax-record requirements (currently 7 years per Nigerian law)
  • Operator logs -90 days, then aggregated/anonymized

You can request immediate deletion of any specific data class by emailing [email protected]. We act within 7 days per NDPA.

Risk Assessment + Mitigations

Headline residual risks and our mitigations:

  • Cross-border AI processing (Anthropic, US) -mitigated by SCCs + input minimization + no-model-training clause.
  • WhatsApp message metadata visible to Meta -mitigated by limiting content shared via WA to onboarding + service messages; sensitive payment data routed through Paystack-hosted pages.
  • Photo + voice note leak -mitigated by encryption-at-rest on Cloudflare R2 + access-controlled tokens for site rendering + 30-day deletion of voice audio.
  • Subprocessor change -mitigated by notifying subscribers via email + 30-day opt-out window before any new subprocessor is added.
  • Operator account compromise -mitigated by 2FA on Cloudflare + Paystack + Meta admin accounts, scoped API tokens, monthly automated security scans across customer subdomains.

Subject Rights + Contact

Under NDPA, you have the right to access, rectify, delete, or port your personal data. To exercise any of these rights:

  • Email: [email protected]
  • Postal: Pejji (BlessedOps Group), c/o Kingsley Olukanni, Calgary, Alberta, Canada / Lagos, Nigeria
  • Response time: within 7 days for routine requests; within 30 days for deletion or porting requests

If we cannot resolve your request, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC).

Full DPIA

This page is a public summary. The complete DPIA document (with auditor-reviewable risk-scoring matrix, processor-by-processor data-flow diagrams, and incident-response playbook) is available on request to [email protected].

Document last reviewed: 2026-05-18. Material changes are notified via your subscribed email + Pejji's privacy policy page.