Privacy Policy — FormPilot

🔒 The short version: customers who fill bank forms via FormPilot links have zero form data stored on our servers. PDFs are generated entirely on their device. We collect only what's needed to run subscribing officer accounts, and we comply with the Nigeria Data Protection Act (NDPA) 2023.

Overview

FormPilot is a product of Syndra Technologies Limited ("Syndra", "we", "us", "our"). This Privacy Policy explains how we collect, use, and protect personal data when you use FormPilot at formpilot.ng and its related services.

This policy is governed by the Nigeria Data Protection Act (NDPA) 2023, the General Application and Implementation Directive (GAID) 2025 issued by the Nigeria Data Protection Commission (NDPC), and applicable international data-protection standards. The NDPA 2023 superseded the earlier NDPR 2019 framework.

FormPilot has been designed with privacy as a core architectural principle — particularly for the customers of account officers who fill bank forms through our platform. This policy covers both account officers (subscribers) and customers (form fillers).

Who we are

Syndra Technologies Limited is a company incorporated in the Federal Republic of Nigeria. FormPilot is our primary product, built to digitise and simplify bank-form completion for Nigerian financial-services professionals.

For the purposes of the NDPA, Syndra Technologies Limited is the Data Controller for personal data collected through FormPilot.

Registered address: 1 Lateef Dosunmu Street, Ifako, Gbagada, Lagos, Nigeria
Privacy contact: privacy@formpilot.ng
Data Protection Officer: FormPilot Privacy Team · dpo@formpilot.ng

What we collect

"Personal data" means any information relating to an identified or identifiable natural person, as defined in the NDPA 2023 (§65). The categories below describe what we collect, from whom, and why.

For account officers (subscribers)

When you create an account as an account officer, we collect:

Full name
Work email address
Phone number
Bank or financial institution name
Job role
Password (stored as a one-way hash — never in plain text)
Subscription and billing information (processed by our payment provider, Paystack)

When you use the Send Form feature, we record:

The form type and bank selected
The customer's name, and optional contact details (email, phone) you provide
The timestamp the link was generated and its expiry
Whether the link was completed (a binary completion signal — not the form data itself)
An audit log of officer actions (login, link generation, copy, resend) for accountability

For customers (form fillers)

When a customer opens a FormPilot link and fills a bank form:

We do not collect or transmit the form contents. All field data is processed entirely within the customer's web browser.
The PDF is generated on the customer's device using client-side JavaScript. No BVN, ID number, address, date of birth, signature image, or other field value reaches our servers.
If the officer entered the customer's name or contact details when generating the link, that limited information may be visible to the customer (and is held in our database under the officer's record).

Usage data

We collect standard web-analytics data including pages visited, browser type, device type, and approximate geographic region, used to improve the product. We do not link this data to individual customer identities.

What we don't collect

We are explicit about what we do not do:

We do not store any banking form data filled by customers (BVN, NIN, ID numbers, addresses, dates of birth, mothers' maiden names, etc.)
We do not share customer-entered form data with banks or any third party — there is no such data on our servers to share
We do not sell any personal data to advertisers or data brokers
We do not use personal data for behavioural profiling or targeted advertising
We do not read the contents of generated PDFs

How we use your data

For account officers, we use your data to:

Create, authenticate, and manage your account
Process your subscription payments via Paystack
Send you transactional product communications (link-completion notifications, security alerts, billing updates)
Send you marketing emails about new banks, new form types, and product news (you can opt out at any time, and consent is requested separately at signup)
Provide customer support
Maintain audit logs for security and accountability
Improve the FormPilot platform through aggregated analytics

Lawful basis for processing

Under the NDPA 2023, every processing activity must rest on a defined lawful basis. Ours are as follows:

Purpose	Lawful basis
Creating and operating an officer account; subscription billing	Performance of a contract
Transactional product emails (completion notifications, security alerts)	Performance of a contract
Marketing emails (banking news, new forms, product updates)	Consent (opt-in at signup; opt-out anytime)
Audit logging and security monitoring	Legal obligation (NDPA accountability principle) and legitimate interest (fraud prevention)
Aggregated platform analytics	Legitimate interest (product improvement)
Responding to your data-subject requests	Legal obligation (NDPA §§34–40)

Data retention

We retain personal data only as long as needed for the purposes above, after which it is deleted or irreversibly anonymised:

Data category	Retention period
Officer account profile (name, email, phone, role)	Duration of subscription + 6 years thereafter, to allow us to defend potential legal claims (Nigerian limitation period for simple contracts)
Form metadata (slug, customer name, status, timestamps)	12 months after the form is completed or expires; then anonymised
Form access codes (one-time link tokens)	Deleted on use, or up to 7 days after generation if unused
Audit log of officer actions	36 months (retained longer than form metadata to support post-incident investigation)
Email-delivery logs (held by Brevo)	Per Brevo's retention schedule (typically 30–90 days)
Customer form data (BVN, IDs, addresses, etc.)	Never stored on our servers

You may request earlier deletion of your account at any time — see Your rights.

Storage & security

Officer account data is stored in our managed Postgres database hosted by Supabase, with TLS 1.2+ encryption in transit and AES-256 encryption at rest. Access is restricted by Row-Level Security policies enforced at the database layer.

Customer form contents are never transmitted to our servers — they remain entirely within the customer's browser session and are discarded when the tab closes (the downloaded PDF is retained on the customer's device only).

Our security controls include: default-deny access policies, server-side brute-force lockout on access codes, append-only audit logging, Content Security Policy and other browser-security headers, and Sub-Resource Integrity on third-party scripts.

Cross-border transfers

Some of the third-party processors that support FormPilot store or process data outside Nigeria, primarily in the European Union and the United States:

Supabase — Postgres hosting in the European Union (Ireland, eu-west-1)
Vercel — application hosting and content delivery (US-headquartered, global edge network)
Brevo — transactional and marketing email (EU-headquartered)
Paystack — payment processing (Nigeria-headquartered, with US/EU sub-processors)

For each cross-border transfer, we rely on the safeguards permitted by NDPA §§41–44, including standard contractual clauses with our processors and reliance on adequacy-recognised jurisdictions where applicable. We have signed Data Processing Agreements (DPAs) with each processor that handles personal data on our behalf.

Third parties & sub-processors

The following third parties process personal data on our behalf:

Supabase, Inc. — Postgres database and authentication infrastructure for officer accounts and form metadata.
Vercel Inc. — application hosting and CDN. Vercel processes request logs that may include IP addresses for short retention windows.
Brevo SA (formerly Sendinblue) — transactional and marketing email delivery for officer-side communications.
Paystack Payments Limited — payment processing for officer subscriptions. Paystack's privacy policy applies to payment-card data.
Google LLC (Google Fonts) — font delivery. Google may receive your IP address when fonts load.

We do not use third-party advertising networks, social-media tracking pixels, or data-broker services.

Your rights

Under the NDPA 2023 and applicable international standards, you have the right to:

Access the personal data we hold about you (NDPA §34)
Correct inaccurate or incomplete data (NDPA §35)
Delete your account and associated data (NDPA §38 — right to erasure)
Restrict or object to certain processing (NDPA §§36–37)
Receive a copy of the data you provided in a portable format, where processed by automated means and on the basis of consent or contract (NDPA §39 — data portability). Note: this right does not extend to data inferred or generated by us about you.
Withdraw consent for marketing communications at any time
Lodge a complaint with the Nigeria Data Protection Commission at ndpc.gov.ng if you believe your rights have been violated (NDPA §41)
Not be subject to solely automated decision-making. FormPilot does not use automated decision-making or profiling to produce legal effects concerning you.

To exercise any of these rights, email us at privacy@formpilot.ng. We respond to verified requests within 30 days as required by the NDPA, with a possible extension of up to 30 additional days for complex requests — in which case we will inform you of the extension and the reason for it.

Breach notification

If we discover a personal-data breach that is likely to result in risk to the rights and freedoms of data subjects, we will:

Notify the Nigeria Data Protection Commission (NDPC) within 72 hours of becoming aware, in line with NDPA §40
Notify affected data subjects without undue delay where the breach is likely to result in high risk
Maintain an internal record of all breaches, including those not requiring notification

Cookies

We use a minimal set of cookies, all of which are functional:

Session cookies — to keep you authenticated as an account officer. These expire when you close your browser, or after 30 days if you select "Keep me logged in".
Preference cookies — to remember display preferences (optional).

Some of our third-party processors (Supabase Auth, Vercel, Paystack) may set their own cookies on your device when their services load. These are governed by their respective privacy policies — see Third parties for links and roles.

We do not use tracking, advertising, or third-party analytics cookies that identify individuals.

Children

FormPilot's officer-subscription service is for adult banking professionals only. Customers filling forms via FormPilot links may, depending on the destination bank's product, include minors (e.g. youth or student accounts) — in which case the bank's KYC, parental-consent, and onboarding procedures govern that interaction.

Under the NDPA, the digital age of consent in Nigeria is 13; data subjects under 13 require verifiable parental or guardian consent. We do not knowingly collect personal data on our servers from children under 13. If you believe we have inadvertently done so, please contact us and we will delete it promptly.

Policy changes

We may update this policy from time to time to reflect changes in our practices, our processors, or the law. When we do, we will update the "Last updated" date at the top of this page and, for material changes, notify account officers by email at least 14 days before the change takes effect. Continued use of FormPilot after the effective date constitutes acceptance of the updated policy.

Contact us

For any privacy-related questions, data-subject requests, or concerns:

Privacy team: privacy@formpilot.ng
Data Protection Officer: FormPilot Privacy Team — dpo@formpilot.ng
General enquiries: hello@formpilot.ng
Regulator: Nigeria Data Protection Commission — ndpc.gov.ng

Syndra Technologies Limited
1 Lateef Dosunmu Street, Ifako, Gbagada, Lagos, Nigeria

This policy was last updated on 3 May 2026.