Effective date: June 15, 2026. This policy applies to Kredl websites, dashboards, portals, payment experiences, communications, and related services.
Introduction
This Privacy Policy describes how Kredl Ltd ("Kredl", "we", "us", or "our") collects, uses, stores, and protects information when schools, staff, parents, guardians, and students use our school finance platform.
Kredl provides tools for school fee setup, invoicing, collections, reconciliation, receipts, reminders, parent access, reporting, and related finance operations. By using Kredl, you agree to the practices described in this policy.
The Information We Collect
We collect information required to provide, secure, and improve Kredl. This may include account information, school information, student and parent records, payment details, transaction records, support messages, and technical information about how the platform is used.
For schools and staff, this may include names, work email addresses, phone numbers, roles, permission settings, school details, and activity logs. For parents and guardians, this may include contact details, payer records, payment references, invoices, receipts, and communication preferences.
- Identity and contact information, such as name, email address, and phone number.
- School and student records needed to create invoices, receipts, ledgers, and payment plans.
- Payment and transaction information, including amounts, references, status, and reconciliation history.
- Device, browser, IP address, usage, and log information used for security and platform reliability.
Information Automatically Collected From Your Computer
When you access Kredl, we may automatically collect technical information such as your browser type, device information, IP address, pages visited, session activity, and error logs. We use this information to keep Kredl secure, monitor service performance, diagnose issues, and improve the product experience.
We may also use cookies or similar technologies to keep you signed in, remember preferences, understand product usage, and protect against unauthorized access.
How We Use The Personal Information You Provide
We use personal information to operate Kredl and deliver school finance workflows. This includes creating and managing school accounts, setting up fee structures, generating invoices and receipts, processing collections, matching payments, sending notifications, supporting users, and producing reports.
We may also use information to prevent fraud, enforce access controls, comply with legal or regulatory obligations, maintain audit logs, improve our services, and communicate important product or account updates.
Transfer of Personal Information
Kredl may process information through trusted service providers that support hosting, analytics, payments, communication, security, customer support, and related operations. Where information is transferred or processed outside Nigeria, we take reasonable steps to ensure appropriate safeguards are in place.
We do not sell personal information. We only share information where necessary to provide Kredl, comply with law, protect our rights, support school finance operations, or with appropriate instruction from the school or account owner.
Our Lawful Basis For Processing Personal Information
We process personal information where it is necessary to provide Kredl, perform our contractual obligations, comply with legal requirements, protect legitimate business interests, maintain security, or where consent has been provided.
Schools that use Kredl are responsible for ensuring they have the appropriate basis to provide student, parent, guardian, and staff information to Kredl for school finance administration.
Advertisement and Information About Other Products and Services
We may send product updates, service notices, operational messages, and relevant information about Kredl features. Users may opt out of non-essential marketing communications where applicable, but important service, security, and transaction messages may still be sent.
Children and Students
Kredl processes student information on behalf of schools for legitimate school finance purposes. We limit student data collection to information needed for invoicing, payment allocation, receipt generation, ledgers, reporting, and related support.
Student records are controlled by authorized school users. Parents and guardians may access information made available to them through the payer portal or school-approved channels.
Security and Retention
We use administrative, technical, and organizational safeguards designed to protect information from unauthorized access, loss, misuse, alteration, or disclosure. These safeguards include role-based access, secure infrastructure, audit logs, encryption where appropriate, and operational controls.
We may use Cloudflare Turnstile to help protect our forms and services from spam, abuse, and automated submissions. Turnstile may verify visitors silently, including in invisible mode, without showing a visible security challenge. Cloudflare processes limited technical information for this purpose as described in the Cloudflare Turnstile Privacy Addendum: https://www.cloudflare.com/en-gb/turnstile-privacy-policy/.
We retain information for as long as needed to provide Kredl, support schools, meet legal, tax, accounting, and audit requirements, resolve disputes, and enforce agreements. Retention periods may vary depending on the type of record and applicable obligations.
Compliance with Local and International Regulatory Best Practices
We aim to handle personal information in line with applicable data protection requirements and recognized privacy and security practices. This includes limiting access, keeping records accurate where possible, responding to appropriate rights requests, and working with schools to support lawful processing.
Change to Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date and may notify users through the platform, email, or another appropriate channel.
Continued use of Kredl after an update means the revised policy applies from the stated effective date.
Complaints and Remedies
If you have questions, concerns, or complaints about how we handle personal information, please contact us first so we can review and respond. You may also have the right to contact the relevant data protection authority, depending on your location and the nature of your concern.
Questions and Enquiries
For privacy enquiries, data requests, or questions about this policy, contact us at privacy@kredl.ng. For data protection matters, you may also contact dpo@kredl.ng.