top of page

Privacy Policy 

Arno Privacy Policy
Effective date: 17th May 2026
Controller: Arno
Contact: info@arnopro.co

Arno is an NDPC-approved Data Controller/Processor of Major Importance (DCPMI) under NDPA 2023 / GAID 2025. This can be verified on the NDPC register. View our NDPC certification here

 

1. Introduction

This policy explains how we handle personal data on the Arno platform. We have written it in plain
English so you can see what we collect, why, and what choices you have. If anything is unclear, write
to us at info@arnopro.com.

2. Who We Are

Arno is a SaaS platform operated by Arnopro Ltd. We help talents build professional profiles and
connect with recruiters and employer clients (“recruiters”). Arno is the data controller for personal
data we collect to run the platform, and we comply with the Nigeria Data Protection Act, 2023
(“NDPA”) and the NDPC General Application and Implementation Directive, 2025 (“GAID”).
We are working to confirm our classification with the Nigeria Data Protection Commission
(“NDPC”) within the timeframe set by GAID, and we will update this policy once that classification
is finalised.

3. What This Privacy Policy Covers

This policy applies to:
• the Arno website;
• the Arno SaaS platform and associated services; and
• communications you receive from us as a user, recruiter, or enterprise contact.
It does not cover:
• recruiters’ and employer clients’ own privacy practices when they make hiring decisions —
they are independent controllers for those activities and have their own policies; and
• third-party websites or services we link to.

4. The Personal Data We Collect

We collect only what we need to run the platform.

  • Account data — name, email, phone, user ID, password hash, multi-factor authentication data, session and sign-in records

  • Profile and professional data — CV/résumé content, employment history, education, skills, and certifications you add directly or import via a connected account such as Google.

  • Recruitment data — job applications, JD–CV match scores, shortlist status, interview schedules, and business interview notes recorded by recruiters

  • Communications — in-app messages, service emails, and calendar invites sent or received through Arno.

  • Usage and device data — IP address, device type, operating system, browser, and interaction logs, used for security and product improvement.

  • Security and audit logs — sign-in events, access trails, and administrator actions.

  • Payment and billing references — invoice and transaction reference numbers. We do not store card numbers; card payments are handled by PCI-compliant payment processors.

  • Enterprise client contacts — names, work emails, phones, job titles, billing or technical-contact roles, seat assignments, and administrator audit trails.

  • Special-category and children’s data. We do not collect health, religion, biometric, or children’s data by default, and we ask you not to upload it. If you need to share sensitive information for a specific lawful purpose, contact us first.

How We Collect Personal Data

We collect personal data:
directly from you when you create an account, complete your profile, apply for roles, post
jobs, send messages, or contact support;
automatically when you use the platform — for example, device data, interaction logs, and
cookies;
• from services you authorize through OAuth — for example, profile or calendar data from
Google; and
from a recruiter or employer if you are a candidate added to a hiring workflow, or an
enterprise user added to a company seat.

How We Use Personal Data

If you choose to connect your Google account using OAuth 2.0, we will request permission to access certain information from your respective profile. This may include your name, profile picture, email address, job title, education, certifications, and other professional information.

7. How We Use Your OAuth Data:

• Profile Creation: Your Google data will be used to populate your profile on our platform, making it easier for you to connect with recruiters and present your professional credentials. It will also be used for scheduling preliminary chats.

• We will not store or use your Google login credentials

User Control of Personal Data: You have control over the data shared and can disconnect your Google account at any time.

8. Sharing Your Information

• With Service Providers: Third parties who assist us in operating our platform, conducting our business, or serving our users.

 

• For Legal Reasons: When required by law or to protect our rights, property, or safety.

 

• With Your Consent: Sharing information with recruiters or potential employers, with your consent, as part of our talent-recruiter matching services.

 

• Business Transfers: In the event of a merger or acquisition, your data may be transferred to the new entity, with appropriate safeguards in place.

9. Data Retention:

We retain your personal information for as long as necessary to provide our Services, comply with legal obligations, resolve disputes, and enforce these Terms. Specific retention periods may vary based on the type of data and the purpose for which it was collected. Retention periods by category are set out in our Data Retention & Storage Policy..

 

You can request the deletion of your Account and personal data at any time by contacting us at info@arnopro.com. Upon such request, deleted accounts are removed from production within 30 days; backups expire on a 30-day rolling basis. Legal holds pause deletion for specific records as required by law or for legitimate business purposes.

​10. Data Security 

We employ robust security measures to protect your data from unauthorized access, alteration, misuse, disclosure or destruction. We use industry-standard measures to protect your data, including:

 

• Encryption: Encryption of data in transit (SSL/TLS) and at rest.

 

• Access Control: Limiting access to personal data to authorized personnel only.

• Regular Audits: Conducting regular security assessments to ensure the ongoing security of your data. In the event of a data breach, we have procedures in place to promptly address and mitigate the impact. We will notify affected users and relevant authorities as required by law.

 

While we follow industry best practices to ensure the security of your data, please note that no internet-based service can guarantee absolute security

11. Your Rights

• Access and Update: You can access, review, update, or delete your personal information at any time.

 

• Opt-Out: You have the right to opt-out of certain uses of your information, such as direct marketing communications.

Data Portability: You have the right to receive a copy of the information you have provided in a structured, commonly used, and machine-readable format.

 

• Disconnect your Google account from our platform.

We respond within 30 days (extendable as permitted). Requests: info@arnopro.com. If unresolved, you may contact the Nigeria Data Protection Commission (NDPC).

12. Children

Our services target adults (18+). We do not knowingly process children’s data

13. Cookies and Tracking Technologies

We use cookies and other tracking technologies to collect information about your interactions with our platform, improve user experience, and personalize content. You can adjust your browser settings to reject cookies, but this may impact the functionality of our services. For more information on how we use cookies, please review our Cookies Policy.

14. Changes to This Privacy Policy 

We may modify this policy from time to time to reflect changes in our practices or relevant regulations. We will provide notice of any significant changes through our platform or by contacting you directly. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy regularly.

bottom of page