Anomirasecurity
Get started free →

Legal

Privacy Policy

Last updated: 1 May 2026 · Effective date: 1 May 2026

Anomira (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect information when you use the Anomira platform and related services.

1. Information We Collect

  • Account data: When you sign up, we collect your name, email address, and organisation name. This information is required to create and manage your account.
  • API event data: When you integrate the Anomira SDK, your application sends API request metadata to our platform — including IP addresses, HTTP method, path, status code, and timing. We do not store request or response bodies.
  • Usage data: We collect information about how you use the Anomira dashboard, such as pages visited and features accessed, to improve the product.
  • Payment data: Billing is handled by Paystack. We receive only subscription status and billing cycle information — we never see your card details.

2. How We Use Your Information

  • To provide and operate the Anomira security platform.
  • To detect and alert you to threats against your API.
  • To send transactional emails (alerts, invoices, security notifications).
  • To improve and develop new features based on aggregate usage patterns.
  • We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Data Retention

  • Event and alert data is retained according to your subscription plan: 3 days (Free), 30 days (Starter), 90 days (Growth), or 365 days (Scale).
  • Account data is retained for the duration of your account. Upon account deletion, all associated data is permanently removed within 30 days.
  • Anonymised, aggregated threat intelligence data (e.g. community threat feed) may be retained indefinitely for platform security purposes.

4. Data Sharing

  • Infrastructure providers: We use cloud infrastructure providers (including PostgreSQL and ClickHouse hosting) to store data. These providers are contractually obligated to maintain data confidentiality.
  • Community threat feed: If you are subscribed to the federated threat network, attacker IP addresses observed across the platform may be anonymously shared with other Anomira customers. No personally identifiable information is included.
  • Legal obligations: We may disclose data where required by Nigerian law, court order, or to protect the rights and safety of Anomira and its users.

5. Your Rights Under the NDPA 2023

  • As a data subject under Nigeria's Data Protection Act 2023, you have the right to access the personal data we hold about you, request correction of inaccurate data, request deletion of your data (subject to legal retention obligations), object to certain processing activities, and data portability.
  • To exercise any of these rights, contact us at privacy@anomira.io. We will respond within 30 days.

6. Cookies

  • We use strictly necessary cookies to maintain your authenticated session. We do not use advertising or tracking cookies. You can disable cookies in your browser settings, but this will prevent you from logging in.

7. Security

  • We implement industry-standard security controls including encryption in transit (TLS 1.2+), encryption at rest, access control, and audit logging. Despite these measures, no system is completely secure. Please notify us immediately at security@anomira.io if you discover a vulnerability.

8. Changes to This Policy

  • We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting a notice in the dashboard. Your continued use of Anomira after the effective date constitutes acceptance of the updated policy.

9. Contact

  • Anomira is operated by SageGrey Technologies Ltd, registered in Nigeria.
  • Data Protection Officer: privacy@anomira.io
  • General enquiries: hello@anomira.io