Privacy Policy

We collect the following types of information when you use Miylo:

Account information: Your name, email address, phone number, and password when you register.

Location data: Your GPS coordinates or selected area within Epe, Lagos, used to show relevant vendors, calculate delivery routes, and assign the nearest available rider. We only collect location when you actively use the app.

Order data: Details of every order you place, including items ordered, vendor, delivery address, order value, and payment method.

Payment data: Transaction references and wallet balances. We do not store your card details — card payments are processed and secured by Paystack.

Pharmacy consultation data: Symptom categories, consultation messages, and prescriptions exchanged with pharmacists through Miylo Pharmacy. This data is treated with the highest level of privacy and is not used for marketing purposes.

Device and usage data: Browser type, device type, IP address, pages visited, and time spent — collected automatically to improve our service and detect fraud.

We use your information to:

• Create and manage your Miylo account
• Process and fulfil your orders
• Assign riders and facilitate delivery
• Process payments through Miylo Pay and Paystack
• Enable pharmacy consultations with licensed pharmacists
• Send order status updates and delivery notifications via SMS and WhatsApp
• Send pharmacy availability notifications via WhatsApp when you opt in
• Detect and prevent fraud, abuse, and fake orders
• Improve our platform through anonymised usage analytics
• Respond to your support requests

We do not use your data for targeted advertising. We do not sell your data to any third party.

By creating a Miylo account and providing your phone number, you consent to receiving transactional messages via SMS and WhatsApp. These include:

• Order confirmations and status updates
• Rider assignment and delivery notifications
• Pharmacy availability alerts (only if you opt in)
• Medication adherence reminders (only if enabled by your pharmacist)
• Important account and security alerts

You can opt out of non-essential WhatsApp communications at any time by contacting support@miylo.com. Transactional messages related to active orders cannot be disabled as they are necessary for service delivery.

We share your data only as necessary to provide our services:

Vendors: When you place an order, the vendor receives your order details and first name. They do not receive your full contact information, payment details, or order history with other vendors.

Miylo riders: Our employed riders receive your delivery address and first name to complete your delivery. They do not receive your full account information.

Pharmacists: When you start a consultation, the pharmacist receives the symptom category you selected and any notes you provide. Your full account details are not shared unless you choose to disclose them in the chat.

Paystack: Payment data is shared with Paystack to process transactions. Paystack's own privacy policy governs how they handle this data.

Groq AI: When you use Miylo Pharmacy, your symptom category and consultation notes may be processed by Groq's AI to generate clinical briefs and prescription suggestions for the pharmacist. This data is processed in anonymised form and is not stored by Groq beyond the immediate request.

Vercel and Neon: Our platform infrastructure is hosted on Vercel and Neon PostgreSQL. Your data is stored on their servers, primarily in the United States, under strict security standards.

We do not share your data with any advertising networks, data brokers, or social media platforms.

We treat pharmacy consultation data with the highest level of sensitivity. Your consultation history — including symptoms, messages, and prescriptions — is:

• Only visible to you and the pharmacist you consulted
• Accessible to Miylo administrators only in cases of formal dispute resolution or where required by Nigerian law
• Never used for marketing, advertising, or profiling purposes
• Retained for 3 years from the date of consultation, after which it is permanently deleted

We retain your data for the following periods:

• Account data: For as long as your account is active, plus 1 year after deletion request
• Order history: 1 year from order date
• Payment records: 1 year, as required for financial compliance
• Pharmacy consultation records: 3 years from consultation date
• Usage and device data: 90 days

After these periods, your data is permanently and irreversibly deleted from our systems.

You have the right to:

• Access: Request a copy of all personal data we hold about you
• Correction: Update inaccurate or incomplete personal data through your profile settings
• Deletion: Request permanent deletion of your account and all associated data, subject to retention requirements above
• Portability: Request your order and account data in a machine-readable format
• Opt-out: Opt out of non-essential WhatsApp communications at any time

To exercise any of these rights, contact us at support@miylo.com. We will respond within 14 business days.

We protect your data using industry-standard security measures including:

• HTTPS encryption for all data in transit
• Bcrypt password hashing — your password is never stored in plain text
• JWT token-based authentication
• Database access restricted to authorised Miylo systems only
• Regular security audits and vulnerability checks

Despite these measures, no internet-based service is 100% secure. If you suspect your account has been compromised, contact support@miylo.com immediately.

Miylo is not intended for users under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that a user is under 16 without parental consent, we will delete their account immediately. If you believe a child has registered without consent, contact support@miylo.com.

We may update this Privacy Policy from time to time. The effective date at the top of this page will reflect the most recent update. We will notify you of significant changes through the app or via SMS. Continued use of Miylo after changes are posted constitutes acceptance.

For any privacy-related questions, data requests, or concerns:

Email: support@miylo.com
Platform: miylo.vercel.app
Location: Epe, Lagos State, Nigeria