Home Pricing About Privacy Get Started Free

Privacy Policy

Last updated: March 21, 2026

This Privacy Policy describes how Tireda ("we," "us," or "our"), the company behind JustPayroll, collects, uses, and shares your personal information when you use our payroll platform at justpayroll.ng (the "Service").

By using JustPayroll, you agree to the collection and use of your information in accordance with this policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Information You Provide

  • Account information: Phone number, email address, name, and password when you create an account.
  • Organization information: Business name, address, and registration details when you create an organization.
  • Employee information: Names, bank account numbers, bank names, salaries, and deduction details that you enter for payroll processing.
  • Payment information: Wallet funding details processed through our payment partner, Paystack.

1.2 Information Collected Automatically

  • Usage data: Pages visited, features used, actions taken within the platform, timestamps, and session duration.
  • Device information: Browser type, operating system, device type, and IP address.
  • Cookies: We use essential cookies for authentication (HttpOnly session cookies) and do not use third-party tracking cookies.

1.3 Information from Third-Party Sign-In

If you sign in using a third-party provider (Google, Facebook, GitHub, or Microsoft), we receive your name, email address, and profile picture from that provider. We do not receive or store your password from these providers.

2. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Process payroll, transfer funds to employee bank accounts, verify bank details, and manage your organization.
  • Authenticate your identity: Verify your account through phone OTP or third-party authentication providers.
  • Maintain records: Keep payroll run history, audit logs, and deduction records for your organization's accounting purposes.
  • Communicate with you: Send essential service notifications (payroll confirmations, transfer status updates, security alerts).
  • Improve the Service: Analyze usage patterns to improve features, fix bugs, and enhance security.
  • Comply with legal obligations: Meet our legal and regulatory requirements.

3. How We Share Your Information

We do not sell your personal information. We share your data only with the following parties, and only as necessary to operate the Service:

3.1 Payment Processor — Paystack

We share employee bank account details and transfer amounts with Paystack to process salary payments. Paystack processes this data under their own privacy policy and is PCI-DSS compliant.

3.2 Authentication Providers

If you choose to sign in via OAuth, the following providers receive limited information:

These providers only receive the information necessary to verify your identity. We do not share your payroll or employee data with them.

3.3 Communication Provider — Twilio

We use Twilio to send OTP (one-time password) messages to your phone number for authentication purposes.

3.4 Infrastructure Providers

Our Service runs on Cloudflare (frontend and API) and Amazon Web Services (async processing). These providers process data under their respective privacy policies and data processing agreements.

3.5 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request.

4. Data Storage and Security

  • All data is encrypted in transit (TLS/HTTPS) and at rest.
  • Authentication uses HttpOnly, Secure cookies — session tokens are never exposed to client-side JavaScript.
  • Passwords are hashed using bcrypt and never stored in plain text.
  • We maintain a complete audit trail of all administrative actions.
  • Access to production systems is restricted to authorized personnel only.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data: Retained while your account is active. You can request deletion at any time.
  • Payroll records: Retained for a minimum of 6 years after the payroll run date, in compliance with Nigerian tax and business record-keeping requirements.
  • Audit logs: Retained for a minimum of 3 years.
  • OTP tokens: Automatically deleted after expiration (typically 10 minutes).

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to certain processing of your data.

To exercise any of these rights, contact us at privacy@tireda.com.

7. Cookies

JustPayroll uses only essential cookies required for the Service to function:

  • auth_token: An HttpOnly, Secure cookie containing your encrypted session token. This cookie is required for authentication and cannot be accessed by JavaScript.

We do not use advertising cookies, analytics cookies, or any third-party tracking technologies.

8. Children's Privacy

JustPayroll is a business service and is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

9. International Data Transfers

Our Service uses infrastructure located in multiple regions. Your data may be processed in countries other than your country of residence. When we transfer data internationally, we ensure appropriate safeguards are in place to protect your information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this page periodically.

11. Nigeria Data Protection Regulation (NDPR)

In compliance with the Nigeria Data Protection Regulation (NDPR), we confirm that:

  • We process personal data lawfully, fairly, and in a transparent manner.
  • Personal data is collected for specified, explicit, and legitimate purposes.
  • We implement appropriate technical and organizational measures to protect personal data.
  • Data subjects have the right to request access, rectification, and erasure of their personal data.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: