Last updated: July 2026
We collect information you provide directly: name, email address, phone number, and optionally a government-issued ID for verification. We also collect: transaction and booking history; wallet and withdrawal records; FX Exchange listings and trade activity; messages sent through the platform; device and browser information for security purposes; and your billing country (used solely to determine applicable VAT).
We use your data to: operate the delivery marketplace and FX Exchange; process bookings and payments; verify identities; calculate and apply VAT where required by law; manage your referral rewards; communicate with you about your account and transactions; improve our services; and comply with legal obligations.
Payments are processed by Paystack (Nigerian Naira card payments and wallet top-ups) and Stripe (international card payments). When you make a payment, you interact directly with their secure payment pages. We receive confirmation of payment but do not store your full card details. Each processor's own privacy policy governs how they handle your payment data: Paystack Privacy Policy · Stripe Privacy Policy.
Each registered user has a unique referral code. If you share a trip or delivery request using the in-platform share buttons, your referral code is embedded in the shared link. Anyone who visits that link and signs up will be linked to your referral account. We record this association to calculate and pay referral rewards. No personal information beyond your referral code is embedded in shared links.
We share only the information necessary to facilitate a booking — for example, your name and contact details with your matched traveller or sender. For FX trades, your display name is visible to matched counterparties. We do not sell your personal data to third parties.
Uploaded ID documents are stored securely and accessed only by CarryLink administrators for verification purposes. They are never shared with other users or third parties.
We use session cookies that are essential for platform operation (login state) and a CSRF security token. We do not use advertising or cross-site tracking cookies. See our Cookie Policy for full details.
Account data is retained while your account is active. Transaction records (bookings, FX trades, wallet history) may be retained for up to 7 years for financial record-keeping purposes. Upon account deletion, personal identification data is removed within 30 days, except where retention is required by applicable law.
You have the right to access, correct, or delete your personal data at any time. Log in and visit your Profile page, or contact us at the email below. For EU/EEA users, additional rights under GDPR apply including the right to data portability and to object to processing.
We use industry-standard measures including bcrypt password hashing, HTTPS, CSRF tokens, prepared SQL statements, restricted file access, and 48-hour bank-change cooldowns on withdrawals to protect your data and funds.
For privacy questions or data requests, contact us at admin@carrylink.top.