Legal Document

Privacy Policy

YPP Mandate — Official 2026 Party Primaries E-Voting Platform

Version: 1.0Effective Date: 1 May 2026Regulatory Framework: NDPA 2023 | NDPR 2019 | Electoral Act 2022

The Young Progressives Party (“YPP”) and VoteTrack Ltd are committed to protecting the personal data of every individual who uses the YPP Mandate e-voting platform. This Privacy Policy explains what personal data we collect, why we collect it, how we use and protect it, and what rights you have under the Nigeria Data Protection Act 2023 (NDPA) and the Nigeria Data Protection Regulation 2019 (NDPR).

This policy applies to all users of vote.ypp.ng — including voters, aspirants, panel members, and administrators — in connection with the 2026 YPP Ward, LGA, State, and Presidential Party Primaries. It should be read together with our Terms of Service and Data Protection Policy.

1

Who We Are & Policy Overview

Young Progressives Party (YPP) is a registered Nigerian political party operating under the Constitution of the Federal Republic of Nigeria 1999 (as amended) and the Electoral Act 2022. YPP is the Data Controller for personal data processed through the YPP Mandate platform.

VoteTrack Ltdis the technology provider that designed, built, and maintains the YPP Mandate platform. VoteTrack Ltd acts as a Data Processor on YPP's behalf, processing personal data only on YPP's documented instructions and for no other purpose.

This Platform is used exclusively for YPP internal party primaries. It is not a commercial service and does not sell, monetise, or use voter data for advertising or any non-electoral purpose.

Our Core Privacy Commitment: The most sensitive piece of data in any election — how you voted — is technically impossible for us to access. The ballot secrecy architecture ensures that your vote choice is never linked to your identity, even in our own database.
2

Data Controller & Processor

RoleEntityResponsibility
Data ControllerYoung Progressives Party (YPP)Determines the purposes and means of processing personal data on this Platform. Registered with NITDA under the NDPA 2023.
Data Processor (Technology)VoteTrack LtdProcesses data solely on YPP's instructions. Maintains the Platform infrastructure, security controls, and audit trails. Bound by a Data Processing Agreement with YPP.
Data Processor (Infrastructure)Supabase, Inc.Cloud database and authentication infrastructure provider. Processes data in accordance with Supabase's Data Processing Agreement, ISO 27001 certification, and SOC 2 Type II compliance.
Data Processor (Communications)SMS Gateway Provider (TBC)Processes phone numbers for UVP delivery. Bound by NDPA-compliant data processing terms. Numbers not stored beyond delivery confirmation.
3

Personal Data We Collect

3.1 Data Sourced from the YPP Member Registry (Read-Only)

The Platform accesses the following fields from the YPP Member Registry (portal.ypp.ng) in read-only mode to establish voter eligibility. We do not write to, modify, or delete any member data:

Data FieldPurposeRetention
Member ID / Membership NumberLink voter to their VoterRegister entry; INEC registerDuration of electoral cycle + 7 years (INEC requirement)
Full Legal NameVoter roll, INEC register, accreditation verificationDuration of electoral cycle + 7 years
Phone Number (last 4 digits for UVP)Default UVP generation (bcrypt-hashed; plain text not stored after generation)Hash stored; plain digits purged after UVP delivery
State / LGA / WardAssign voter to correct VotingSession; delegate resolutionDuration of electoral cycle + 7 years
Membership Status / DateEligibility verification; cutoff date enforcementDuration of electoral cycle + 7 years
INEC PVC Number (if available)INEC register submission requirementDuration of electoral cycle + 7 years (INEC requirement)

3.2 Data Generated by Platform Use

DataPurposeRetention
Accreditation timestamp & session IDConfirm voter checked in; official electoral record7 years minimum (INEC)
Device type / user agent (anonymised)Fraud detection; integrity monitoring90 days, then aggregated
IP address (partial — last octet masked)Denial-of-service detection; geographic consistency check30 days, then purged
UVP hash (bcrypt)Verify PIN at ballot time; never reversible to plain textDuration of VotingSession, then purged
Vote Receipt TokenVoter self-verification; integrity audit7 years (INEC)
Accreditation count contributionINEC turnout report7 years (INEC)

3.3 Aspirant-Specific Data

DataPurposeRetention
Aspirant application details (office sought, supporting docs)Screening, INEC submission7 years
Screening outcome & panel notesINEC compliance, appeal record7 years
Appeal submissionsInternal tribunal, potential court record10 years
Consensus / withdrawal consentINEC mandatory record10 years
Aspirant login credentials (email + bcrypt password hash)Account access controlUntil account deletion or 2 years post-primary

3.4 Panel / Administrator Data

Panel members and administrators who access the screening or administrative dashboards provide their name, party role, and login credentials. This data is used solely for access control, audit trail attribution, and INEC compliance reporting.

4

Data We Do NOT Collect

Critical Distinction: We do not collect, and are architecturally incapable of collecting, your vote choice linked to your identity.

The following data is not collected by this Platform:

  • How you voted — The Vote table contains no member_id column. Your ballot choice and your identity exist in separate, uncrossable database structures.
  • Your plain-text UVP — UVPs are hashed immediately upon generation. Plain-text PINs are transmitted once (via SMS) and are never stored anywhere on the Platform.
  • Biometric data — No fingerprints, facial recognition, or other biometric data are collected.
  • Financial data — No payment card details or bank account information are collected.
  • Location data — No GPS coordinates or precise location data are collected.
  • Social media profiles or third-party account data.
  • Sensitive personal data beyond what is strictly necessary for electoral eligibility (e.g., health data, religious beliefs, ethnic origin are not collected).
6

How We Use Your Data

We use personal data collected through the Platform for the following specific purposes:

  • Electoral administration: Generating and managing VoterRegisters, processing accreditation, administering ballots, and producing official results.
  • INEC compliance: Producing and submitting the INECRegisterSubmission, INEC Result Reports, compliance items, and all other documents required by INEC within statutory deadlines.
  • Voter authentication: Verifying UVPs at the time of voting to prevent double voting and enforce session eligibility.
  • Aspirant management: Processing applications, conducting screening, recording appeals and consensus decisions, and maintaining required INEC records.
  • Platform security and integrity: Detecting and preventing fraud, system abuse, and prohibited conduct as defined in the Terms of Service.
  • Audit and forensic review: Maintaining a tamper-evident log of all Platform activities to support post-election audits, INEC inspections, and court proceedings if required.
  • Voter verification: Allowing voters to verify their own participation via the Receipt Token system (never revealing vote choices).
We do not use your personal data for: marketing, profiling, advertising, sale to third parties, research (beyond electoral administration), or any purpose not listed above.
7

Data Sharing & Disclosure

7.1 Mandatory INEC Disclosure

We are legally required to provide the following to INEC upon demand or in accordance with the statutory schedule: VoterRegister snapshots, accreditation counts, result reports, and such other records as INEC may require under the Electoral Act 2022. These disclosures are mandatory and cannot be withheld.

7.2 Authorised Processors

We share personal data with our authorised data processors (Supabase, Inc. and the SMS gateway provider) only to the extent necessary for them to perform their contracted services. All processors are bound by NDPA-compliant Data Processing Agreements.

7.3 Law Enforcement & Courts

We will disclose personal data to the Nigerian Police Force, INEC, the office of the Director of Public Prosecutions, or any court of competent jurisdiction where required by law, valid court order, or search warrant.

7.4 YPP Internal Bodies

Authorised YPP officials (Electoral Committee members, National Working Committee) may access voter register data, accreditation records, and aspirant data for legitimate electoral administration purposes. Access is role-based and logged.

7.5 No Commercial Sharing

We do not sell, rent, trade, or otherwise transfer your personal data to any commercial third party for any commercial purpose, including advertising, data brokerage, or market research.

7.6 Aggregated Data

We may publish or share aggregated, anonymised statistics (e.g., total voter turnout by state, number of aspirants per office) that cannot reasonably be used to identify any individual.

7

International Data Transfers

The Platform's primary cloud infrastructure is provided by Supabase, Inc., which may store and process data on servers located in the United States of America and/or the European Union.

In conducting these transfers, we rely on the following safeguards in compliance with NDPA 2023 and NDPR 2019 requirements for cross-border data transfers:

  • Contractual clauses: Our Data Processing Agreement with Supabase incorporates Standard Contractual Clauses approved by the Nigeria Data Protection Commission (NDPC).
  • Technical safeguards: All data is encrypted in transit (TLS 1.3) and at rest (AES-256), and Supabase is ISO 27001 certified and SOC 2 Type II compliant.
  • Data minimisation: Only the minimum necessary data is stored in the cloud infrastructure. Sensitive operational data uses additional application-level encryption.
If you are concerned about cross-border data transfers, note that the electoral obligation to administer these primaries using NDPA-compliant cloud infrastructure is the legal basis upon which this transfer is conducted. You may raise concerns with the NDPC (see Section 14).
8

Data Retention

Data CategoryRetention PeriodBasis
VoterRegister (locked snapshots)7 years from election dateElectoral Act 2022; INEC Guidelines
Accreditation records7 years from election dateElectoral Act 2022
INEC submission records10 yearsINEC archival requirements
Vote Receipt Tokens (anonymised)7 yearsElectoral integrity; INEC audit rights
Aspirant application & screening records7 years from election dateElectoral Act 2022
Appeal records10 years (potential court use)Evidence Act 2011; Electoral Act 2022
Consensus consent records10 yearsINEC mandatory; Evidence Act 2011
Audit trail / system logs2 yearsLegitimate interest (security)
Partial IP addresses30 daysLegitimate interest; proportionality
Aspirant account credentials2 years post-primary or until deletionContractual
SMS delivery logs (anonymised)90 daysLegitimate interest (delivery verification)
Aggregated, anonymised analyticsIndefiniteNo personal data; public interest

Upon expiry of the applicable retention period, data is securely deleted using cryptographic erasure (for cloud-stored data) or physical destruction (for any printed records). Where data forms part of an ongoing legal proceeding, retention is extended until the proceeding concludes.

9

Security Measures

We implement the following technical and organisational measures to protect your personal data:

Schema-Level Ballot Secrecy

Vote table contains no member_id — architectural guarantee, not policy.

SECURITY DEFINER Procedures

All votes are cast exclusively through cast_vote_secure — no direct table insertion possible.

bcrypt PIN Hashing

UVPs are hashed with bcrypt (cost factor 12) immediately upon generation. Plain text is never persisted.

Row Level Security (RLS)

Database-level access controls ensure each role sees only the data it is authorised to see.

VoterRegister Immutability

Once snapshot_locked = true, the register is frozen at the database level. No UPDATE is possible.

Encryption in Transit

All communications use TLS 1.3 with HSTS enforcement.

Encryption at Rest

All database storage uses AES-256 encryption at the infrastructure level.

Tamper-Evident Audit Trail

All administrative actions are logged with timestamps, user IDs, and action types.

Access Control

Principle of least privilege enforced. Role-based access (voter / aspirant / panel / admin).

Penetration Testing

Platform subjected to independent security assessment prior to each election cycle.

10

Your Rights Under the NDPA 2023

As a data subject under the Nigeria Data Protection Act 2023, you have the following rights with respect to your personal data processed on this Platform:

Right to Information

You have the right to be informed about how your data is used. This Privacy Policy fulfils that obligation.

Right of Access

You may request a copy of the personal data we hold about you. Requests will be responded to within 21 days.

We cannot provide your ballot choice because it is technically inaccessible — the secrecy architecture makes it impossible.

Right to Rectification

You may request correction of inaccurate personal data. Note that the VoterRegister is locked once a snapshot is taken — corrections must be submitted before the snapshot date.

Corrections to INEC-submitted records require INEC approval.

Right to Erasure

You may request deletion of personal data that is no longer necessary.

We are unable to delete electoral records that are required by the Electoral Act 2022 or INEC for the statutory retention period. Such requests will be refused with reasons, and you retain the right to complain to the NDPC.

Right to Object to Processing

You may object to processing based on legitimate interests. We will assess your objection and cease processing unless compelling legitimate grounds override your interests.

Objection to legally mandated electoral processing (e.g., INEC submission) cannot succeed but will be considered.

Right to Data Portability

You may request a copy of data you provided to us in a structured, machine-readable format.

Applies only to data you actively provided (e.g., aspirant applications), not to data derived from electoral administration.

Right Not to Be Subject to Automated Decisions

No solely automated decisions with significant legal effects are made about you on this Platform. Eligibility determinations are reviewed by the YPP Electoral Committee.

To exercise any of these rights, contact our Data Protection Officer at dpo@votetrack.ng. Requests are processed within 21 days; complex requests may be extended by a further 30 days with notice.

11

Children's Data

This Platform is intended solely for use by persons aged 18 years or older (the minimum voting age under the Constitution of the Federal Republic of Nigeria 1999). We do not knowingly collect personal data from persons under 18.

If you believe a person under 18 has used this Platform, please contact us immediately at dpo@votetrack.ng. Any data collected from a minor will be deleted promptly upon verification.

12

Cookies & Tracking Technologies

12.1 Essential Cookies Only

This Platform uses only essential, strictly necessary cookies and session storage for:

  • Maintaining your authenticated session during the voting window;
  • Storing temporary accreditation state (client-side, cleared on session end);
  • Preventing cross-site request forgery (CSRF tokens).

12.2 No Tracking Cookies

We do not use: advertising cookies, third-party analytics cookies (including Google Analytics), social media pixels, tracking beacons, or any cookie that persists beyond your session. No cross-site tracking of any kind is deployed on this Platform.

12.3 PWA Cache

The Platform uses a Progressive Web App (PWA) service worker to cache static assets for offline use and improved performance. No personal data is stored in the PWA cache.

13

Complaints, Contact & Supervisory Authority

13.1 Data Protection Officer

Our Data Protection Officer can be reached at:

Data Protection Officer — VoteTrack Ltd

Email: dpo@votetrack.ng

Subject line: YPP Mandate — Privacy Request

Ref: YPP/ICT/EVOT/001/2026

13.2 Supervisory Authority

If you are not satisfied with our response to a privacy complaint, you have the right to lodge a complaint with Nigeria's data protection supervisory authority:

Nigeria Data Protection Commission (NDPC)

Website: ndpc.gov.ng

Email: info@ndpc.gov.ng

14

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our data practices, or the Platform's features. Material changes will be notified via SMS or in-Platform notice at least seven (7) days before taking effect.

The current version is always accessible at vote.ypp.ng/legal/privacy. Your continued use of the Platform after any change constitutes acceptance.

No change to this policy will retroactively alter the legal basis or manner in which we processed data prior to the change.

NDPA 2023 Compliance Statement

This Privacy Policy is published in compliance with Sections 24 and 25 of the Nigeria Data Protection Act 2023 and Article 2.5 of the Nigeria Data Protection Regulation 2019. YPP is registered with the Nigeria Data Protection Commission (NDPC) as a data controller. VoteTrack Ltd is registered as a licensed data protection compliance organisation.

© 2026Young Progressives Party & VoteTrack Ltd | Ref: YPP/ICT/EVOT/001/2026