Please read these terms carefully before using CheckIn. By using our platform, you agree to be bound by these terms.
These Terms of Use ("Terms") govern access to and use of CheckIn, a no-code identity verification and data collection platform provided by Dojah Technologies Limited ("Dojah", "we", "us", or "our").
CheckIn enables businesses and other organizations ("Client" or "you") to create verification flows, collect information from individuals, and perform identity checks using integrated third-party data sources and verification tools.
By creating an account, accessing, or using CheckIn, you acknowledge that you have read, understood, and agree to be bound by these Terms, including the Data Processing Addendum referenced herein, which forms an integral part of these Terms. If you are using CheckIn on behalf of an entity, you represent and warrant that you have the authority to bind that entity to these Terms, in which case "Client" or "you" refers to that entity.
If you do not agree to these Terms, you must not access or use CheckIn.
Dojah may update or modify these Terms from time to time. Where required, we will provide notice of material changes. Continued use of CheckIn following such updates constitutes acceptance of the revised Terms.
For the purposes of these Terms, the following definitions apply:
"Applicable Law" means all laws, regulations, regulatory requirements, and guidelines applicable to the processing of personal data and the use of the Services, including but not limited to data protection, privacy, and financial services laws.
"CheckIn" means the no-code verification platform made available by Dojah that enables Clients to create and deploy verification workflows, collect information from individuals, and access verification results through a web-based interface.
"Client" means any individual, company, or organization that registers for, accesses, or uses CheckIn for its own business or organizational purposes.
"Data Processing Addendum" or "DPA" means the data processing agreement incorporated into and forming part of these Terms, which governs the processing of Personal Data by Dojah on behalf of the Client.
"Personal Data" means any information relating to an identified or identifiable natural person, including any information defined as personal data, personal information, or similar under Applicable Law.
"Services" means the functionalities, features, and verification capabilities made available through CheckIn, including but not limited to identity verification checks, data collection tools, and access to verification results.
"Verification Data" means any data, information, documents, images, biometric data, or identifiers submitted by or relating to a Verification Subject through a CheckIn flow, including data collected, generated, or returned as part of the Services.
"Verification Subject" means any individual whose information is collected, submitted, or processed through CheckIn by or on behalf of the Client.
CheckIn is a web-based, no-code platform that enables the Client to design, deploy, and manage identity verification workflows ("Verification Flows") for the purpose of collecting and verifying information relating to Verification Subjects.
Through CheckIn, the Client may configure and combine various verification steps, including but not limited to identity number verification, biometric checks, document collection, phone verification, and custom data fields. Each Verification Flow generates a unique access link or QR code, which the Client may distribute to Verification Subjects for completion.
Verification Subjects access the Verification Flow directly and submit requested information through the interface provided by Dojah. Based on the configuration selected by the Client, Dojah facilitates the processing of such information, including the execution of verification checks through integrated third-party data sources and service providers. Results of such checks are made available to the Client via the CheckIn dashboard.
The Client acknowledges that:
Dojah may enhance, modify, or discontinue any aspect of the Services from time to time, provided that such changes do not materially reduce the core functionality of CheckIn without reasonable notice to the Client.
The Client acts as an independent data controller in respect of all Personal Data processed through CheckIn.
The Client is solely responsible for:
The Client acknowledges that it has full control over the configuration and use of CheckIn and that all Verification Flows are created and deployed at its discretion.
Dojah acts as a data processor on behalf of the Client and processes Personal Data solely in accordance with the Client's documented instructions as reflected in the Client's use and configuration of the Services.
Dojah's role is limited to:
Dojah does not determine:
Nothing in these Terms shall be construed as creating any partnership, joint venture, agency, or joint controller relationship between Dojah and the Client.
Dojah does not act on behalf of, or under the direction of, any Verification Subject and has no direct relationship with Verification Subjects beyond providing the interface through which the Services are delivered.
The Client bears full responsibility for:
Dojah shall not be responsible for reviewing, validating, or monitoring the legality, appropriateness, or necessity of any Verification Flow created by the Client.
Dojah does not have a direct contractual relationship with Verification Subjects and shall not be responsible for any obligations owed to them by the Client.
The Client shall, at all times, use the Services in compliance with these Terms and all Applicable Law. Without limiting the foregoing, the Client shall:
Ensure that it has a valid and lawful basis for the collection and processing of all Personal Data obtained through CheckIn, including where required under Applicable Law, obtaining valid and informed consent from Verification Subjects.
Provide Verification Subjects with clear, accurate, and sufficiently detailed information regarding:
prior to or at the point of data collection.
Limit the collection of Personal Data to what is adequate, relevant, and necessary for the stated purpose of the verification and avoid excessive or disproportionate data requests.
Where the Client configures Verification Flows that involve the collection or processing of sensitive Personal Data (including biometric data, government-issued identifiers, or financial identifiers), the Client shall:
Use Verification Data and any results obtained through the Services solely for the purpose(s) communicated to Verification Subjects and not for any unrelated, undisclosed, or unlawful purpose.
Ensure that any information provided by the Client within a Verification Flow, including descriptions, instructions, or stated purposes, is accurate, not misleading, and does not misrepresent the nature of the verification.
Comply with any applicable requirements, restrictions, or conditions imposed by third-party data sources or verification partners integrated into the Services, where such requirements are communicated to the Client.
Maintain the confidentiality of its account credentials and ensure that access to the Services is restricted to authorized personnel only. The Client shall be responsible for all activities conducted through its account.
The Client shall not use the Services, directly or indirectly, for any unlawful, harmful, or improper purpose. Without limitation, the Client shall not:
Use CheckIn to collect or process Personal Data without a valid legal basis or in violation of Applicable Law.
Misrepresent the purpose of any Verification Flow or collect information under false pretenses, including by providing incomplete, vague, or misleading descriptions to Verification Subjects.
Use the Services for covert surveillance, unauthorized monitoring, or tracking of individuals without their knowledge or where such use is prohibited under Applicable Law.
Use the Services to impersonate any person or entity, or to facilitate fraudulent, deceptive, or abusive activities.
Sell, license, disclose, or otherwise make available Verification Data to third parties except as permitted by Applicable Law and consistent with the purpose disclosed to Verification Subjects.
Interfere with, disrupt, or attempt to gain unauthorized access to the Services, systems, or networks used to provide CheckIn.
Circumvent or attempt to circumvent any safeguards, controls, or limitations implemented within the Services.
Dojah reserves the right to investigate suspected violations of this Section and to suspend or restrict access to the Services where reasonably necessary to prevent harm, ensure compliance, or mitigate legal or regulatory risk.
The Services may incorporate or rely on data, systems, and services provided by third parties, including but not limited to government agencies, financial institutions, and identity verification providers.
The Client acknowledges and agrees that:
Dojah does not guarantee that any verification check will:
To the extent that any third-party provider imposes specific requirements, limitations, or usage conditions, the Client agrees to comply with such requirements as may be communicated through the Services or otherwise.
Dojah processes Personal Data in connection with the Services in accordance with Applicable Law and its Privacy Policy.
As between the parties, the Client remains solely responsible for ensuring that Personal Data is collected and processed in compliance with Applicable Law, including fulfilling any obligations relating to transparency, lawful basis, and data subject rights. The Client shall be solely responsible for responding to any requests, complaints, or inquiries from Verification Subjects relating to the processing of their Personal Data.
Dojah implements appropriate technical and organizational measures designed to protect Personal Data against unauthorized access, loss, or misuse. Further details regarding such processing, including the scope, nature, and purpose of processing, are set out in the Data Processing Addendum.
Nothing in these Terms shall be interpreted as transferring responsibility for compliance with data protection obligations from the Client to Dojah, except to the extent expressly set out in the Data Processing Addendum.
The Data Processing Addendum ("DPA") forms an integral part of these Terms and governs the processing of Personal Data by Dojah on behalf of the Client.
By accepting these Terms, the Client also agrees to be bound by the DPA.
In the event of any conflict between these Terms and the DPA with respect to the processing of Personal Data, the provisions of the DPA shall prevail to the extent of such conflict.
Dojah retains Verification Data only for as long as necessary to provide the Services and in accordance with its data retention policies, unless otherwise required by Applicable Law.
The Client acknowledges that:
Verification Data shall be retained on CheckIn for a maximum period of six (6) months from the date of completion of the relevant verification or transaction.
Dojah may delete or anonymize Verification Data after the expiration of applicable retention periods or upon termination of the Client's access to the Services, subject to any legal or regulatory obligations requiring continued retention.
Where technically feasible, Dojah may provide tools enabling the Client to manage or request deletion of Verification Data.
Access to and use of certain features of the Services may be subject to fees based on a credit-based or other pricing model as communicated by Dojah from time to time.
The Client agrees to:
Unless otherwise expressly stated:
Dojah reserves the right to modify its pricing, credit structure, or billing terms upon reasonable notice. Continued use of the Services following such changes constitutes acceptance of the updated pricing.
Dojah may suspend access to the Services where payment is overdue or where the Client has insufficient credits to continue using the Services.
All rights, title, and interest in and to the Services, including all underlying software, technology, designs, and content (excluding Verification Data), are and shall remain the exclusive property of Dojah and its licensors.
The Client is granted a limited, non-exclusive, non-transferable, and revocable right to access and use the Services solely for its internal business purposes and in accordance with these Terms.
The Client retains all rights in and to any Verification Data it submits or collects through the Services, subject to the rights granted to Dojah to process such data in accordance with these Terms and the DPA.
The Client shall not:
Each party ("Receiving Party") agrees to keep confidential and not disclose any non-public, proprietary, or confidential information of the other party ("Disclosing Party") received in connection with the Services, including technical, business, or operational information.
The Receiving Party shall:
Confidential Information shall not include information that:
A Receiving Party may disclose Confidential Information where required by Applicable Law or a valid order of a court or regulatory authority, provided that (where legally permitted) it gives prior notice to the Disclosing Party.
The Services are provided on an "as is" and "as available" basis.
To the fullest extent permitted by Applicable Law, Dojah disclaims all warranties, representations, and conditions, whether express, implied, statutory, or otherwise, including any implied warranties of merchantability, fitness for a particular purpose, and non-infringement.
Without limiting the foregoing, Dojah does not warrant that:
The Client acknowledges that it is solely responsible for evaluating and determining the suitability of the Services for its intended use.
To the maximum extent permitted by Applicable Law, Dojah shall not be liable for any indirect, incidental, consequential, special, exemplary, or punitive damages, or for any loss of profits, revenue, business opportunity, goodwill, anticipated savings, or data, whether arising in contract, tort, negligence, strict liability, or otherwise, arising out of or in connection with these Terms or the use of the Services, even if advised of the possibility of such damages. Dojah shall not be liable for loss arising from third-party data providers and for inaccuracies in third-party data sources.
Dojah's total aggregate liability arising out of or relating to these Terms or the Services shall not exceed the total amount paid by the Client to Dojah for the Services in the twelve (12) months preceding the event giving rise to the claim.
Nothing in these Terms shall exclude liability to the extent that such exclusion is not permitted under Applicable Law.
The Client shall indemnify, defend, and hold harmless Dojah, its affiliates, and their respective officers, directors, employees, and agents from and against any and all claims, demands, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in connection with:
Dojah may suspend or restrict the Client's access to the Services where it reasonably determines that:
Either party may terminate these Terms at any time upon 30 (thirty) days written notice.
Upon termination:
Any provisions which by their nature are intended to survive termination shall continue in effect, including provisions relating to liability, indemnity, confidentiality, and data protection.
Dojah reserves the right to modify or update these Terms from time to time.
Where changes are material, Dojah will use reasonable efforts to provide notice to the Client, including through the platform or via email.
Continued use of the Services after such changes become effective constitutes acceptance of the revised Terms.
These Terms shall be governed by and construed in accordance with the laws of the Federal Republic of Nigeria, without regard to conflict of law principles.
The Parties shall first seek to resolve disputes through good-faith negotiations between senior management.
If the dispute is not resolved within thirty (30) days of escalation, the Parties shall submit the dispute to confidential mediation.
If the dispute remains unresolved following mediation, it shall be finally resolved by arbitration in accordance with the provisions of the Arbitration and Mediation Act 2023.
Nothing in this Section prevents either Party from seeking injunctive or equitable relief in a competent court to prevent irreparable harm.
Dojah shall provide technical support for the Services during its standard business hours. Support may include assistance with integration issues and general technical inquiries relating to the Services. Support is provided via designated communication channels, which may include email, ticketing systems, or dashboard-based support requests. Dojah does not guarantee uninterrupted availability of support services.
| Issue Category | Response Time | Resolution Time | Contact |
|---|---|---|---|
| Technical Issues — Bugs and Fixes | 15 minutes acknowledgement | 1–3 hours | support@dojah.io |
| New Feature Requests | Prompt response | Dependent on request | support@dojah.io |
Support services are provided from 9am–5pm on Business Days.
These Terms, together with the DPA and any documents incorporated by reference, constitute the entire agreement between the parties in relation to the Services and supersede all prior agreements or understandings.
If any provision of these Terms is held to be invalid or unenforceable, such provision shall be severed, and the remaining provisions shall remain in full force and effect.
The Client may not assign or transfer its rights or obligations under these Terms without the prior written consent of Dojah, except to an affiliate or in connection with a merger or sale of assets. Dojah may assign these Terms without restriction.
Failure by either party to enforce any provision of these Terms shall not constitute a waiver of that provision or any other provision.
This Data Processing Addendum ("DPA") forms part of the CheckIn Terms of Use (the "Terms") entered into between Dojah Inc. ("Dojah" or "Processor") and the Client ("Controller").
This DPA governs the processing of Personal Data by Dojah on behalf of the Client in connection with the provision of the Services.
In the event of any conflict between this DPA and the Terms with respect to the processing of Personal Data, this DPA shall prevail.
Capitalized terms not defined in this DPA shall have the meanings given in the Terms. In this DPA:
"Applicable Law" means all laws, regulations, regulatory requirements, and guidelines applicable to the processing of Personal Data under this DPA, including without limitation the Nigeria Data Protection Act 2023, any regulations, guidelines, or directives issued by the Nigeria Data Protection Commission, the Nigeria Data Protection Regulation 2019 (to the extent still applicable), and any other applicable data protection, privacy, or cybersecurity laws and regulations in force in the Federal Republic of Nigeria, as well as any other laws applicable to the processing of Personal Data under this DPA.
"Controller" means the Client, which determines the purposes and means of processing Personal Data.
"Processor" means Dojah, which processes Personal Data on behalf of the Controller.
"Data Subject" means any identified or identifiable individual whose Personal Data is processed under this DPA.
"Processing" means any operation performed on Personal Data, including collection, use, storage, disclosure, or deletion.
"Sub-processor" means any third party engaged by Dojah to process Personal Data on behalf of the Controller.
Processing of Personal Data in connection with the provision of CheckIn Services.
Dojah processes Personal Data for the purpose of:
Individuals identified or targeted by the Controller for verification, including customers, employees, contractors, tenants, or other persons ("Verification Subjects").
Depending on the Controller's configuration, this may include:
Processing shall continue for the duration of the Client's use of the Services, subject to retention and deletion provisions set out in the Terms and this DPA.
Dojah shall process Personal Data only on documented instructions from the Controller, including as set out in the Terms and through the Controller's use and configuration of the Services, and for no other purpose except as required by Applicable Law.
Where Dojah is required by Applicable Law to process Personal Data outside the Controller's instructions, Dojah shall inform the Controller, unless legally prohibited from doing so.
The Controller shall:
The Controller acknowledges that it is solely responsible for determining the necessity and proportionality of any Personal Data collected through the Services.
Dojah shall:
The Controller authorizes Dojah to engage Sub-processors to support the provision of the Services.
Dojah shall:
Sub-processors may include providers of cloud storage and infrastructure, identity verification services, and communication and analytics tools.
Dojah shall implement appropriate technical and organizational measures designed to ensure a level of security appropriate to the risk, including:
In the event of a Personal Data breach, Dojah shall:
Dojah shall, to the extent reasonably practicable:
Upon termination of the Services or upon request by the Controller, Dojah shall:
The Controller acknowledges that retention periods may be subject to system limitations and legal requirements.
Dojah shall make available information reasonably necessary to demonstrate compliance with this DPA.
Any audit request shall:
Where Personal Data is transferred outside Nigeria, Dojah shall ensure that appropriate safeguards are in place in accordance with Applicable Law.
Each party's liability under this DPA shall be subject to the limitations and exclusions of liability set out in the Terms.
This DPA shall be governed by the same law and jurisdiction as the Terms.