Skip to content

ZevCloud

What this product is

ZevCloud is the application deployment platform of the Zev ecosystem. Customers (developers, small builders, Nigerian SaaS teams) sign in with ZevID, create a team, connect a Git repo or upload a static site, and deploy it on infrastructure ZevCloud manages. Customers also register and manage domains through ZevCloud — both .ng (we are a direct NIRA-accredited registrar) and non-.ng (NameSilo as the registry partner). The customer-facing dashboard lives at console.zevcloud.net.

ZevCloud is a builder-tools product, not a consumer product. Its data subjects are the engineers and team members who sign up to deploy applications; the end-users of those applications are NOT ZevCloud's data subjects — they are the deploying customer's data subjects (the deploying customer is the controller, ZevCloud is the host).

Regulatory scope

  • NDPA, 2023 — primary obligation as a Nigerian data controller for the data we hold on our customers (account holders, team owners, billing contacts).
  • NDPC GAID, 2025 — 72-hour breach notification, DPO designation, RoPA obligations.

CBN and other financial-services rules do not apply directly to ZevCloud. Billing is handled by ZevPay; financial-regulatory obligations live in ZevPay's section.

Data-controller role

  • Controller for: team membership, service / deployment metadata, custom-domain attachments, domain-registration records, billing artefacts (invoices, subscriptions, payment-method tokens), admin audit logs.
  • Processor for: the customer's deployed application content — source code, build artefacts, runtime data the customer's app writes (DBs they spin up, environment variables, user uploads). ZevCloud hosts these on behalf of the customer; the customer is the controller of whatever their app processes.

The distinction matters: when an end-user of a customer's app exercises NDPA rights, those requests go to the customer, not to ZevCloud. ZevCloud's job is to keep the platform secure and to fulfil DPA-style processor obligations (security controls, breach notification to the customer, sub-processor disclosure).