1. INTRODUCTION
Credlanche Limited (“Credlanche” or “Us” or “We”) needs to gather and use certain personal data in delivering its services and fulfilling its obligations to you. We respect the trust you repose in us in providing us with your data and we are completely committed to preserving, protecting, and safeguarding your rights in accordance with the applicable principles of data privacy.
This General Privacy Policy (“Privacy Policy” or “Policy”) is made in accordance with The General Data Protection Regulation (GDPR) issued by the European Union (EU) on the 25th of May 2018 and the Nigeria Data Protection Regulation (NDPR) issued by the National Information Technology Development Agency (NITDA) on the 25th of January 2019 which we adhere to as a corporate.
This Privacy Policy outlines the information we collect from you, why we collect such data, how we use the data, how you can control the data, and how we manage, store, protect, share, retain or delete your data.
Kindly note that by using our website, platform, or any of our services, you are taken to be aware of the content of this Privacy Policy and agree to the terms of this Policy.
2. PURPOSE AND OBJECTIVES
The main purpose of the Policy is to establish the essential standards put in place by Credlanche to ensure the personal data of individuals are used or processed in line with applicable regulations and to provide guidance on the standards of conduct and practice the Company follows in protecting such data.
3. DEFINITIONS AND INTERPRETATION
For the purpose of this policy:
- Credlanche means Credlanche Limited
- Data Protection means the process of safeguarding information from loss, corruption or compromise.
- General Data Protection Regulation (GDPR) means a new set of regulations introduced by the EU to enable EU citizens to have more control over their data.
- Nigeria Data Protection Regulation (NDPR) means a new set of regulations introduced by the relevant Nigerian regulator to enable Nigerian citizens to have more control over their data.
- National Information Technology Agency (NITDA) refers to the national agency charged with developing national regulations for electronic governance, electronic data interchange, electronic communication transactions, data protection, and data privacy in Nigeria.
- Personal Data means any information that can enable an individual to be identified.
- Special Category Data means sensitive information that relates to race, ethnic origin, political opinions, religious or philosophical beliefs, biometric data, etc.
- Processing means obtaining, recording, holding, or adding to the information or data or performing any operation on the information or data
- Data controller means the person or organization who determines the purpose of the data i.e. how the data should be processed or used.
- Data subject means an individual whose personal data is being processed.
- Data processor means any person or organization who processes personal data.
- Consent means giving permission for something to happen or an agreement to do something.
- Privacy Notices is a statement that discloses some or all the ways a party gathers, uses, discloses, and manages personal data to a relevant public.
4. WHAT IS PERSONAL DATA?
Personal Data means any information in any form that pertains to an individual which can be used to identify such an individual. Personal information does not include publicly available information, anonymous or non-personal information.
5. WHAT PERSONAL INFORMATION DO WE COLLECT?
Credlanche collects personal data such as name, home address, telephone, personal email address, date of birth, identification card number, financial details, employment details and any other information necessary to Credlanche’s business purposes, which is voluntarily disclosed in the course of interaction with Credlanche.
As a general rule, Credlanche collects personal information directly from you. In most circumstances where the personal information that we collect about you is held by a third party, we will obtain your permission before we seek out this information from such sources.
6. USAGE OF PERSONAL DATA
Personal data is used for our business purposes, including establishing, managing, or terminating your contractual relationship with us, should any exist.
On our website, we collect data to be able to communicate with you, provide further information to assist you (mail subscriptions), respond to questions or requests which you submit, process requests or applications which your make and anticipate and resolve problems with any services we offer to you.
7. DATA MINIMISATION
Credlanche would only collect such personal data which it directly requires for carrying out business. No personal would not be requested of you without a clear and communicated purpose and only as much data as essential would be required from you.
You are at liberty to request information about any data requested of you to ensure that it is limited to what is required. Credlanche may not request data from you in cases where any activity for which such data is required, can be undertaken without this data to no detriment unless such data is needed for record purposes.
8. DATA SHARING
Due to the nature of Credlanche’s operations, the Company may disclose personal data to third parties in other to fully perform its obligations to you. Credlanche is responsible for the management of your data in the course of such data transfers and shall ensure that maximum security is ensured for the safety of your data.
We may share personal data with such parties in and/or outside Nigeria, and as result, your personal data may be collected, used, processed, stored, or disclosed in other countries. We only transfer data to an entity in another country where permitted under the Nigeria Data Protection Regulation and only to countries with an adequate level of data protection. Where we are required to share your data with a country not listed by NITDA as having adequate levels of protection for personal, we will only do so with your consent.
We do not sell your personal data to third parties.
9. NOTIFICATION AND CONSENT
Where your consent is required for our collection, use, or disclosure of your personal information, you may, at any time, subject to legal or contractual restrictions and reasonable notice, request for your express consent to such collection, use, or disclosure.
10. DATA SECURITY
Credlanche endeavours to maintain physical, technical and procedural safeguards that are appropriate to the sensitivity of the personal information in question. These safeguards are designed to protect your personal information from loss and unauthorized access, copying, use, modification, or disclosure.
11. DATA RETENTION
Except as otherwise permitted or required by applicable law or regulatory requirements, Credlanche endeavours to retain your personal information only for as long as it believes is necessary to fulfill the purposes for which the personal data was collected (including, for the purpose of meeting any legal, accounting or other reporting requirements or obligations).
12. DATA ACCURACY
It is important that the information contained in our records is both accurate and current. If your personal information happens to change during the course of your interaction with us, please keep us informed of such changes. You can do this by contacting the Head of Human Resources or by contacting the company’s designated Data Protection Officer (DPO.)
13. ACCESS TO YOUR PERSONAL INFORMATION AND DELETION OF YOUR PERSONAL INFORMATION
Credlanche recognizes that you can request access to your personal data or rectification/deletion of personal data that we hold about you. To make such a request, please contact the designated Data Protection Officer using the contact information provided in of this Privacy Policy. Please note that any such communication must be in writing. In your request, please make clear what specific personal information you would like to have accessed, rectified, or deleted.
When requesting such access, rectification or deletion of your personal data, please note that we may request specific information from you to enable us to confirm and record your intention. If you require assistance in preparing your request, please contact the office of the designated Data Protection Officer.
Your right to access, rectify, or delete the personal information that we hold about you is not absolute. There are instances where applicable law or regulatory requirements allow or require us to refuse your request. In addition, the personal information may have been destroyed, erased, or made anonymous in accordance with our record retention obligations and practices.
If we cannot provide you with access to, or rectification or deletion of your personal information, we will endeavour to inform you of the reasons why subject to any legal or regulatory restrictions.
14. INQUIRIES OR CONCERNS?
If you have any questions about this Privacy Policy or concerns about how we manage your personal information, please contact the office of our Data protection officer by telephone, in writing or by e-mail. We will endeavour to answer your questions and advise you of any steps taken to address the issues raised by you.
15. CONTACT
Credlanche has a designated Data protection officer charged with overseeing compliance with this Privacy Policy. The contact information of our Data protection officer is as follows: [email protected]
16. UPDATES TO THIS PRIVACY POLICY
Credlanche may from time to time make changes to this Privacy Policy to reflect changes in its legal or regulatory obligations or in the manner in which we deal with your personal information. We will communicate any revised version of this Privacy Policy.