1. INTRODUCTION
Welcome to the Privacy Conference Nigeria (“PrivCon Nigeria” “We” “Our” “Us”) Privacy Notice. PrivCon Nigeria respects your privacy and is committed to protecting your data protection. This privacy notice is drafted in accordance with the Nigeria Data Protection Regulation (NDPR) 2019 and its Implementation Framework, 2020.
2. ABOUT US
PrivCon Nigeria is a data protection and privacy focused conference aimed at supporting discussions among stakeholders on issues bothering on data protection and privacy development in Nigeria and Africa at large. The PrivCon is the first of its kind in Nigeria and is hosted by Olumide Babalola Legal Practitioners, a law firm in Lagos. For more information, please visit @ privconnigeria.org
3. ABOUT THIS PRIVACY NOTICE
This Privacy Notice describes who we are, how we collect, use, store and share your personal data and the rights available to you. This Privacy Notice applies to every data subject who will interact with us for the sake of this conference. Please read the entire Privacy Notice to understand how we process your personal data and the rights available to you.
4. RIGHT TO COMPLAINT
Kindly note that you have the right to make a complaint at any time to the Nigeria Data Protection Bureau (NDPB), the Regulator for data protection issues (ndpb.gov.ng) or approach competent court of law to enforce your data protection rights. We would, however, appreciate the chance to deal with your concerns before you approach the NDPB, so please contact us in the first instance @ Counsel@oblp.org or send a letter to our physical office @ 12 Berkeley St, Lagos Island 102273, Lagos
5. INFORMATION WE COLLECT ABOUT YOU
To register for our conference, we may require your name, affiliation, email address and location. During the conference, we may process your name, comments, opinions, and other professional information Click Here
Personal data means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
Identity Data includes name, username or similar identifier, headshot, professional background, job title
Contact Data office address, delivery address, email address and telephone numbers.
Communication Data is your name and contact details, the means, place and time of communication and its content
Other Data- we may collect data from you to be processed in relation to administrative or judicial proceedings.
Information About other People
If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their consent for you to disclose it to us and for you to allow us, and our outsourced service providers to use it
If you fail to provide personal data
Where we need to collect personal data and you fail to provide it, we may not grant you access to the PrivCon nor have you render service(s) for us on that basis.
6. SOURCES WE COLLECT YOUR PERSONAL DATA FROM
Much of the personal data we collect are either collected from you through direct interaction with us. We may also collect your personal data from publicly available sources. Click Here
We use different methods to collect personal data from you and they include:
Direct interactions. You may give us your personal data by filling physical or online form, by scanning attendance code or login or by corresponding with us by post, phone, email among others. If you wish to enter into contract with us, you will have to provide us with certain personal data of yours.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources available to us such as social media amongst others.
7. HOW WE USE YOUR PERSONAL DATA
We use your personal data for many purposes such as registration, sending invitation, informing conference participants on related events, sending reminders, invoicing, fulfilling contractual obligations, to investigate, defend and exercise our legal rights; and many more. Click Here
We process your personal information for several purposes and they include:
- To communication with you with regards to the Conference. We use communication, identity and contact data for this purpose and our lawful bases are prior informed consent and our legitimate interest. Where the purpose of our communication is solely for direct marketing purpose, you have an absolute right to object to the marketing. We will provide you with opt-in and opt-out consent in this regard.
- To register you for the PrivCon. We use identity and contact data for this purpose and our legal basis is prior informed consent.
- To prepare invoice and billing. We use identity, financial data for this purpose. Our legal basis is prior informed consent.
- To send reminder about PrivCon and related events and activities. We use communication and contact data for this purpose and our legal basis is prior informed consent.
- To improve the PrivCon participation and organization. We use communication data, participants surveys and polls to achieve this aim. We may use pseudonymized data for this purpose and our legal basis is consent and our legitimate interest.
- To enable participants, interact with each other We use identity, contact and communication data for this purpose. Our legal basis is our legitimate interest.
- To investigate, defend and exercise our legal rights. We use identify and contact data. Our legal bases are legitimate interest to exercise and defend our legal right.
Further purpose
We will only process your personal data for the particular purposes for which we collected it, unless we have reason to use it for another purpose. Please note that where this is the case and the further purpose is not compatible with the original purpose, we will notify you and obtain your consent before using it for such further purpose. Please note that we may process your personal data for further purpose knowledge or consent, in compliance with the requirement of law.
8. LEGAL BASES FOR PROCESSING YOUR PERSONAL DATA
Personal data is processed on the legal basis of consent and where applicable on our legitimate interest or that of a third party. We will also rely on performance of contract where you enter into a contract with us to render service(s) for the purpose of the PrivCon. Kindly note that where we rely on consent to process your personal data, you can always and at any time withdraw your consent. Click Here
We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your personal data. Kindly contact us if you need further details or clarity about the specific legal ground we are relying on to process your personal data where more than one grounds has been stated. We will rely on any of the legal bases listed below depending on the processing activities:
- We will ask you for your consent before processing your personal data. Where we obtain your consent, kindly note that you can withdraw the consent at any time and we will comply.
- We may process your personal data based on the contract you have entered with us or to take pre-contractual step at your instruction.
- We may process your personal data for our or third-party legitimate interest
- We may also process your personal data to comply with legal obligation
9. WHAT CONSTITUTE CONSENT
We rely on consent in certain circumstances to process some of your personal data. Where we require your consent, ticking a yes/no box, endorsing your signature in a form or document, clicking accept button will constitute consent.
10. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
After the conference, we may share your photographs and video recording on our platforms and website. We may also share information pertaining to the conference with sponsors, affiliates and associates. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
11. DATA SECURITY
We have installed email anti-virus and Hypertext Transfer Protocol Secure (HTTPS) to ensure encryption and safety of your personal data in our custody. Click Here
We have put appropriate security measures such as encryption, firewall, and locks in place to prevent accidental loss of personal data, and/or to ensure that personal data is not used, accessed, altered, or disclosed in an unauthorized manner. In addition, we limit access to your personal data to only necessary employees, agents, contractors, and other third parties who we have business need with us. They will only process your personal data on our instructions and are strictly subject to a duty of confidentiality. We have put in place some procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach within 72 hours where we are obligated to do so.
12. DATA RETENTION
We will only retain your personal data for as long as reasonably necessary to fulfill the purposes they were collected and subject to limits set by the Law. Click Here
We will only retain your personal data for as long as reasonably necessary to fulfill the purposes they were collected for and where we are required to assert or defend against legal claims, pending the final adjudication of the claim. In some circumstances we will anonymise your personal data so that it can no longer be associated with you for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.. To learn more about our retention periods as established in our retention policy, please contact us.
13. PRINCIPLES OF DATA PROTECTION
We are obligated to comply with data protection principles whenever we process your personal data and to inform you about these principles. Click Here
These principles include:
- We must inform you about the personal data we have about you, the lawful basis for processing it and we must use it a way you reasonably expect. (Principle of Transparency, Lawfulness and Fairness)
- We must not use your personal data for more than one reason if not compatible with the reason we collected it for except we have informed you and relied on appropriate lawful basis (Principle of purpose limitation)
- We must only collect personal data about you that is only necessary to meet our purpose and nothing more (Principle of data minimization)
- We must only use your correct personal data in the course of our processing activities (Principles of data accuracy)
- We must not store or keep your personal data about you in our custody beyond the period necessary to fulfil the purpose for which it is collected (Principle of storage limitation)
- We must ensure that your personal data about you in our custody is protected from unauthorized use, alteration or corruption. (Principle of integrity and confidentiality)
- We must take measures to ensure and demonstrate compliance with these principles (Principle of accountability)
14. YOUR LEGAL RIGHTS
You have certain rights under the law which we respect and adhere to and which can be exercised by you at any time. However, note that these rights are not absolute and may only apply in certain circumstances. Click Here
You have certain rights under the law which we respect and comply with and which can be exercised by you anytime. However, note that these rights are not absolute and apply in certain circumstances. They are:
- right to access to your personal data
- right to request correction of your personal data free of charge
- right to request erasure of your personal data
- right to object to processing of your personal data
- right to request restriction of processing of your personal data
- right to request transfer of your personal data
- right to withdraw consent
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
15. UPDATING PERSONAL DATA ABOUT YOU
Inform us @ Counsel@oblp.org when you update or change the information you made available to us.
16. CHANGES TO OUR PRIVACY NOTICE
This privacy notice will be updated from time to time and we will aim to notify you when this happens.
17. CONTACT DETAILS
Please address questions, comments and requests regarding this Notice to our Privacy Team, host@privconnigeria.org.