Privacy Policy

INTRODUCTION

At Loyalty Solutions Limited (“LSL”, us, we, the Company), we are committed to maintaining the confidentiality of the Personal non-public Data (“Personal Data ”) entrusted to us by our clients, employees and other individuals.

Our privacy policy describes our practices and policy for the collection of Personal Data, usage, processing, storage and disclosure of data. This deals with Personal Data in all forms – written, spoken, electronic or printed – which is protected from unauthorized usage on all occasions.

LSL’s approach is to work closely with Data Subjects so that we can support compliance with privacy laws and Data Subjects’ confidentiality requirements as part of the provision of our services.

1.      CONSENT

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

You accept this Privacy Policy and hereby give us consent to save, process and use your Personal Data to the extent as allowed by law when you provide us with details of your Personal Data.

You may withdraw your consent at any time before, during and after we process your Personal Data.

2.      LEGAL & REGULATORY OBLIGATIONS

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

LSL abides by the Nigeria Data Protection Regulation (“NDPR”) regulations for the purpose of handling and protecting our own data and Data Subjects’ Personal Data.

LSL uses the regulator’s policy to improve privacy requirements as it relates to how we collect, use, process, store and disclose Personal Data. Personal Data means any information relating to an identified or identifiable natural person (Data Subject). For example, this may include name, identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. It can be anything from a name, address, a photo, an email address, bank details, posts on social networking websites, medical information, and other unique identifier such as but not limited to MAC address, IP address, IMEI number, IMSI number, SIM, Personal Identifiable Information (PII) and others.

3.      INFORMATION WE COLLECT

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

We may collect the following types of Personal Data:

·       name;

·       address;

·       email address;

·       telephone number and other contact details;

·       gender;

·       any other personal or additional information that may be required in order to facilitate your dealings with us.

We may also collect your Personal Data when you:

•      communicate with us through correspondence, chats, emails, or when you share information with us from other social applications;

•      interact with our sites, services, contents and surveys.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

4.      WHY WE COLLECT, USE AND PROCESS PERSONAL DATA

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

We collect and process your Personal Data only as necessary or appropriate for business purposes.

There are certain lawful bases for which we are allowed to use your Personal Data. Most commonly, we will rely on one or more of the following lawful bases for processing your Personal Data.

The legal basis for processing is based on any of the following:

I.         Consent: This will apply where you have provided your consent to the processing of your Personal Data for one or more specific purposes;

II.         Performance of contract: This will apply where processing is necessary for the performance of a contract to which you are a party or in order to take steps prior to entering into a contract with you;

III.         Vital interests: This is where processing is required for the protection of your vital interests.

IV.         Compliance with legal obligation: Where we are subject to a legal obligation and need to use your Personal Data in order to comply with that obligation.

V.         Public interest: Where processing is necessary for the performance of a task or function carried out in the interest of the public.

VI.         Legitimate Interest – means the interest of our business in conducting and managing our business to enable us to give you the best services and most secure experience.

We may also use your Personal Data:

·       to enable your use of the services available on our website or clients’ websites managed by us;

·       to send you items redeemed through websites managed by LSL;

·       to send statements, invoices and payment reminders to you, and collect payments from you;

·       to send you non-marketing commercial communications;

·       to send you email notifications that you have specifically requested;

·       to send you our email newsletter, to which you can unsubscribe if you no longer want to receive;

·       to deal with enquiries and complaints made by or about you relating to our website; and

·       to keep our website secure and prevent fraud.
We will not, without your express consent, supply your Personal Data to any third party for the purpose of their or any other third party’s direct marketing.

5.      DISCLOSING PERSONAL DATA

We may disclose Person Data for the purposes set out in this Privacy Policy to:

·       our employees;

·       third party suppliers and service providers;

·       professional advisers;

·       our existing or potential partners;

·       specific third parties authorized by you to receive information held by us;

·       fraud management agencies and law enforcement bodies;

·       regulatory or government body.

6.      YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION

You have rights as an individual which you can exercise in relation to the information we hold about you under certain circumstances. These rights are to:

·       request rectification of your Personal Data;

·       request the erasure of your Personal Data;

·       request the restriction of processing of your Personal Data;

·       You have a right to lodge a complaint about the handling of your Personal Data with the National Information Technology Development Agency (“NITDA”).

·       You have the right to ask us not to process your Personal Data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your Personal Data for such purposes or if we intend to disclose your Personal Information to any third party for such purposes.

·       You have the right to be informed about the existence of automated decision-making processes, including profiling as well as meaningful information about the logic involved, the significance and the envisaged consequences of such processing.

·       You have a right to a copy of the Personal Data we hold about you, as well as the information about what we do with it, who we share it with and how long we hold it for. We may make a reasonable charge for additional copies of that data in the case of unfounded and excessive requests.

·       You have a right to consent to this Privacy Policy and to withdraw your consent at any time.

·       You have a right to freely transfer your Personal Data received from us to any other person.

NITDA’s website (https://nitda.gov.ng/nit/) has a wealth of useful information in respect of your rights over your Personal Data.

If you wish to exercise your rights, you may contact the office of our Data Protection Officer at service@loyaltysolutionsnigeria.com

Where we do not act on your request to exercise any of your rights, we shall inform you within one month of the receipt of your request, of the reasons for not taking action and on the possibility of lodging a complaint with NITDA.

We may however withhold Personal Data that you request to the extent permitted by law as well as where it is deemed unlawful as directed by a court order.

7.      SECURITY

We adopt robust technologies and policies to ensure the Personal Data we hold about you is suitably protected. We take steps to protect your information from unauthorized access and against unlawful processing, accidental loss, destruction and damage. Where you have chosen a password that allows you to access certain parts of the website and mobile application, you are responsible for keeping this password confidential. We advise you not to share your password with anyone. We have also taken measures to comply with global Information Security Management Systems (ISMS) and therefore put in place digital and physical security measures to limit or eliminate possibilities of data privacy breach incidents.

8.      RETENTION OF PERSONAL DATA

We will retain your Personal Data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements and our legitimate interests in maintaining such Personal Data in our records. This will normally include any period during which we are dealing or expect to deal with you and what we consider to be a suitable period thereafter, for our internal record-keeping purposes.

9.      BREACH/ PRIVACY VIOLATION

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, LSL shall within  72 (seventy-two) hours of having knowledge of such breach, report the details of the breach to NITDA. Furthermore, LSL shall within 7 (seven) days of having knowledge of the occurrence of such breach take steps to inform the Data Subject of the breach incident, the risk to  the rights and freedoms of the Data Subject resulting from such breach and any course of action to remedy the said breach.

If you feel that your Personal Data has not been handled correctly or you are unhappy with our response to any requests you have made to us regarding the use of your Personal Data, you have a right to lodge a complaint with the NITDA.

National Information Technology Development Agency

Tel: +234929220263, +2348168401851, +2347052420189

Email: info@nitda.gov.ng

Website: www.nitda.gov.ng

10.   AMENDMENTS

This Privacy Policy may be reviewed from time to time to take account of new laws and technology changes to our operations and practices and the changing business environment.

All Personal Data held by LSL will be governed by LSL’s most recent Privacy Policy. Changes to this Privacy Policy will be published by posting an updated Privacy Policy on the LSL website and other websites managed by LSL.

Therefore, you should review the Privacy Policy regularly to ensure you are familiar with any changes. If you are unsure whether you are reading the most current version, please contact us.

Your continued use of the LSL website and other websites managed by us after any changes to the Privacy Policies are posted, will be taken as acceptance of those changes=