Privacy Policy
Introduction
Welcome to RIKESD ("We", "Our", or "Us") Privacy Policy.
We respect your privacy and are committed to protecting your Personal Data. This Privacy Policy will inform you about how we collect, use, share, and safeguard your Personal Data when you visit our Platform (regardless of where you visit it from) or use any of our services. We will also explain your privacy rights and how the law protects you.
Responsibility for this Policy
Barr. Olabisi Olagbemiro is the designated Data Protection Officer of the organization, responsible for compliance with this policy and relevant data protection legislation. If you have any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Officer in the following ways:
Name: Barr. Olabisi Olagbemiro
Email address: oolagbemiro@rikesd.org
The Information that We Collect
We may collect personal data, which includes any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. Personal Data may include, but is not limited to, information such as name, address, photo, email address, bank details, posts on social networking websites, medical information, and other unique identifiers, including but not limited to MAC address, IP address, IMEI number, IMSI number, SIM, Personal Identifiable Information (PII), and others ("Personal Data").
How We Collect, Process, Use, and Share Personal Data
We may collect your Personal Data through forms, email and physical requests, cookies, JWT, web tokens, or third-party applications. You can set your browser to refuse all or some browser cookies or to alert you if we access cookies. However, please note that disabling or refusing cookies may result in some parts of this Website becoming inaccessible or not functioning properly.
We use your Personal Data for the following purposes: verification of your identity; human resources management; access to computer systems and third-party software; know-your-customer and due diligence purposes; recruitment purposes; regulatory compliance; performance of a contract with you; compliance with legal obligations; marketing; litigation; events planning and hosting; in-house security; research, analysis, and other business purposes or legitimate interests.
When you send us email or other communications, we may retain those communications to process your inquiries, respond to your requests, or improve our services provided on our Platform. Additionally, we may collect information while providing our services to you. Our servers automatically record information that your browser sends whenever you visit our Platform.
Consent and Access Rights
We will obtain your consent prior to collecting or processing your Personal Data. If we intend to use the information for a purpose other than the purpose for which it was collected, we will request your consent before such use.
Please note that no consent shall be sought, given, or accepted in any circumstance that may propagate direct or indirect atrocities, hate, child rights violation, criminal acts, and anti-social conduct.
You have the right to withdraw your consent at any time and may request access to your Personal Data in our possession. The withdrawal of your consent will not affect the lawfulness of the processing of your Personal Data prior to the withdrawal. However, we may deny your access request if we determine it to be unreasonable.
You also have the right to request the modification or amendment of your Personal Data in our possession. For all access or modification requests related to Personal Data, we will request sufficient identification to confirm that you are the owner of the data in question.
If you provide the Personal Data of a third party to us, you confirm that you have informed the owner of the data about the purpose for which it is required and obtained their consent to provide the data to us for that purpose, in accordance with this Privacy Policy.
Personal Data Protection Principles
In processing Personal Data, we adhere to the following principles:
- Personal Data shall be collected only for specific, legitimate, and lawful purposes.
- Personal Data shall be processed lawfully for the purpose for which it was collected and not further processed in a manner incompatible with that purpose(s).
- Personal Data shall be processed adequately, accurately, and with respect for the dignity of the individual.
- Personal Data shall be adequate, relevant, and limited to what is necessary for the intended purpose of processing.
- Personal Data shall be accurate and, where necessary, kept up to date.
- Personal Data shall be stored only for the period within which it is reasonably needed.
- Personal Data shall be processed in a secure manner and protected against unauthorized or unlawful access, processing, accidental loss, destruction, or damage.
Security Measures
We have implemented and will maintain appropriate security measures to prevent unauthorized use, access, alteration, or disclosure of your Personal Data.
Access by Third Parties
We may share your Personal Data with third parties in the following circumstances:
- When we have your consent.
- With our parent company(ies), subsidiary, or affiliates.
- For the verification of our identity.
- When providing information to other professional advisers, trusted businesses, or persons for processing Personal Data on our behalf or other legitimate business purposes. We will ensure such parties process the information based on our instructions and in compliance with this Privacy Policy and appropriate confidentiality and security measures.
- When we have a good faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to (i) satisfy any applicable law, regulation, legal process, or enforceable governmental request, (ii) enforce applicable terms of service, including investigation of potential violations, (iii) detect, prevent, or address fraud, security or technical issues, or (iv) protect against imminent harm to our rights, property, or safety as required or permitted by law.
Transfer of Personal Data Outside the Country
We may transfer Personal Data outside Nigeria in the following circumstances:
- With your consent.
- When the transfer is necessary for the performance of a contract between you and RIKESD or the implementation of pre-contractual measures at your request.
- When the transfer is necessary for the conclusion or performance of a contract in your interest between RIKESD and another natural or legal person.
- When the transfer is necessary for important reasons of public interest.
- When the transfer is necessary for the establishment, exercise, or defense of legal claims.
- When the transfer is necessary to protect your vital interests or the vital interests of other persons, and you are physically or legally incapable of giving consent.
Please be aware that upon the transfer of information outside Nigeria, some data protection principles may be violated in the receiving country. By consenting to the processing of your Personal Data, you also consent to the transfer of your Personal Data outside Nigeria.
Retention of Personal Data
We will only retain your Personal Data for as long as reasonably necessary to fulfill the purposes for which we collected it. This includes complying with legal, regulatory, tax, accounting, or reporting requirements. If there is a complaint or a prospect of litigation in relation to our relationship with you, we may retain your Personal Data for a longer period. In such cases, any retained information will be safeguarded in accordance with this Privacy Policy.
To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process the data, and whether we can achieve those purposes through other means, as well as any applicable legal, regulatory, reporting, or other requirements.
If any information is retained in an encrypted format, we will also take measures for secure storage of the encryption keys, which will be retained as long as the data they decrypt is retained.
In some circumstances, we may anonymize your Personal Data for research or statistical purposes, in which case we may retain and use this information indefinitely without further notice to you.
Violations
We take swift action to remedy any suspected breaches of Personal Data. However, we will not be responsible for any breach of Personal Data that occurs as a result of events beyond our control, acts of terrorism, acts of God (including but not limited to fires, explosions, earthquakes, floods, epidemics, or pandemics) that compromise our data protection measures, war, hostilities, invasion, act of foreign enemies, requisition, embargo, rebellion, revolution, insurrection, military or usurped power, or civil war that compromises our data protection measures, the transfer of your Personal Data to a third party on your instructions, or the use of your Personal Data by a third party designated by you.
If you suspect or know of a breach of Personal Data or a violation of this Privacy Policy, you should immediately contact the Data Protection Officer at the contact information provided above.
Violations of this Privacy Policy by employees may result in disciplinary action.
Your Legal Rights
You have the right to:
- Request access to your Personal Data (commonly known as a "data subject access request"). This enables you to receive a copy of the Personal Data we hold about you and verify that we are lawfully processing it.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, although we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing, where we may have processed your information unlawfully, or where we are required to erase your Personal Data to comply with local law. However, note that we may not always be able to comply with your request for erasure for specific legal reasons, which will be notified to you, if applicable, at the time of your request.
- Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information that override your rights and freedoms.
- Request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios:
- If you want us to establish the data's accuracy.
- Where our use of the data is unlawful, but you do not want us to erase it.
- Where you need us to hold the data, even if we no longer require it, as you need it to establish, exercise, or defend legal claims.
- You have objected to our use of your Personal Data, but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your Personal Data to you or to a third party. We will provide your Personal Data in a structured, commonly used, machine-readable format to you or a third party you have chosen. This right applies only to automated information that you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above or have any questions about this Privacy Policy or our privacy practices, please contact the Data Protection Officer at the contact information provided above.
You will not have to pay a fee to:
- Access your Personal Data.
- Change your Personal Data provided to us.
- Exercise any of your other rights.
Notwithstanding the above, we may charge a reasonable fee or refuse to comply with your request if your requests are clearly unfounded, repetitive, excessive, or if any criminal or illegal activity is suspected. Additionally, if you request to change your Personal Data in our possession more than three (3) times within a 12-month period, we may charge a fee or refuse to comply with your request.
To help us confirm your identity and ensure your right to access your Personal Data (or exercise any other rights), we may need to request specific information from you. This is a security measure to ensure that Personal Data is not disclosed to any unauthorized person. We may also contact you to request further information to expedite our response.
We strive to respond to all legitimate requests within one month. However, in some cases, particularly if your request is complex or if you have made multiple requests, it may take us longer to respond. In such cases, we will notify you and keep you updated.
Changes to the Privacy Policy
We keep our Privacy Policy under regular review to ensure its accuracy and relevance. Please keep us informed if your Personal Data changes during your relationship with us.
Contact Us
If you wish to exercise any of your rights under this Privacy
Policy or suspect a breach of your Personal Data or a violation of this Privacy Policy has occurred, or if you have any questions about this Privacy Policy or our privacy practices, please contact us at:
oolabisi@rikesd.org, rikesd22@gmail.com, mpopoola@rikesd.org
Dr. Mustapha Ayo Popoola
Designation: Founder and Executive Director
Email:mpopoola@rikesd.org