Privacy Policy

1. Introduction

[Organisation Name] (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use the NDPA Compliance Assessment Tool (“the Tool”).

We process personal data in accordance with the Nigeria Data Protection Act (NDPA) and applicable data protection regulations.

2. Information We Collect

2.1 Assessment Data

When you use the Tool, you provide responses to assessment questions. This information is processed entirely within your web browser and is not transmitted to or stored on our servers. Your assessment data remains on your device and is cleared when you close the browser or refresh the page.

2.2 Automatically Collected Information

We may collect certain information automatically when you visit our website, including:

• Device type and browser information
• IP address (anonymised where possible)
• Pages visited and time spent on the site
• Referring website
• General geographic location (country/region level)

This information is collected through cookies and similar technologies for analytics purposes. See our Cookie Policy for more details.

3. How We Use Information

We use the automatically collected information to:

• Understand how users interact with the Tool
• Improve the Tool's functionality and user experience
• Monitor and analyse usage trends
• Ensure the security and proper functioning of the website

4. Legal Basis for Processing

We process information based on the following legal grounds:

• Consent: For analytics cookies, where you have provided consent
• Legitimate Interest: For improving our services and ensuring website security

5. Data Sharing

We do not sell your personal information. We may share anonymised, aggregated data with:

• Analytics providers: To help us understand website usage (e.g., Google Analytics)
• Hosting providers: Who provide infrastructure services

Any third-party service providers are required to protect your information and use it only for the purposes we specify.

6. Data Security

We implement appropriate technical and organisational measures to protect information, including:

• Secure HTTPS connections
• Regular security assessments
• Limited access to systems and data

7. Data Retention

Assessment data is not retained as it is processed only in your browser. Analytics data is retained for up to 26 months, after which it is automatically deleted or anonymised.

8. Your Rights

Under the NDPA and applicable data protection laws, you have the right to:

• Access: Request information about how your data is processed
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your data where applicable
• Restriction: Request limitation of processing in certain circumstances
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for analytics cookies at any time

To exercise these rights, please contact us using the details below.

9. International Transfers

Some of our service providers may be located outside Nigeria. Where data is transferred internationally, we ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws.

10. Children's Privacy

The Tool is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page with an updated revision date.

12. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us at:

Data Protection Contact
[Organisation Name]
[Address]
[Email Address]

You also have the right to lodge a complaint with the National Data Protection Commission (NDPC) if you believe your data protection rights have been violated.