Privacy Policy
Amended on: 15th July 2024
Privacy is important to us, and so is being transparent about how we collect, use, and share data when you visit or use www.dojah.io
What this policy covers
Dojah Technologies Ltd recognizes your privacy rights as guaranteed under the 1999 Constitution of the Federal Republic of Nigeria and the Nigerian Data Protection Act 2023, and the privacy provisions in other relevant laws applicable to our business in Nigeria. We are committed to processing, managing, and protecting your personal information in accordance with applicable laws and regulations.
This Privacy Policy explains our privacy practices regarding how we collect, use, and share your data when you engage with us and our services through our platforms, including our website, digital platform, physical operations, and offices.
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or select a service from www.dojah.io.
This Privacy Policy describes how your personal information is collected, used, and shared when you visit or select a service fromwww.dojah.io
This policy is intended to help you understand that:
- Information will be protected against unauthorized access or misuse.
- Confidentiality of information will be secured.
- The integrity of information will be maintained.
- Availability of information/information systems is maintained for service delivery.
- Business continuity planning processes will be maintained.
- Regulatory, contractual, and legal requirements will be complied with.
- Physical, logical, environmental and communications security will be maintained.
- Infringement of this Policy may result in disciplinary action or criminal prosecution.
- When information is no longer of use, it is disposed of suitably.
Information refers to:
- Electronic information systems (software, computers, and peripherals) owned by Dojah.io whether deployed or accessed on or off-site.
- Dojah.io computer network is used either directly or indirectly.
- Hardware, software, and data are owned by Dojah.io.
- Paper-based materials.
- Electronic recording devices (video, audio, CCTV systems).
Information We Collect
We are committed to protecting your privacy and confidentiality. We collect only the information that is necessary for providing and improving our Services. We do not collect Sensitive Personal Data unless it is voluntarily provided by users for specific purposes and with their explicit consent. If we do collect any Sensitive Personal Data, we will ensure compliance with the Data Protection Legislation.
Our data collection practices are designed to be transparent, lawful, and in compliance with applicable data protection laws. We collect the following types of data:
- Identifying Data: We collect identifying information such as your name, date of birth, and government issued identification numbers (e.g., passport number, national ID number) when you register for our services or create an account. We also collect any other registration information you may provide to prove you are eligible to use our Services and in compliance with regulatory requirements on Know Your Customer (KYC), Know-Your-Business (KYB) and Anti-Money Laundering Laws (AML) and regulations.
- Contact Data: Your contact information, including your address, email address, country of residence and phone number, is collected during the 2.registration process to enable communication and provide necessary updates regarding our services.
- Demographic Data: We may collect demographic information such as gender, age, and nationality to better understand our user base and tailor our services to meet diverse needs.
- Financial Data: Financial information, including bank account details, Bank Verification Number (BVN) and credit/debit card information, is collected when processing payments for services or purchases made through our platform.
- Transactional Data: Transactional information, such as purchase history and order details, is collected to facilitate transactions, process orders, and provide customer support.
- Employment Data:If you apply for a job or submit employment-related information, we collect employment information such as job title, work history, and salary details as part of the recruitment process.
- Location Data: We may collect location information, including GPS coordinates and IP addresses, to provide location-based services or improve the functionality of our platform.
- Online Identifiers: Online identifiers such as usernames, device IDs, and cookies are collected to authenticate users, personalize user experiences, and track usage patterns for analytics purposes.
Our Security Policy
Dojah requires all users to exercise a duty of care concerning the operation and use of its information systems.
Authorized users of information systems except for information published for public consumption, all users of Dojah.io information systems must be formally authorized by appointment as a member of staff or contractor.
Authorized users will pay due care and attention to protect Dojah's incorporated information in their possession. Confidential, personal, or private information must not be copied or transported without consideration of:
- Permission of the information owner.
- The risks associated with loss or falling into the wrong hands
- How the information will be secured during transport and at its destination.
Acceptable use of information systems use of Dojah Incorporated information systems by authorized users will be lawful, honest, and decent and shall have regard to the rights and sensitivities of other people.
Dojah Information System Directors who are responsible for information systems are required to ensure that:
- Systems are adequately protected from unauthorized access.
- Systems are secured against theft and damage to a level that is cost-effective.
- Adequate steps are taken to ensure the availability of the information system, commensurate with its importance (Business Continuity).
- Electronic data can be recovered in the event of loss of the primary source. I.e. failure or loss of a computer system. It is incumbent on all system owners to backup data and to be able to restore data to a level commensurate with its importance (Disaster Recovery).
- Data is maintained with a high degree of accuracy.
- Systems are used for their intended purpose and procedures are in place to rectify discovered or notified misuse.
- Any electronic access logs are only retained for a justifiable period to ensure compliance with the data protection, investigatory powers, and freedom of information acts.
- Any third parties entrusted with Dojah Incorporated data understand their responsibilities concerning maintaining its security.
Legal Basis for Processing Data
At Dojah, we are committed to ensuring that your personal data is processed lawfully, fairly, and transparently. Our processing of personal data is based on one or more of the following legal grounds as provided in the Nigerian Data Protection Act 2023:
- Consent: We may process your personal data based on your explicit consent, which you have the right to withdraw at any time. This includes situations where you have provided consent for specific processing activities, such as receiving marketing communications.
- Contractual Necessity: In some cases, we may need to process your personal data to fulfill contractual obligations or to take steps at your request before entering a contract. This includes processing necessary for the provision of our services or the performance of contracts between you and Dojah Technologies.
- Legal Obligations: We may process your personal data when necessary to comply with legal obligations to which we are subject. This includes obligations imposed by laws, regulations, or court orders that require us to process certain types of personal data for specific purposes.
- Legitimate Interests: We may process your personal data based on our legitimate interests or the legitimate interests of third parties, except where such interests are overridden by your interests or fundamental rights and freedoms. This includes processing necessary for the purposes of fraud prevention, security, business operations, or marketing activities.
By processing personal data on these legal grounds, we ensure that your rights and freedoms are protected while enabling us to provide you with our services effectively and responsibly.
International Transfers
We may transfer your personal data to recipients located outside of your country or region for various purposes, such as providing our Services, fulfilling contractual obligations, or complying with legal and regulatory requirements.
To ensure the security and protection of your personal data during international transfers, we implement rigorous safeguards in accordance with applicable data protection laws. These safeguards may include using data transfer agreements based on standard contractual clauses approved by relevant authorities, obtaining your explicit consent for the transfer, or ensuring that the recipient offers an adequate level of data protection. Additionally, we may rely on other lawful mechanisms or safeguards, such as data protection certifications or binding corporate rules, to facilitate secure international data transfers. Such transfers will be made in compliance with applicable data protection laws and with appropriate safeguards in place to ensure the security of your personal information.
Rights of Data Subjects
At Dojah Technologies, we respect your rights as a data subject and are committed to ensuring that your personal data is processed in a transparent and lawful manner. You have certain rights regarding your personal data, including:
- Access: You have the right to access the personal information we hold about you. This means you can request details about the types of data we collect, how we use it, and with whom we share it.
- Rectification: If you believe that any of the personal data, we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it.
- Erasure: We may process your personal data when necessary to comply with legal obligations to which we are subject. This includes obligations imposed by laws, regulations, or court orders that require us to process certain types of personal data for specific purposes.
- Restriction or Objection: You have the right to request the restriction of processing or object to the processing of your personal data in certain situations. This includes situations where you believe the processing is unlawful or where you have objected to processing for direct marketing purposes.
Recipients of Data
At Dojah, we may share your personal data with third parties for various purposes outlined in this Privacy Policy. These recipients may include:
- Service Providers: We may engage third-party service providers to assist us in delivering our services or performing certain functions on our behalf. For example, we may use a third-party cloud service provider to store and process data, or a payment processing company to facilitate transactions.
- Business Partners: We may share your personal data with trusted business partners who collaborate with us to offer integrated services, promotions, or joint marketing activities. For instance, if you sign up for a promotion or special offer in partnership with another company, we may share your contact information with that partner to fulfill the offer.
- Regulatory Authorities: In certain circumstances, we may be required to disclose personal data to regulatory authorities, government agencies, or law enforcement bodies in compliance with legal obligations, court orders, or regulatory requirements. This may include situations where we are legally obligated to report certain types of incidents or cooperate with investigations.
- Other Authorized Recipients: We may share your personal data with other authorized recipients as necessary to fulfill the purposes described in this Privacy Policy or with your consent. This may include trusted advisors, legal counsel, or other professionals who assist us in managing our business operations or resolving disputes.
It's important to note that we only share personal data with third parties to the extent necessary to fulfill the purposes for which it was collected and in accordance with applicable data protection laws. We take measures to ensure that our third-party partners maintain adequate safeguards to protect your personal data and only use it for the purposes specified by us.
Data Retention
We adhere to strict data retention practices to ensure that your personal data is retained only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. Our retention periods are determined by factors such as the original purpose of data collection, legal and regulatory requirements, business needs, and user requests.
Personal data is retained for the duration necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy. Additionally, we comply with any legal or regulatory requirements that dictate specific retention periods for certain types of personal data. Throughout the retention period, we implement robust security measures to protect your data against unauthorized access, disclosure, alteration, or destruction.
Marketing
We may use your personal data to provide you with marketing communications, promotional offers, and other advertising materials that may be of interest to you. Various marketing channels, including email, SMS, social media, and targeted advertising, may be utilized to communicate with you about our products, services, events, and special promotions.
You have the right to opt-out of receiving marketing communications from us at any time by following the unsubscribe instructions provided in our communications or by contacting us directly. Even if you opt out of receiving marketing communications, we may still send you transactional or service-related communications, such as account notifications, updates on service availability, or important information about changes to our terms or policies.
Cookies
We use cookies and similar technologies to enhance your experience on our website and to improve the functionality of our Services.
We use both session cookies, which are temporary and expire when you close your browser, and persistent cookies, which remain on your device for a longer period. These cookies may be placed by us or by third-party service providers, such as analytics providers or advertising networks, to collect information about your browsing behaviour and preferences.
Depending on how you manage your cookies settings and preferences, we may place cookies on your device when you visit our website. Some browsers may automatically accept cookies, while others can be modified to decline cookies or alert you when a website wants to place a cookie on your computer. If you choose to disable cookies, please note that certain features of our website may not function properly, and your browsing experience may be impacted.
For more information, see Cookie Notice
Minors
Our Services are not intended for individuals under the age of 18 ("minors"). We do not knowingly collect personal data from minors without parental consent. If you are a parent or guardian and believe that your child has provided us with personal data without your consent, please contact us immediately so that we can take appropriate action to remove such information and terminate the minor's account, if applicable.
If we become aware that we have collected personal data from a minor without parental consent, we will promptly delete such information from our records. If you are a minor, please do not use our Services or provide us with any personal data
Updates to this Policy
We may update this Privacy Policy from time to time to reflect changes in our privacy practices or legal requirements. We encourage you to review this Privacy Policy periodically for any updates.
Contact Information:
If you have any questions or concerns about our privacy practices or this Privacy Policy, please contact our Compliance Officer at [[email protected]].
Definitions
Cookies: A cookie is a small piece of data that is stored on your device when you visit our website. Cookies help us personalize your experience, remember your preferences, and track your interactions with our site. We use cookies to improve the functionality of our Services and enhance your browsing experience. You can manage your cookie preferences through your browser settings.
Data Protection Legislation: means the Nigeria Data Protection Act 2023, Nigeria Data Protection Regulation 2019 and/or any other applicable legislation on the protection of personal data in Nigeria.
Personal Data: Any information that can be used to identify a living or natural person including email address, date of birth, mobile number, residential address, payment card, financial information such as bank account number, etc.), government-issued Identity credentials (e.g, national ID number, international passport, driver’s licence number, etc), or taxpayer identification number. It may also include information that is linked to you, for example, your internet protocol (IP) address, log-in information, information about your device or device’s web browser.
Services: Services refer to the products, features, and functionalities offered by Dojah Technologies to users. This includes our website, software applications, platforms, and other offerings that users interact with to accomplish specific tasks or objectives.
User: A user is an individual who interacts with our Services. This includes visitors to our website, users of our software applications, and subscribers to our services. We collect and process data from users to provide and improve our Services, as outlined in our Privacy Policy.