Privacy Policy
Data Privacy Policy
Redtech Limited Data Protection Policy
Introduction
Redtech Limited is committed to ensuring adherence to the Nigerian Data Protection Act (NDPA) 2023. In its capacity as a data controller, Redtech Limited diligently protects personal data collected during its business operations to uphold the rights and freedoms of individuals.Â
For any inquiries or concerns related to data protection, please reach out to our Data Protection Officer at dataprotectionoffice@redtechlimited.com.
Policy Overview
Purpose
This policy outlines the obligations of employees, vendors, and third parties to secure personal data collected by Redtech Limited.
Scope
The policy is applicable to all employees, contractors, and third parties engaged in the processing of personal data on behalf of Redtech Limited.
Statement
Redtech Limited is committed to compliance with the NDPA and all relevant data protection laws to maintain the confidentiality, integrity, and availability of personal data.
Data Protection Principles
Redtech Limited is committed to adhering to the following principles:
1. Lawfulness, Fairness, and Transparency: The processing of personal data is conducted in a lawful and transparent manner, ensuring clear communication regarding its purpose.
2. Purpose Limitation: Personal data is collected solely for specific and explicit purposes.
3. Data Minimization: Only the data necessary for the stated purposes is gathered.
4. Accuracy: Personal data is maintained with a focus on accuracy and is kept up to date.
5. Storage Limitation: Personal data is retained only for as long as necessary.
6. Integrity and Confidentiality: Personal data is protected against unauthorized access, loss, or destruction.
7. Accountability: Compliance is evidenced through documented policies and practices.
Legal Grounds for Processing
Redtech Limited processes personal data based on lawful grounds, including:
• Consent: Where individuals have provided explicit permission for data to be processed for specific purposes.
• Contractual Necessity: When processing is essential to fulfill a contract or pre-contractual obligations.
• Legal Obligation: Where data processing is requisite to comply with regulatory or legal requirements.
• Legitimate Interests: When processing is necessary for the legitimate interests of the organization, provided that these do not infringe upon the rights and freedoms of individuals.
Data Subjects’ Rights
Data subjects possess the right to:
• Access, rectify, or erase their data.
• Object to processing or automated decision-making.
• Request data portability.
• File complaints or request a supervisory review.
To exercise these rights, kindly contact dataprotectionoffice@redtechlimited.com.
Consent
The consent must be:
• Freely given, specific, informed, and unambiguous.
• Withdrawable at any time by the data subject.
Parental consent is required for children under 18 in Nigeria under the NDPA.
Security Measures
Redtech Limited employs technical and organizational measures to secure personal data, including:
• Password protection and access controls.
• Encryption of sensitive data.
• Regular employee training on data security.
Data Retention and Disposal
Personal data is retained solely for the duration required to fulfill its intended purpose and is subsequently disposed of securely, in accordance with Redtech Limited’s Secure Disposal Policy and Procedure.
Data Transfers
Personal data may solely be transferred to countries that provide adequate protection levels or pursuant to the lawful conditions delineated in the NDPA.
Responsibilities
• Data Protection Officer (DPO): Ensures the effectiveness, updates, and compliance of policies.
• Employees: Are required to adhere to this policy and safeguard personal data under their control.
For additional information, please contact dataprotectionoffice@redtechlimited.com.