All data subjects whose personal data is collected, in line with the requirements of NDPR.
Who we are?
INLAKS is an Information Technology Systems Integrator in the deployment of dynamic and highly scalable ICT Solutions.
Under the European Union (EU) General Data Protection Regulation (GDPR) and the Nigeria Data Protection Regulation personal data is defined as: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
INLAKS limits Personal Data collection and usage to data that is relevant, adequate, and absolutely necessary for carrying out the purpose for which the data is processed.
INLAKS will evaluate whether and to what extent the processing of personal data is necessary and where the purpose allows, anonymized data must be used.
Who is responsible for your personal information
What personal information do we collect?
The types of personal information that we process will depend on the service you receive from us. INLAKS uses the personally identifiable information you provide to communicate with you in response to your enquiries, to provide the services you request, and to manage your account.
The types of personal information which INLAKS may collect, and process are:
- Name, contact address, email addresses, and telephone numbers
- Demographic attributes, when tied to personal information that identifies you
- Employer, corporate contact details, job title
- Career history, professional background, and other CV related information
- National passport, driving license or any other form of proof of identification
- Data from surveys and publicly available information, such as social media posts
- Unique IDs such as your mobile device identifier or cookie ID on your browser
- IP address and information that may be derived from IP address, such as geographic location
- Information about a device you use, such as browser, device type, operating system
- We will only collect information that is necessary for the provision of its service(s) that you have requested
How we collect personal information
We collect information about you and any other party whose details you provide to us when you:
- Register to use our websites and portals
- Complete online forms
- Take part in surveys
- Interact with us using our social media platforms
- Download information such as publications or participate in any other interactive areas that appear on our website or portals
- Contact us offline, for example by telephone, SMS, email, post, or any other means of communication
- Submit your CV on our Careers Platform
- Access and use any of our websites or portals from your devices (including mobile devices) and applications
- Share information with third parties that are entitled to share that information, but in each case as permitted by applicable laws
Why and how do we use your personal information
All personal information which we collect, and process is justified by lawful processing on the basis that:
- You have given consent to the processing
- Processing is necessary for the performance of a contract to which you are a party or take steps to enter into a contract
- Processing is necessary for compliance with a legal obligation to which we are subject
- Processing is necessary in order to protect your vital interests or another natural person
- Processing is necessary for the performance of a task carried out in the public interest
We may use personal information for the following purposes:
- To communicate and respond to your requests and enquiries about INLAKS If you get in touch with us (such as by completing the registration form on our website, sending an email or by visiting the social media platforms), we process information about you to communicate with you and to respond to your requests or other enquiries. Based upon the personally identifiable information you provide us; we may send you a welcoming email to verify your username and password. Also, in response to your enquiries, INLAKS may communicate with you by email or telephone
- To deliver technical and functional management on our sites – When you choose to register with us (such as to make use of our market data), we need to process the personal information provided by you so that we can create and manage a personal account for you. Upon creating your account, we will send you your personal login information. This personal information enables us to administer your account, for example by changing your password for you
- To market our services or related services, and to tailor our marketing and brand activities to you or your company’s interests – INLAKS may use information about you to notify you (email or telephone) about new products and services, updates and associated campaigns and promotions (including via newsletters)
- To provide specific services in accordance with an agreement you are entering or have entered with us – If you subscribe to our services (for instance, The Lens subscription), you provide services to us, our employees, or as a supplier or business partner, we process information about you to engage in, provide such services, and administer the relevant transactions. For instance, if you register as a Vendor, we will use the information to onboard you as a client and to carry out background and screening checks
- To analyse, develop, improve, and optimise the use, function and performance of our sites and products and services – We may process personal information in order to analyse, develop, improve and optimise the use, function and performance of our sites and products, as well as marketing campaigns. In case the sites permit you to participate in interactive discussions, create a profile, post comments, opportunities, or other content, or communicate directly with another user or otherwise engage in networking activities, INLAKS may process personal information when moderating these activities
- To manage the security of our sites, networks, and systems – We may collect site use data for security and operations management to help keep our sites, networks, and systems secure, or to investigate and prevent potential fraud, including ad fraud and cyber-attacks and to detect bots
- To comply with applicable laws and regulations and to operate our business – In some cases, we must process personal information to comply with applicable laws and regulations. For example, to respond to a request from a regulator or to defend a legal claim. We may also process personal information in the performance and operation of our business, such as to conduct internal audits and investigations or for finance and accounting, archiving and insurance purposes.
- To arrange events hosted at our premises – whether you are either an organiser or an attendee and to control access to our premises.
Transfer of Personal Data
Third Party Processor within Nigeria
INLAKS may engage the services of third parties in order to process the Personal Data of Data Subjects collected by the Company. The processing by such third parties shall be governed by a written contract with INLAKS to ensure adequate protection and security measures are put in place by the third party for the protection of Personal Data in accordance with the terms of this Policy and the NDPR.
Transfer of Personal Data to Foreign Country
- Where Personal Data is to be transferred to a country outside Nigeria, INLAKS shall put adequate measures in place to ensure the security of such Personal Data. In particular, INLAKS shall, among other things, conduct a detailed assessment of whether the said country is on the National Information Technology Development Agency (NITDA) Whitelist of Countries with adequate data protection laws.
- Transfer of Personal Data out of Nigeria would be in accordance with the provisions of the NDPR. INLAKS will therefore only transfer Personal Data out of Nigeria on one of the following conditions:
- The consent of the Data Subject has been obtained.
- The transfer is necessary for the performance of a contract between INLAKS, and the Data Subject or implementation of pre-contractual measures taken at the Data Subject’s request.
- The transfer is necessary to conclude a contract between INLAKS and a third party in the interest of the Data Subject INLAKS.
- The transfer is necessary for reason of public interest
- The transfer is for the establishment, exercise or defence of legal claims
- The transfer is necessary in order to protect the vital interests of the Data Subjects or other persons, where the Data Subject is physically or legally incapable of giving consent.
- Provided, in all circumstances, that the Data Subject has been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this proviso shall not apply to any instance where the Data Subject is answerable in duly established legal action for any civil or criminal claim in a third country.
- INLAKS will take all necessary steps to ensure that the Personal Data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Nigeria shall be provided to you upon request.
- Where the recipient country is not on the Whitelist and none of the conditions stipulated in Section 8.2.2 of this Policy is met, INLAKS will engage with NITDA and the Office of the Honourable Attorney General of the Federation (HAGF) for approval with respect to such transfer.
We may use data analytics tools to analyse the information generated and stored during your use of our services to improve our services, provide content tailored to your personal preferences, and to monitor our website’s traffic and usage. The other purposes include:
- Develop and provide new and existing functionality and services
- Determine your general location to evaluate how our known clients engage with different parts of our website
All these tools may be provided by third-party service providers and may include the collection and tracking of certain data and information regarding the characteristics and activities of visitors to our website. We may disclose data, including personal information, to such third-party services providers in order to obtain such services. You have the right to object to processing based on our legitimate activities but if you object, this may affect our ability to provide certain services and/or solutions for your benefit.
Who we share your personal data with
- Service providers (for example, IT services) or third parties which process information on our behalf (e.g., internet service and platform providers, payment processing providers and those organisations we engage to help us send communications to you) so that they may help us to provide you with the applications, services, and information you have requested or which we believe is of interest to you.
- Analytics and search engine providers that assist us in the improvement and optimisation of our website.
- Law enforcement or regulatory agencies, or authorised third parties, in response to a verified request relating to a criminal investigation or alleged illegal activity or any other activity that may expose us and/or the user or any third party to legal risks or liability.
- Third parties where you have a relationship with that third party, and you have consented to us sending information (for example social media sites or other third-party application providers)
- National Information Technology Development Agency (NITDA) professional advisors and auditors for the purpose of seeking professional advice or to meet our audit responsibilities
- Agencies where reporting is mandatory under applicable laws
We may share non-personally identifiable information (e.g., the pages you visit, and which links you click, which ads you see and click on, and the categories of search terms you enter) about the use of our website or portal publicly or with third parties but this will not include information that can be used to identify you.
Retention of your personal information
INLAKS will retain your personal data in line with its Retention Policy. This enables us to comply with legal and regulatory requirements or use it where we need to for our legitimate purposes such as managing your account and dealing with any disputes or concerns that may arise. We may need to retain information for a longer period where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate purposes (e.g., to help us respond to queries or complaints, responding to requests from regulators etc.). When we no longer need to use your personal information, we will remove it from our systems and records and/or take steps to encrypt it so that you can no longer be identified.
How is your personal information secured?
The security of your personal information is important to Us. INLAKS therefore takes reasonable precautions to protect your personal information. We generally follow accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure. However, INLAKS has implemented appropriate technical, physical, and organisational measures designed to protect personal information against accidental or unlawful destruction, accidental loss, damage, alteration, unauthorised disclosure or access, as well as all other forms of unlawful processing.
Integrity and Confidentiality
INLAKS shall establish adequate controls in order to protect the integrity and confidentiality of Personal Data, both in digital and physical format and to prevent personal data from being accidentally or deliberately compromised.
Personal data of Data Subjects must be protected from unauthorized viewing or access and from unauthorized changes to ensure that it is reliable and correct.
Any personal data processing undertaken by an employee who has not been authorized to carry such out as part of their legitimate duties is un-authorized.
Employees may have access to Personal Data only as is appropriate for the type and scope of the task in question and are forbidden to use Personal Data for their own private or commercial purposes or to disclose them to unauthorized persons, or to make them available in any other way.
Human Resources Department must inform employees at the start of the employment relationship about the obligation to maintain personal data privacy. This obligation shall remain in force even after employment has ended.
Your rights as a Data Subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing
- Right of portability – you have the right to have the data we hold about you transferred to another organization
- Right to object – you have the right to object to certain types of processing such as direct marketing
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling
- Right to judicial review – in the event that INLAKS refuses your request under rights of access, we will provide you with a reason for the refusal
Can I find out the personal data that INLAKS holds about me?
INLAKS at your request, can confirm what information we hold about you and how it is processed. If INLAKS does hold personal data about you, you can request the following information:
- Contact details of the Data Protection Officer, where applicable
- The purpose of the processing as well as the legal basis for processing
- If the processing is based on the legitimate interests of INLAKS or a third party, information about those interests
- The categories of personal data collected, stored, and processed
- Recipient(s) or categories of recipients that the data is/will be disclosed to
- If we intend to transfer the personal data to a third party or international organisation, information about how we ensure this is done securely. The Attorney General of the Federation will approve sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information
- How long the data will be stored
- Details of your rights to correct, erase, restrict or object to such processing
- Information about your right to withdraw consent at any time
- How to lodge a complaint with the supervisory authority (NITDA)
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data
- The source of personal data if it was not collected directly from you
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing
What forms of ID will I need to provide in order to access this?
INLAKS accepts the following forms of ID (but not limited to) when information on your personal data is requested, International Passport, Driver’s License, National ID Card etc.
Dispute Resolution or Filing a Complaint
Compliance with the Regulators
This Private Policy is in line with the provisions of Nigeria Data Protection Regulation, 2019 (Regulation) and other applicable Data Protection Regulations. This Regulation describes how organisations including INLAKS must collect, handle and store personal information and applies regardless of whether data is stored electronically, on paper or on other materials.
Contact Details of the Data Protection Officer
Email Address: firstname.lastname@example.org
Cookies are a kind of short-term memory for the web. They are stored in your browser and enable a site to ‘remember’ little bits of information between pages or visits. Cookies can be used by web servers to identify and track users as they navigate different pages on a website, and to identify users returning to a website. Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies on Our Website
We use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your device until you delete them). We have also grouped our cookies into the following categories, to make it easier for you to understand why we need them:
- Functionality: these cookies enable technical performance of our websites and allow us to ‘remember’ the choices you make and your preferences
- Performance/Analytical: these cookies allow us to collect certain information about how you navigate the Sites. They help us to understand which parts of our websites are interesting to you and which are not as well as what we can do to improve them.
Cookies do not contain any information that personally identifies you, but personal information that we store about you may be linked, by us, to the information stored in and obtained from cookies. The cookies used on this website include those which are strictly necessary cookies for access and navigation, cookies that track usage (performance cookies) and remember your choices (functionality cookies). We may use the information we obtain from your use of our cookies for the following purposes:
- To recognise your computer when you visit our website
- To retain clients’ email addresses and passwords when they log in to our ‘Member’s Area’
- To track you as you navigate our website
- To improve the website’s usability
- To analyse the use of our website – such as how many people visit us each day
- In the administration of our website
- Google Analytics
This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content. For more information on Google Analytics cookies, see the official Google Analytics page
- Social media buttons and/or plugins
We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites including Twitter, LinkedIn, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore, it is recommended that you do not disable cookies.