1.0 Introduction
Scalex Technologies Limited, hereinafter referred to as "the Company," is committed to protecting the privacy and confidentiality of personal information entrusted to us by our clients, employees, and other stakeholders. This Data Protection Policy outlines our commitment to complying with relevant data protection laws in Nigeria and establishing robust practices to safeguard sensitive information.
2.0 Scope
This policy applies to all employees, contractors, and third parties who process personal information on behalf of the Company.
3.0 Types of Data Collected
The Company adheres to the relevant data protection laws and regulations in Nigeria, including but not limited to the Nigeria Data Protection Regulation (NDPR) and any other applicable legislation.
4.0 Data Collection and Processing
4.1 Lawfulness, Fairness, and Transparency
We will only collect and process personal information for legitimate purposes, ensuring transparency in our data processing activities.
4.2 Purpose Limitation
Personal information will be collected for specified, explicit, and legitimate purposes and will not be further processed in a manner incompatible with those purposes.
4.3 Data Minimization
We will only collect and process data that is adequate, relevant, and limited to what is necessary for the purposes for which it is processed.
5.0. Data Security
5.1 Organizational Measures
The Company will implement and maintain appropriate technical and organizational measures to ensure the security of personal information.
5.2 Access Controls
Access to personal information will be restricted to authorized individuals, and access controls will be regularly reviewed and updated.
5.3 Data Encryption
Personal information will be encrypted during transmission and storage to prevent unauthorized access.6. Data Subject Rights
6.0 Access and Correction
6.1
Data subjects have the right to access their personal information held by the Company and request corrections where necessary.
6.2 Data Portability
The Company will facilitate the portability of personal information in a commonly used, machine-readable format upon request.
7.0 Data Breach Response
7.1 Notification
In the event of a data breach, the Company will promptly notify the appropriate regulatory authorities and affected data subjects, as required by applicable laws.
7.2 Investigation
The Company will conduct a thorough investigation into the causes of the breach and take corrective actions to prevent recurrence.
8.0 Data Protection Officer (DPO)
8.1 Appointment
The Company will appoint a Data Protection Officer responsible for overseeing compliance with this policy and relevant data protection laws.
8.2 Contact Information
The DPO's contact information will be made available to all employees and data subjects for inquiries related to data protection.
9.0 Training and Awareness
9.1 Employee Training
All employees will undergo regular training on data protection principles and compliance with this policy.
9.2 Awareness Campaigns
The Company will conduct awareness campaigns to inform stakeholders about their rights and the Company's data protection practices.
10.0 Policy Review and Updates
10.1 Regular Review
This policy will be reviewed regularly to ensure its effectiveness and compliance with evolving data protection laws.
10.2 Updates
Any updates to this policy will be communicated to all relevant stakeholders.
11.0 Conclusion
This Data Protection Policy reflects the commitment of Scalex Technologies Limited to maintaining the highest standards of data protection in accordance with Nigerian legislation. All employees and stakeholders are expected to comply with this policy to ensure the confidentiality and integrity of personal information.