Objective
Secured Records Management Solutions (hereafter referred to as “SRMS”) is committed to the appropriate protection and use of personal data that has been collected on its website. In this Privacy Policy, we will explain what Personal Data we collect from you, how we use and share that data, how we keep your Personal Data safe, and how long your data will be held. We will also explain how we process your data, the legal rights under which we do so, and help you understand your Personal Data rights.
The purpose of this policy is to:
-
Inform users clearly and concisely what personally identifiable information (PII) is collected through our website, services, and products, how it is used, and how it is protected.
-
Clarify the legal rights under which data is collected and processed, and provide enlightenment on user personal data rights.
-
To comply and show fealty to the Nigeria Data Protection Regulation (NDPR), as well as global Data Privacy regulations.
-
Support SRMS’s mission to be the foremost provider of end-to-end document management and secured software solutions in Africa.
Scope
This privacy policy applies to the users of the SRMS website, services, and products.
Guiding Principles
-
This policy is designed to complement other policies, forms, and procedures within SRMS that pertain to her services, software, and products, and must be utilized in conjunction with the same.
-
This Policy in no way replaces or nullifies the Nigeria Data Protection Regulation (NDPR), rather this Policy is created to supplement the NDPR following the mission and vision of SRMS. The NDPR shall take priority if compliance with this Policy will result in a violation. The content of this Policy shall also be observed in the absence of the NDPR.
-
If compliance with this Policy results in a violation of the NDPR, or if regulations that deviate from this policy are required under Nigerian law, it must be reported to the Data Protection Officer (DPO) for Data Privacy law monitoring. The DPO can be contacted at info@securedrecords.com
-
In a case of collision between the NDPR and this Policy, the Data Protection Officer will work with the responsible personnel to find a practical solution that fulfills the purpose of this Policy.
-
Words such as “We” “Our” and “Us” refer to SRMS, while “You” refers to the data subject.
-
This Policy will be revised on a need basis to reflect changes in the business environment and/or operations of SRMS.
Collection and Use of Personal Data
Personal Data is any information that we can use to identify you. That can be anything such as your name, home address, phone number, email address, IP address, or any other data that can be used to identify you.
We collect the information you provide directly to us when you fill out a contact form, communicate with us via third-party platforms, or otherwise communicate with us. The types of personal data we may collect include your name, email address, and phone number
Information We Collect Automatically When You Interact with Us
In many cases, when you visit us online or via email, we automatically collect some information. The data collected allows us to customize your online experience, increase SRMS online presence efficiency and usability, and measure the efficiency of our marketing activities. They include:
-
Device and Usage Information:
This includes data about device and network, including hardware models, operating system versions, mobile networks, IP addresses, unique device identification systems, browser type, and application version. We also collect information on how you access our services, information about what you do on our website, and how you utilize our services, examples include access times, view periods, link clicks, viewed pages, and specific pages visited before browsing and requesting our services.
-
Information collected by Cookies and similar tracking Technologies:
Cookies are small data files stored in your browser. They help us analyze how you interact with our site, after which we can make changes that improve site performance and provide a better user experience for you. We also work with third-party analytical providers using cookies, web beacons, device identifiers, and other technologies to collect information about your usage, including your IP address, web browser, data on the mobile network, pages viewed, time spent on pages, and clicked links. Our website may include features for sharing over social media applications from other third parties such as Facebook, LinkedIn, and Twitter. These social media applications can collect and use information gotten from your use of our website. SRMS and others may use this information to analyze and track data, amongst other things, to determine the popularity of certain content, to provide content that is relevant to your interest in our services, and to better understand your online activities. If you wish to prevent cookies as you navigate our website, you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Please note that some portions of our sites may not work properly if you elect to refuse cookies.
Use of Information
We use the information that we gather to provide, maintain and improve our services, which includes distributing user-generated content to our blogs and other services to customers, such as;
-
The subscription e-mail feature to inform you regarding new SRMS content, papers, and eBooks.
-
The Zoho live chat app to answer your questions and offer customer service.
Sharing of Information
We will not sell or provide your information to anyone else or use it for purposes other than our services unless you are notified by email or required to do so by law. If we are to share personal or confidential information with other partners or third parties, we shall only do so with your explicit consent or if we are required to do so by law.
Personal Information Retention Period
We would maintain your information as long as it takes to supply the services you need. However, it may be maintained for a longer period, if need be, for legal and regulatory obligations.
Data Security and Integrity
To protect personal information against unauthorized loss, misuse, alteration, or destruction, we have adequate security policies and practices in place and enforced. However, we must reiterate that safety cannot be guaranteed in the face of severe threats, despite the best efforts of SRMS.
As far as we can, your personal information will only be accessed if you need to be aware of it. Persons with access to the data are required to keep the information confidential. We also make reasonable efforts to only retain personal information as long as it is necessary to fulfill your request or until you request that the data be deleted.
Links to Third-party Websites
Third-party ads and other content that link to third-party websites may be displayed. The privacy practices and content of third parties cannot be controlled or held responsible. Please understand that when you click on a third-party ad or link, you are leaving the SRMS website and that personal information you provide does not fall within the scope of this Privacy Policy. To find out how they collect and process your data, please read their Privacy Policies.
Lawful Basis for Processing
Usually, we only collect personal information necessary to meet your requirements. If further data is required at the point of collection, you will be duly notified. The NDPR enables us to process data on a certain lawful basis and we are legally bound to inform you of the reasons.
Consequently, we rely on the following lawful basis for processing to adequately and securely process your personal information:
-
Contract Performance:
When processing your data is necessary to fulfill our contractual obligations.
-
Legal Obligations:
When we are required to process your data to comply with a legal obligation. For
example, keeping tax records, providing information to a government body or law
enforcement authority, and so on.
-
Legitimate Interests:
We may process information about you where it is in our legitimate interest to run a
legitimate business, so long it doesn’t exceed your interests.
Your Rights as a Data Subject
You are not required to provide SRMS with any personally identifiable information. However, we may request that you provide certain personal information to receive further information on our services.
You may unsubscribe anytime by following the instructions included in each communication if you opted for specific services such as an e-newsletter. We will remove your information if you unsubscribe from our services or communication channels. However, we might require further information before processing your request.
There are certain rights for persons concerning the processing of their data under the Nigeria Data Protection Regulation (NDPR). These rights are as follows:
-
Right to Information:
You are entitled to be provided with clear and concise information on what’s done with your data. This is covered through our Privacy Policy.
-
Right to Rectification:
Without undue delay, you have the right to rectify every incorrect personal information. Failure to complement incorrect information is also expected.
-
Right to Be Forgotten:
You can request that your data be erased permanently (under certain circumstances). You shall be informed of the outcome of the request no later than one month after the application is made.
-
Right to Restrict Processing:
You can demand that your data should not be processed again. In this case, we can store it, but not use it. Suppose the personal data in question is disclosed to a third party, SRMS shall inform them, provided it does not become impossible or involves a disproportionate effort to do so, of the restriction on the processing of your data.
-
Right to Data Portability:
You can obtain and reuse your data for reasons best known to you on other organization platforms. You may also request that your information be directly provided to another organization on your behalf.
-
Right to Object:
You have the right to stop your data from being used for direct marketing purposes.
-
Notice:
Rights are not absolute. The lawful basis for which personal data is collected affects the
number of rights available to the Data Subject.
Consent
Consent is any freely given, specific, informed, and unambiguous indication of your wish, by which through a statement or clear affirmative action, signifies agreement to the processing of personal data relating to you. You have a right to withdraw consent at any given time. However, the withdrawal cannot impact the processing done up to that point.
-
Validity:
Consent can only be considered valid when the data subject (You) is adequately
informed and has been provided voluntarily. Consent cannot be implied.
Consent under the Nigeria Data Protection Regulation (NDPR) does not constitute
silence, pre-ticked boxes, or inactivity
-
Minors:
All persons under the age of 18 are considered minors. Only the minors' representatives
can give consent on their behalf under the applicable regulatory requirements.
Reporting and Contact Forms
If you have any questions, comments, or concerns regarding this Privacy Policy, please contact us at info@securedrecords.com and +234 802 292 3270.