SHQ LEGAL (the “Firm”, “SHQL”, “we”, “our”, “us”), a business duly registered under the laws of the Federal Republic of Nigeria, values your privacy and the security of the information you share with us. This Privacy Policy, in compliance with the Nigeria Data Protection Act (NDPA) 2023 and other applicable data protection laws in Nigeria, explains how we collect, use, disclose, and safeguard the information we obtain from you in relation to your use of our website. This Privacy Policy applies to our website [www.shqlegal.com] and all related sites, services, and tools regardless of how you access or use them.
By taking any of the following actions, you consent to the terms and practices contained in this Privacy Policy and you grant us the right to collect and process your data in accordance with the terms of this Policy. These actions are as listed below:
i. Using our website or other online platforms;
ii. Physically visiting our premises;
iii. Attending any of our webinars (recorded or otherwise);
iv. Sending an application/Curriculum Vitae (CV) to our email or via other means; or
v. Engaging us for the supply and/or provision of any services.
For the purposes of clarity, “User,” “customer,” or “subscriber,” refers to visitors to our website. “Personal Information,” or “Personal Data,” means any information that identifies or can be used to identify a User, directly or indirectly, including, but not limited to name, email address, mobile number, photograph, or IP address.
THE INFORMATION WE COLLECT
When you use our website or services, we may collect certain types of information about you including the following:
a. Information you provide to us
We collect personal information about prospective clients and their beneficial owners or controllers as part of business development initiatives and our business acceptance process. This includes, but is not limited to, your Personal Data such as your full name, nationality, phone number(s), email address, date of birth, home or office addresses, location, business interest and employment history.
b. Information collected automatically
This includes but is not limited to your IP address, browser type, mobile device ID, device type, operating system version, connection information, mobile network information, location derived from GPS-enabled services, information based on your usage of the service such as time, date and duration of your use, referral URLs, search terms and search history, browsing history and advertisement interactions.
c. Information we obtain from third parties
We may retrieve additional Personal Information about you from third parties and other identification/verification services such as your financial institution and payment processor. With your consent, we may also collect additional Personal Information in other ways including emails, surveys, and other forms of communication. We will not share or disclose your Personal Information with a third party without your consent except as may be required for the purpose of providing you with our services or under applicable legislation.
In providing you with our services, we may rely on third-party servers located in foreign jurisdictions from time to time, which as a result, may require the transfer or maintenance of your personally identifiable information on computers or servers in foreign jurisdictions. We will endeavor to ensure that such foreign jurisdictions have data protection legislation that is no less than the existing data protection regulations in force in Nigeria and your personally identifiable information is treated in a safe and secure manner.
WHY WE COLLECT YOUR INFORMATION
We collect your information to ensure your easy and seamless access to our services. We use the information we collect for the following purposes:
i. To enable us to provide you with a personalized experience of our products and services.
ii. To communicate with you and provide you with information on our programmes and initiatives, such as marketing content, newsletters and service update. However, we will provide you with an option to unsubscribe if you do not want to hear from us.
iii. To provide support services to you.
iv. To analyze and understand your use of our products and services.
v. To protect against illegal, malicious, and fraudulent activity.
vi. To analyze and improve the quality of our services and offerings.
vii. To facilitate your interactions with our social media platforms.
viii. To analyze and learn about our users’ demographics, interests, and behavior.
ix. To identify and repair errors and bugs on our websites.
x. To facilitate dissemination of information about our services and our partners.
xi. To consider your application for a position at our Firm and as part of our recruitment process.
SHARING YOUR INFORMATION WITH THIRD PARTIES
We may sometimes share the information we have collected from you with third parties. These third parties include our affiliates, subsidiaries, partners, third-party vendors and suppliers who render services for us or on our behalf and our professional advisers (such as our auditors, accountants etc.). We may share the information to facilitate the seamless delivery of our services or in compliance with applicable legal requirements and assisting law enforcement agencies by responding to requests for the disclosure of information in accordance with local laws.
COOKIE POLICY
We use cookies to identify you as a User and make your user experience easier, customize our services, content and advertising; help you ensure that your account security is not compromised, mitigate risk and prevent fraud; and to promote trust and safety on our website. Cookies allow our servers to remember IP addresses, date and time of visits, monitor web traffic and prevent fraudulent activities.
Our cookies never store personal or sensitive information; they simply hold a unique random reference to you so that once you visit the site, we can recognize who you are and provide certain content to you. If your browser enables browser add-on permits, you have the choice to disable cookies on our website, however this may impact your experience using our website.
GOVERNING PRINCIPLES OF DATA PROCESSING
We process your information in accordance with the provisions of the Nigeria Data Protection Regulation (“NDPR”) and these principles:
i. Your Personal Data is collected and processed in accordance with lawful, specific and legitimate purposes (all of which are provided under section 2.2 of the NDPR 2019), provided that further processing may be done by archiving the data, subject to our retention period.
ii. The data collected is adequate, accurate and without prejudice to the dignity of the human person.
iii. The data collected is stored only for the period within which it is reasonably needed, or if your consent is withdrawn.
iv. The data collected is secured against all foreseeable hazards and breaches such as theft, cyberattack, viral attack, dissemination, manipulations of any kind, damage by rain, fire or exposure to other natural elements.
v. We owe a duty of care to you in respect of the data we have obtained from you.
DATA SECURITY AND PROTECTION
To prevent unauthorized access and maintain security against foreseeable hazards, we have in place, physical, electronic and managerial procedures to protect, secure and safeguard our customers’ data and ensure accuracy of our records.
i. We use secure socket layer (SSL) protocol technology for the collection and any permitted transfers of your data. However, the Firm cannot guarantee the security of any personal data disclosed to it or collected by it to the extent that it has no control over the public or third-party network through which Personal Data may be sent to our website.
ii. We have a management and corporate commitment to information security within the organisation and provide clear direction, guidance and responsibilities and procedures in this respect.
We have in place a Data Protection Officer who deals with security of information and Personal Data together with relevant compliance with the Regulation and the knowledge and skills of our Data Protection Officer are continuously updated.
LINKS TO THIRD PARTY WEBSITES
Our website, products and services may contain links to other websites not subject to this Privacy Policy. When you access those websites, they may collect your Personal Information in accordance with their privacy and data collection policies. We are not responsible for the data collected by these third parties, and you are advised to study their privacy policies before you make use of their services.
YOUR PRIVACY RIGHTS
By providing us with your Personal Information, you have certain rights in accordance with the provisions of the Nigeria Data Protection Regulation which include:
- the right to request for your Personal Data in our possession;
- the right to object to the processing of your Personal Data;
- the right to request transfer of your Personal Data to another organization;
- the right to request rectification and modification of Personal Information which we keep; and
- the right to request for the deletion of your Personal Data in our possession.
To exercise any of the rights listed here, please contact us through the details provided below.
All such requests will be reviewed and considered in accordance with the provisions of the applicable data protection regulations.
You also have the right to opt-out of receiving the informative materials we send to our Users by clicking the “Unsubscribe” button found at the bottom of such emails. You also have the right to decline to provide your Personal Information when it is requested; however, certain services or all the services may be unavailable to you.
INTERNATIONAL TRANSFER OF YOUR INFORMATION
We may need to transfer your information in our possession to third parties outside Nigeria. Such transfers will only be done in accordance with the applicable data protection regulations in such jurisdiction. While undertaking the international transfer of your information, we will put security measures in place to reasonably protect your data during transmission. We shall, among other things, confirm whether the country is on the National Information Technology Development Agency (“NITDA”) Whitelist of Countries with adequate data protection laws.
DATA RETENTION PERIOD
We may retain Personal Information about the User, as long as it is necessary for business and/or legal purposes. Also, we may retain aggregated anonymous information indefinitely. In addition, we may retain your information for an additional period as is permitted or required to, among other things, comply with our legal obligations, resolve disputes, and enforce agreements.
All Personal Information shall be destroyed by the Firm where possible. For all Personal Data and records obtained, used and stored by the Firm, we shall perform periodical reviews of the data retained to confirm the accuracy, purpose, validity and requirement to retain. The length of storage of Personal Information shall, amongst other things, be determined by:
- The contract terms agreed between the Firm and the Data Subject or as long as it is needed for the purpose for which it was obtained; or
- Whether the transaction or relationship has statutory implication or a required retention period; or
- Whether there is an express request for deletion of Personal Data by the Data Subject, provided that such request will only be treated where the Data Subject is not under any investigation which may require the Firm to retain such Personal Data or there is no subsisting contractual arrangement with the Data Subject that would require the processing of the Personal Data; or
- Whether the Firm has another lawful basis for retaining that information beyond the period for which it is necessary to serve the original purpose.
CONTACT DETAILS
If you have questions regarding your data privacy rights or would like to submit a related data privacy right request, please email us at info@shqlegal.com. Please allow up to 30 days for requests to be processed. The Firm reserves the right to charge a reasonable fee to process excessive or repeat requests.
If you have general questions concerning this Privacy Policy, please contact us at: info@shqlegal.com. We maintain a data breach procedure in order to deal with incidents concerning Personal Information or practices leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information transmitted, stored or otherwise processed. You may contact our DPO upon becoming aware of any breach of Personal Information or if your access credentials have been compromised, to enable us to take the necessary steps towards ensuring the security of your Personal Information or account.
UPDATES TO THIS POLICY
We reserve the right to periodically update and modify the terms of our Privacy Policy without notice. Changes to this Privacy Policy will take effect on the last updated date.
Last updated June 2024.