Privacy Policy - Nogalss National Apex Cooperative Society Ltd

1. Introduction

Nogalss National Apex Cooperative Society Ltd ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services, in compliance with the Nigeria Data Protection Act (NDPA) 2023.

2. Information We Collect

2.1 Personal Information

• Name, email address, phone number
• Date of birth and address
• National Identification Number (NIN)
• Bank account details
• Next of kin information
• Profile images and documents

2.2 Financial Information

• Transaction history
• Contribution records
• Loan applications and repayments
• Investment details

2.3 Technical Information

• IP address and device information
• Browser type and version
• Usage patterns and preferences
• Cookies and similar technologies

3. How We Use Your Information

3.1 Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you have given clear consent for specific processing activities
• Contract: To fulfill our contractual obligations to you
• Legal Obligation: To comply with applicable laws and regulations
• Legitimate Interests: For our legitimate business interests, balanced against your rights

3.2 Purposes of Processing

• Account management and service delivery
• Financial transactions and record keeping
• Communication and customer support
• Compliance with regulatory requirements
• Security and fraud prevention
• Service improvement and analytics

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

• Service Providers: With trusted third parties who assist in service delivery
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Consent: When you have given explicit consent

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption of data at rest and in transit
• Access controls and authentication
• Regular security assessments
• Employee training on data protection
• Incident response procedures

6. Data Retention

We retain your personal data for the following periods:

• Financial Records: 7 years from the last transaction
• Account Information: 3 years after account closure
• Marketing Data: Until consent is withdrawn
• Legal Requirements: As required by applicable laws

7. Your Rights

Under the Nigeria Data Protection Act, you have the following rights:

8. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

• Essential Cookies: Required for basic website functionality
• Analytics Cookies: Help us understand website usage
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used for targeted advertising (with consent)

9. International Transfers

If we transfer your data outside Nigeria, we ensure adequate protection through:

• Adequacy decisions by the data protection authority
• Standard contractual clauses
• Binding corporate rules
• Your explicit consent

10. Children's Privacy

Our services are not directed to children under 18. We do not knowingly collect personal information from children without parental consent.

11. Data Breach Notification

In the event of a data breach that poses a high risk to your rights and freedoms, we will:

• Notify the data protection authority within 72 hours
• Inform affected individuals without undue delay
• Provide details of the breach and measures taken
• Offer guidance on protective steps you can take

12. Contact Information

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending you an email notification
• Displaying a notice on our platform