Data Protection Policy for Inclusystems Limited Covering The Use of Esusu Product and Celeris.
Inclusystems is committed to protecting the privacy and personal data of its customers. This Data Protection Policy outlines our principles and procedures for collecting, processing, storing, and protecting personal data in accordance with the Nigeria Data Protection Regulation (NDPR).
This policy applies to all personal data collected, processed, and stored by Inclusystems, whether in electronic or physical format. It applies to all employees, contractors, and third parties who may handle personal data on behalf of Inclusystems.
3.1. Lawful Basis
Inclusystems will only collect and process personal data when there is a lawful basis to do so, such as with the consent of the data subject, for the performance or execution of a contract, to comply with legal obligations, or for legitimate interests pursued by Inclusystems.
3.2. Data Minimization
We will only collect and process personal data that is necessary for the intended purpose and will minimize the data collected to what is strictly required.
3.3. Transparent Information
We will provide clear and transparent information to data subjects about the purpose and processing of their personal data, including the legal basis for processing, the period of data retention, and the rights of the data subject.
4. Data Security.
4.1. Confidentiality and Integrity
Inclusystems will implement appropriate technical and organizational measures to ensure the confidentiality, integrity, and availability of personal data. These measures include access controls, encryption, regular backups, and staff training on data protection.
4.2. Data Access and Storage
Access to personal data will be limited to authorized personnel who require it for legitimate business purposes. Personal data will be stored securely, either in encrypted form or in locked facilities, with access restrictions based on the principle of least privilege.
4.3. Data Retention
Personal data will be retained only for as long as necessary to fulfill the purpose for which it was collected, or as required by legal obligations. Data subjects will be informed of the retention period for their data.
Inclusystems acknowledges and respects the rights of data subjects as defined by the NDPR, including the right to access, rectify, erase, restrict processing, object to processing, data portability, and the right not to be subject to automated decision-making.
In the event of a data breach that poses a risk to the rights and freedoms of individuals, Inclusystems will promptly assess and report the breach to the relevant supervisory authority and affected data subjects, as required by the NDPR.
When engaging third-party service providers, Inclusystems will ensure that appropriate data protection agreements are in place, outlining the responsibilities and obligations of each party regarding the protection of personal data.
Inclusystems will appoint a Data Protection Officer (DPO) to oversee compliance with data protection laws, provide guidance to employees, and serve as a point of contact for data subjects and supervisory authorities.
Inclusystems will provide regular data protection training to employees and contractors who handle personal data, ensuring they understand their responsibilities and obligations under the GDPR.
This Data Protection Policy will be reviewed periodically to ensure it remains up-to-date and in compliance with the applicable data protection laws and regulations.
We are a digital solution company that helps corporations and governments transform their ideas into products and solutions to achieve their corporate goals and optimize their processes for improved performance.
+234 703 190 6381
Plot 907 Mohammed L. Hassan Street, Utako 900108, Abuja, Federal Capital Territory, Nigeria
© Copyright 2023 by IncluSystems. All Rights Reserved.