This document is prepared in accordance with the provisions of the Nigeria Data Protection Act,2023 and the Nigeria Data Protection Regulation (NDPR). It sets out how Heirs Technologies Limited applies and complies with the principles of the act and regulation in processing the personal data of individuals, clients, vendors, and even third parties that interact with Heirs Technologies Limited. This Privacy Policy also outlines our compliance with international data protection standard, including the General Data Protection Regulation (GDPR) for users outside Nigeria.
This privacy policy describe how we collect and process your personal information through your use of our data collection forms/website (“the site”) and the account you open with us (“Account”), to create account profile, ensure security of the website and enable you use our products.
The primary purpose of this policy is to provide you with better understanding of:
Heirs Technologies, focuses on advancing digital transformation across Africa by offering a range of IT services. These include IT, managed services, and collaborations with global technology companies’ worldwide.
Heirs Technologies, aim to bridge gaps in the technology ecosystem by localizing global solutions and investing in local talent development through specialized training programs. Its strategic vision prioritizes value-driven solutions rather than solely creating products, aiming to empower businesses and enhance Africa’s competitiveness in the global tech market.
Under the Nigeria Data Protection Regulation/Act (NDPR/NDPA) personal data is defined as:
“Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.”
This Privacy Policy tells you how we, Heirs Technologies Limited, will collect and use your personal data for relationship management, profiling, business analytics/development, communication, registration, cookies, and all-round efficient service delivery.
We will process (collect, use and store) the information you provide in a manner that complies with the EU’s General Data Protection Regulation (GDPR) and the Nigeria Data Protection Regulation/Act (NDPR/NDPA). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary. Heirs Technologies Limited is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. The retention period for certain kinds of personal data may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.
We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:
You provide this information through direct interaction when you visit our website, sign up to our newsletters or publications, request marketing materials to be sent to you, respond to surveys, complete our feedback or comment form, provide your business card to any of our staff, sign our visitor management form, complete other forms, apply for employment through our careers page, or contact us to request for any information or other correspondence by post, email, our website or otherwise.
As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this data by using cookies, and other similar technologies. Please see our cookie policy for further details.
We do not intentionally or knowingly collect any Sensitive Personal Data. We ask that you do not send to us nor disclose such Sensitive Personal Data save where required for a specific purpose.
We need to collect your personal data in order for us to provide you with our services. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose(s) only, and will in no way invade your privacy. If there is a need to use your personal data for marketing purpose, Heirs Technologies Limited will ensure to seek additional consent from you. Heirs Technologies Limited shall not collect or process more data than is reasonably required for a particular processing activity. In addition, every processing purpose has at least one lawful basis for processing to safeguard the rights of the data subjects, as listed below:
Be aware that we do not reveal identifiable information about you to our advertisers, though we may at times share statistical visitor information with our advertisers.
Where Legitimate Interest is considered the legal basis for processing personal data, Heirs Technologies Limited shall follow the steps below in carrying out a Legitimate Interest Assessment.
In carrying out the purpose test, Heirs Technologies Limited must establish the exact reason for the processing and how it benefits the organisation. Answers to the following shall be provided to determine the exact purpose for processing:
The following questions will be addressed under the balance test:
Heirs Technologies Limited records this information in line with this policy, data protection impact assessment, and data inventory.
Heirs Technologies Limited requires your explicit consent to process collected personal data. And by consenting to this privacy policy, you are giving us the permission to use/process your personal data specifically for the purpose identified before collection.
If, for any reason, Heirs Technologies Limited is requesting sensitive personal data from you, you will be rightly notified why and how the information will be used.
You may withdraw consent at any time by requesting for Withdrawal of Consent form, following the Heirs Technologies Limited Withdrawal of Consent Procedure.
Heirs Technologies Limited may pass your personal data to third-party service providers contracted by us. Any third parties that we may share your personal data with is under an obligation to secure your details, and use them only to fulfil the service for which they were contracted. When they no longer need your details to fulfil this service, the data will be disposed in line with the Heirs Technologies Limited’s procedures. By accepting this Policy or by providing your Personal Data to us, you expressly consent to such transfer and Processing.
Where there is a need for a third party to process the personal data of data subjects, Heirs Technologies Limited will enter into a Data Processing Agreement with the third party and be satisfied that the third party has adequate measures in place to protect the data against accidental or unauthorised access, use, disclosure, loss, or destruction.
In a case where the disclosure is to third parties outside the jurisdiction of the GDPR and NDPR/NDPA, Heirs Technologies Limited will ensure that the third party meets the core regulatory standards prior to the transfer. This may include transferring the personal data to the third party where Heirs Technologies Limited has satisfied that:
We retain your Personal Data for no longer than reasonably necessary for the purposes set out in this Policy and in accordance with legal, regulatory, tax, accounting or reporting requirements.
We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Where your Personal Data is contained within a document, the retention period applicable to such type of document in our document retention policy shall apply.
According to the provision of the GDPR/NDPR/NDPA, data subjects have certain rights at any point while Heirs Technologies Limited are in possession of or processing your personal data. You, the data subject, have the right to:
Heirs Technologies Limited, at your request, can confirm what information we hold about you and how it is processed. If we do hold your personal data, you have the right to request the following information:
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data. You may exercise any of the above stated rights following our Data Subject Access Request Procedure.
All information you provide to us is stored on our secure Server. We implement appropriate, generally accepted technical and organisational measures to protect your personal data such as (firewalls, password access and encryption methods) against unauthorised or unlawful Processing, accidental loss, destruction, or damage.
Please note that while we strive to protect your personal information, the transmission of data over the internet is not completely secure. We do our best to ensure the security of your data, but we cannot guarantee complete protection for data transmitted to our serves via the internet. Transmission is at your own risk.
We will only contract you when necessary and will not ask irrelevant or unnecessary questions. The information you provide will be subject to stringent measures to reduce the risk of unauthorized access or disclosure.
If for any reason you wish to make a complaint about how Heirs Technologies Limited or any of our third party partners handle your personal data, or how your complaint has been addressed, you have the right to lodge a complaint directly with the supervisory authority and the Data Protection Officer of Heirs Technologies Limited.
Below are the details for each of these contacts:
Our website or our email communication may contain links to third-party websites, plug-ins and applications. Engaging with these links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. We encourage you to review the privacy policy of every website you visit after leaving ours.
1. To exercise your data privacy rights, submit a formal request by completing the Subject Access Request Form (SAR Form) and emailing it to support@heirstechnologies.com.
2. We will acknowledge receipt of your SAR Form within five working days and may request additional information to verify your identity.
3. We will verify the identity of the requester using the details provided in the SAR Form and a valid ID (passport, driver’s license, national ID card, etc.).
4. For third-party requests (e.g., from a relative or representative), we will verify their authority to act on your behalf and may seek your consent before disclosing information.
5. Once verified, we will compile all relevant information in a concise, transparent, and accessible format, using clear language. The information may be provided in writing, electronically, or orally if appropriate. We may also contact you to ask you for further information in relation to your request to speed up our response.
6. If the request concerns another person’s data, we will seek their consent before proceeding. If disclosure could affect others' rights, we may withhold information and inform you of the decision.
7.1. We aim to respond to your request within one month. If your request is complex, we may require more time and will keep you informed. However, where we are unable to act on your request, we shall inform you promptly at least within one month of receipt of the request of the reasons for not taking action and give you the option of lodging a complaint with the NDPC.
7.2. If your request is linked to a rights violation, we will investigate and take appropriate remedial action, such as correcting the data or enhancing security controls. You shall be appropriately informed of the remedies employed.
7.3. Any information provided to you by us shall be provided free of charge. However, where requests are manifestly unfounded or excessive in particular because of their repetitive or cumbersome nature, we may:
a. charge a reasonable fee taking into account the administrative costs of providing the information or communication, taking the action required or making a decision to refuse to act on the request; or
b. write a letter to you stating refusal to act on the request and copying the National Information Technology Development Agency (NITDA).
To the extent permitted by applicable laws, we may refuse to act on your request, if at least one of the following applies:
a) in compliance with a legal obligation to which we are subject;
b) protecting your vital interests or of another natural person; and
c) for public interest or in exercise of official public mandate vested in us.
For any queries or requests regarding our Data Protection Privacy Policies, please contact us at support@heirstechnologies.com or submit a SAR Form.
Book a consultation
Discover how our services can drive your digital transformation
Support
Need help? Click Support to connect with our team and find the solutions you need.
Cookie Notice
Our site uses cookies to enhance your experience and improve our website based on your usage. You can modify your preference by accepting or rejecting. For more detailed information about the cookies we use and how we process your data, see our Privacy Policy and Cookies Policy
