Data Privacy Policy
Welcome to Syssoft Consultants Limited (Syssoft Consultants) privacy policy. We appreciate you taking the time to read all our notices carefully. Syssoft Consultants is committed to protecting your privacy by ensuring that any personal data collected is used lawfully and transparently.
This privacy policy explains how personal data is collected and used when you use our website. It also explains how we process any data that you supply to us on this website, for instance, to request a quote or to use our online services.
This Privacy Notice explains:
- Who we are
- Personal data we collect
- Our legal basis for processing
- Who we may share information with and why
- Where we may transfer data to
- How we keep information secure and deal with security incidents
- How long we may keep your data for
- Your data privacy rights
- How to contact our DPO and the Data Controller
1.0 Who is Consultants Ltd?
Syssoft Consultants Ltd (Nig) is a software engineering company that began operation in 1994. We specialize in Insurance application solutions for General Business / Life & Pension. These solutions cover the core area of underwriting, claims, and agency accounts, as well as administrative areas of marketing, general accounts, human resources and Payroll management.
Syssoft Consultants is governed by a 5-Member board of directors, and managed by 8 technical executives who are co-investors in the company, and our support staff. Syssoft Consultants is the project leader and coordinator for the IES-Online software solution for Africa.
When providing these services, we take our responsibilities regarding data protection very seriously and are bound by all applicable data protection laws in respect of the handling, processing and collection of data. All employees who handle personal and business data are fully trained to ensure that the data is processed in line with Nigeria Data Protection Regulation (NDPR 2019).
2.0 Data Protection Policy
Syssoft Consultants recognize the importance of client’s privacy and the need to securely hold personal information relating to them.
This Privacy Policy explains what information we collect, how we collect, share, use, and protect your personal information when you visit or use our web site and other services offered by Syssoft Consultants. You are also informed of your rights regarding the information we process and how you can contact us. By continuing to visit our websites (www.syssoftcons.net) and other Syssoft Consultants customer touch points, you accept and consent to the practices described in this policy
3.0 Purpose of This Policy
This Policy sets out how Syssoft Consultants will process the personal data of its customers, staffs, suppliers and other third parties.
This Policy applies to all personal data that the company processes, regardless of the format or media on which the data are stored or who it relates to.
4.0 Scope of This Policy
This policy applies to all parties employees of the company, its subsidiaries and other stakeholders who may provide information to the Company such clients / customers, are expected to follow the policy along with any entity the Company collaborates with or such entity that Acts on behalf of the Company who may have need of the data we have.
5.0 Personal Data
Personal data is defined under the Nigerian Data Protection and Compliance Regulations (NDPR) as: “Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
6.0 The Data We Collect
Personal information refers to data that could identify a specific individual such as names, addresses, e-mail addresses, and telephone numbers. We collect information about you from various sources such as websites visits, applications, identification documents, personal financial statements, interactions with our relationship management officers, and other third parties (Business Partners, payment gateways etc.) and other written or electronic communications. Depending on your medium of interaction with Syssoft Consultants, we collect various types of information from you, as described below.
- Personal details (e.g. name, date of birth, passport information or other identification information)
- Contact details (e.g. phone number, email address, postal address or mobile number);
- Transactional details (e.g. payments you make and receive)
- Biometric information (e.g. fingerprints, facial recognition, or voice recognition)
- Financial information (e.g. bank account number, debit card numbers, financial history) including information you provide to deliver payment initiation services and account information services regarding accounts you hold with other providers
- Education and employment information.
- Information about your family, lifestyle and social circumstances (such as dependents, marital status, next of kin and contact details);
- Information about any other Syssoft Consultants products and services you currently have, you have applied for, or you have previously held.
- Visual images and personal appearance (such as copies of passports or CCTV images
- Online profile and social media information and activity, based on your interaction with us and our websites and applications, including for example your banking profile and login information, Internet Protocol (IP) address, smart device information, location coordinates, online and mobile banking security authentication, mobile phone network information, searches, and site visits.
7.0 HOW WE COLLECT YOUR INFORMATION
We collect personal information from different sources. Most of the data we collect will come from you, for example when you:
In addition, as you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs, and other similar technologies
- enquire about our activities, our services, or ask us a question;
- provide your contact details to us when registering to use or accessing any websites or portals we make available or when you update those details;
- request marketing material to be sent to you;
- e-mail or get in contact with us in some way;
- voluntarily complete a customer survey or provide feedback on any of our message boards or via email or participate in any other interactive areas that appear on our website or portals;
- use or view our website via your browser’s cookies;
- interact with us using social media; contact us offline, for example by telephone, SMS, e-mail, post or any other means of communication;
Partially complete and/or abandon any information inputted into our website and/or other online forms and may use this information to contact you to remind you to complete any outstanding information
8.0 INFORMATION FROM THIRD PARTIES
We may receive Information about you from certain government agencies, which provide us mortgage loan reports, credit, claim reports, and/or credit information, where permitted by law. When you ask for a rate quotation, we may obtain certain information as permitted by applicable law.
8.1 THE INFORMATION WE DISCLOSE
Information about our customers or former customers will only be disclosed as permitted or required by law. Information about you that has been collected is maintained in your mortgage loan records.
We use this Information to process and service your mortgage; with your consent; or as directed by you. We may also disclose it to persons or organizations as necessary to perform transactions you request or authorize. Information about our former customers and about individuals who have obtained quotes from us is safeguarded to the same extent as Information about our current policyholders.
8.2 THE FOLLOWING ARE EXAMPLES OF HOW WE MAY DISCLOSE INFORMATION
We share information:
- With trusted businesses or persons for the purpose of processing personal information on your behalf. We require that these parties agree to process such information based on our instructions and in compliance with the General Data Protection Regulation (GDPR) and the Nigerian Data Protection Regulation (NDPR) and any other appropriate confidentiality and security measures.
- To satisfy any applicable law, regulation, legal process or enforceable governmental request.
- To enforce applicable Terms of Service, including g investigation of potential violations thereof.
9.0 Our Legal Basis for Processing
Before processing any personal data, we ensure that at least one lawful basis under NDPR is met. We will not disclose personal data for any purpose other than what the data was originally collected for; unless there is an overriding legal basis that enables this processing. Syssoft Consultants personnel or any third party acting on its behalf shall only process your personal data if at least one of these conditions are met:
- Consent: this refers to any freely given, specific, informed, and unambiguous indication through a statement or a clear affirmative action that signifies your agreement to the processing of your Personal Data by Syssoft Consultants. Syssoft Consultants shall not seek consent that may engender direct or indirect propagation of atrocities, hate, criminal acts, and anti-social conducts.
- Contract: processing is necessary for the performance of a contract or entering a contract at your request.
- Legal obligation: processing is necessary for compliance with a legal obligation to which Syssoft Consultants is subject.
- Vital interest: processing is necessary to protect your vital interests or those of another natural person.
- Public interest: processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Syssoft Consultants.
- Vendors, Consultants and Third-party Service Providers: processing is required for legitimate interests of Syssoft Consultants or a third party insofar as this does not conflict with the requirements for the protection of your personal data
10.0 HOW WE USE YOUR PERSONAL DATA
To the extent permissible under applicable law, we may use your information for the following legitimate actions:
- Providing and operating the products and services you have requested
- For other related purposes which may include updating and enhancing Syssoft Consultants records, understanding your financial needs, conducting credit checks, reviewing credit worthiness, and assisting other financial institutions to conduct credit checks
- Identifying and informing you about other products or services that we think may be of interest to you
- For crime/fraud prevention and debt collection purpose
- To plan, conduct and monitor Syssoft Consultants’ business
- For improving the design and marketing of our range of services and related products for customer use.
- Compare information for accuracy and to verify it with third parties/publicly available information.
- Manage our relationships with you
- To monitor, carry out statistical analysis and benchmarking to identify potential markets and trends, evaluate and improve our business
- Monitor activities at our facilities, including compliance with applicable policies
- For purposes required by law or regulation Without your personal information, we may not be able to provide or continue to provide you with the products or services that you need.
11.0 CONFIDENTIALITY AND SECURITY OF YOUR INFORMATION
We restrict access to your Information to our employees who we have determined they need it in order to provide products or services to you. We train our employees to safeguard customer information, and we require them to sign confidentiality and non-disclosure agreements. We maintain strict physical, electronic, and procedural safeguards to protect your Information from unauthorized access by third parties.
12.0 TRANSFER OF PERSONAL DATA
Personal data collected by Syssoft Consultants may be transferred among its various divisions (with personnel who have business need to know). Other than to those individuals and entities listed below, your details will not be revealed by Syssoft Consultants to any external body unless Syssoft Consultants has your permission or is under either a legal obligation or any other duty to do so. For the purposes detailed above, your information may be disclosed to:
- Other Branches in Syssoft Consultants
- Any regulatory, supervisory, governmental, or quasi-governmental authority with jurisdiction over Syssoft Consultants
- Any agent, contractor or third-party service provider, professional adviser, or any other person under a duty of confidentiality to Syssoft Consultants.
- Credit reference agencies and, in the event of default, dept collection agencies.
- Any actual or potential participant or sub-participant in, assignee or transferee of the Syssoft Consultants rights and/or obligations in relation to you.
- Any financial institution with which Syssoft Consultants has or proposes to have dealings.
- If we intend to transfer the personal data to a third party or international organization, we ensure this is done securely. The Honorable Attorney General of the Federation (HAGF) will approve sending personal data to some countries because they require a minimum standard of data protection. In other cases, we shall ensure that there are specific measures in place to secure your information.
13.0 DATA RETENTION
Information held about you is retained if the purpose for which the information was collected continues. The information is then destroyed unless its retention is required to satisfy legal, regulatory, or accounting requirements or to protect Syssoft Consultants interest. Please note that regulations may require the Bank to retain your personal data for a specified period even after the end of your banking relationship with us. It is your responsibility to maintain the secrecy of any user ID and login password you hold.
All data subjects have individual rights. On a case by case basis, you have the following rights in relation to your personal data processed by Syssoft Consultants:
- The right to be informed – To emphasize the need for transparency over the usage of personal data, we ensure fair processing of information typically through this privacy policy.
- The rights to access – You have the right to request from Syssoft Consultants for copies of your personal data where those requests are reasonable and permitted by law or regulation. We may charge you a small fee for this service.
- The right to rectification – You have the right to request that Syssoft Consultants correct any information you believe is inaccurate. You also have the right to request Syssoft Consultants. to complete information you believe is incomplete.
- The right to restrict processing – You have a right to ‘block’ or withdraw your consent to our processing of your information, which you can do at any time. When processing is restricted, we are permitted to store the personal data, but not further process it.
- The right to erasure – You have the right to request the deletion or removal of personal data where there is no compelling legal or regulatory requirement for its continued processing. Syssoft Consultants will make sure that this right is protected.
- The right to data portability – You have the right to request that the bank transfer the data that we have collected to another organization, or directly to you, under certain conditions. We will ensure that personal data is moved, copied, or transferred easily from one IT environment to another in a safe and secure way, without hindrance to usability.
- The right to object – You have the right to object to our processing of your information if there are compelling legitimate grounds to do so and to the extent permitted by law or regulation. To exercise your right(s), please contact the Data Protection Office of Syssoft Consultants.
You also have the right to:
- The right to receive your Personal Data in a commonly used and machine-readable format and the right to transmit these data to another Data Controller when the processing is based on (explicit) consent or when the processing is necessary for the performance of a contract.
- The right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) where you believe our processing of your data violates the requirements of the Nigeria Data Protection Regulation 2019 (NDPR).
Syssoft Consultants reserves the right to amend its prevailing Data Protection and Privacy Statement at any time and will place any such amendments on our websites (www.syssoftcons.net). The latest version of our privacy statement will replace all earlier versions unless it says differently. Please check back frequently to see any updates or changes to our Notice. This policy is not intended to, nor does it, create any contractual rights whatsoever or any other legal rights, nor does it create any obligations on Syssoft Consultants in respect of any other party or on behalf of any party.
Syssoft Consultants has a dedicated representative who can be approached for any questions, comments and requests regarding this privacy policy or our Data Privacy Management System. Frequently asked questions about or NDPR compliance can be accessed here.
You can also write them at:
Data Protection Officer
Syssoft Consultants
No 14, Estaport Avenue
Gbagada Estate, 100242,
Lagos