Data Privacy Policy

Data Privacy Policy

Effective Date: December 30th, 2024

Last Updated: 30th April, 2025

Welcome

We care about your privacy and the information you share with us. We want you to understand how we are using and protecting the information we collect about you. VDL Technologies is respectful of data privacy and adopts best practices in compliance with applicable privacy laws and regulations.

Nigeria Data Protection Act (NDPA) 2023

Nigerian Communications Commission (NCC) Consumer Code of Practice Regulations

  1. Purpose

    This Privacy Notice explains how VDL Technologies uses the personal data we collect from you when you use our website.

  2. Scope

    This Policy applies to all personal data collected, processed, and stored by VDL Technologies from clients, employees, business partners, website visitors, and any other stakeholders. It governs data collection through our website, applications, products, services, and offline activities.

  3. What data do we collect?

    We collect personal data in the following ways:

  4. Legal Basis for Data Processing

    We process your personal data based on the following legal grounds:

    • Consent: When you explicitly agree to the processing of your data.
    • Contractual Necessity: To fulfill our obligations under a contract with you.
    • Legal Obligations: To comply with legal and regulatory requirements.
    • Legitimate Interests: To pursue our legitimate business interests, provided these do not override your rights and freedoms.
    • The lawful basis used Section 24 and Section 30 – Lawful Basis for Processing Personal Data and Duty to Implement Security Measures respectively of the Nigeria Data Protection Act (NDPA) 2023, which says "You can collect data if you have a proper reason and if you respect the users' rights."
    • Contractual Necessity: To fulfill our obligations under a contract with you.
    • Legal Obligations: To comply with legal and regulatory requirements.
    • Legitimate Interests: To pursue our legitimate business interests, provided these do not override your rights and freedoms.
    • The lawful basis used Section 24 and Section 30 – Lawful Basis for Processing Personal Data and Duty to Implement Security Measures respectively of the Nigeria Data Protection Act (NDPA) 2023, which says "You can collect data if you have a proper reason and if you respect the users' rights."

  5. How we use the Data Collected

    We use the personal data that we collect to communicate with you, deliver what you request, improve our service, and to present other information and business offers that may be of interest.

    • YOUR DATA MAY BE USED FOR:

      • Providing and improving our products and services.
      • Personalizing your experience and tailoring content.
      • Processing transactions and fulfilling contractual obligations.
      • Sending marketing and promotional communications (with your consent).
      • Complying with legal obligations and enforcing agreements.

    • SHARING OF PERSONAL DATA

      • Service Providers: Trusted partners who process data on our behalf under strict Drag confidentiality agreements.
      • Regulatory Authorities: Regulatory Authorities: To comply with legal or regulatory requirements.
      • Business Transfers: In the event of a merger, acquisition, or sale of assets.

    • DATA TRANSFERS

      • Compliance with applicable data transfer regulations.
      • Implementation of appropriate safeguards, such as Standard Contractual Clauses (SCCs) or equivalent mechanisms.

  6. How we protect your information

    We take appropriate technical and organizational measures to prevent loss, unauthorized

  7. Your Data Rights

    As a data subject, you have the following rights:

    1. Access and Correction: Request access to or correction of your personal data via contactus@vdltechnologies.com
    2. Erasure: Request deletion of your personal data, subject to legal and contractual obligations.
    3. Data Portability: Receive your data in a portable format.
    4. Objection and Restriction: Object to or request restriction of data processing.
    5. Withdraw Consent: Withdraw consent for data processing at any time.
    6. Lodge a Complaint: File a complaint with a regulatory authority, such as the Nigeria Data Protection Regulation (NDPR) or the relevant GDPR supervisory authority.

  8. Where we store your Information

    All Personal Information you provide to us is stored on our secure servers as well as secure physical locations and cloud infrastructure (where applicable) for the purposes of providing seamless services to you and to ensure business continuity. Whenever your information is transferred to other locations, VDL Technologies will take all necessary steps to ensure that your data is handled securely and in accordance with this privacy policy.

  9. How long we store your information

    We retain your data for as long as is necessary for the purpose(s) that it was collected. Storage of your data is also determined by legal, regulatory, administrative or operational requirements. We only retain information that allows us to comply with legal and regulatory requests for certain data, meet business and audit requirements, respond to complaints and queries, or address disputes or claims that may arise. Data which is not retained is securely destroyed when it is identified as no longer needed for the purposes for which it was collected.

  10. Data Breach Notification

    In the event of a data breach, we will:

    • Notify affected individuals promptly.
    • Report the breach to the relevant regulatory authorities within the required timeframe.

  11. Cookies and Tracking Technologies

    When you use our website to browse our products and services and view the information, we make available, a number of cookies that can either be strictly necessary, ask for consent or third party cookies. We use cookies and similar technologies to enhance your browsing experience and collect usage data. You can manage your cookie preferences through your browser settings.

  12. Transfer of Data outside Nigeria

    We utilize the appropriate data transfer mechanism or its relevant exceptions to transfer data beyond the borders of Nigeria. Prior to any such transfer, we diligently establish suitable safeguards, ensuring that the recipient of personal data adheres to legal frameworks, binding corporate rules, contractual clauses, codes of conduct, or certification mechanisms that guarantee an adequate level of protection for personal data. These measures are aligned with the provisions outlined in the Nigeria Data Protection Regulation (NDPA), 2023.

  13. Policy Update

    We may update this Privacy Policy from time to time to reflect changes in our practices

  14. Getting in touch

    If you have any questions, concerns or complaints about VDL Technologies personal data practices or this privacy policy, we encourage you to get in touch with our Data Protection Officer.

    The contact information for VDL Technologies’ Data Protection Officer is Ifeoluwa Omokehin. Please reach out with contactus@vdltechnologies.com.