Privacy Policy

Privacy Policy

Last updated: [DATE]

About this policy

Nexacare Centre for Digital Health and Community Wellbeing (CAC RC 9449732, "Nexacare", "we", "us") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website at nexacarecentre.org/ or interact with us through our digital channels. This Policy is grounded in the Nigeria Data Protection Act 2023 and the Nexacare Data Protection Policy.

What personal data we collect

  • Information you submit through our forms: name, email address, organisation, subject, and message content.
  • Information collected automatically: IP address, browser type, device type, pages visited, and time spent (used for site analytics in aggregate).
  • Cookies: we use a small number of cookies for essential site function and aggregate analytics. See our Cookie Notice in the cookie banner.

Why we collect it

  • To respond to your enquiry or partnership request.
  • To process safeguarding concerns and route them to our Designated Safeguarding Lead.
  • To improve our website and understand how visitors use it.
  • To meet our legal and donor compliance obligations.

Lawful basis

We process personal data on the lawful bases of consent (where you submit a form), legitimate interest (institutional operation and improvement), legal obligation (NDPA 2023, anti-money-laundering, statutory filings), and contract performance (where applicable).

Sharing of data

We do not sell your personal data. We share personal data only with: Nexacare personnel and Trustees on a need-to-know basis; service providers under contract (hosting, email, analytics); regulators where the law requires; donors where the relevant grant agreement requires.

Retention

Personal data is retained per the Nexacare Records Retention and Disposal Schedule. Form submissions are typically retained for two years; correspondence longer where business need or law requires.

Your rights under the NDPA 2023

  • Right of access. You may request a copy of your personal data.
  • Right of rectification. You may request correction of inaccurate data.
  • Right of erasure. You may request deletion of your data where the lawful basis no longer applies.
  • Right to restrict processing.
  • Right to data portability.
  • Right to object.
  • Right to lodge a complaint with the Nigeria Data Protection Commission.

To exercise any of these rights, contact info@nexacarecentre.org.

Security

We protect personal data through technical and organisational measures consistent with the Nexacare Information Security Policy: encryption in transit (HTTPS), access controls, regular backups, and staff training.

Updates to this Policy

This Policy may be updated from time to time. The “Last updated” date at the top reflects the most recent change. Material changes will be communicated through the website.

Data Protection Officer

Nexacare’s Data Protection Officer is reachable through info@nexacarecentre.org.

  • Main Menu
Shopping cart close