Data Protection And Privacy Policy

Updated 7/18/2022

1.   PREAMBLE

DUKKA INC. respects your privacy and is committed to protecting your data.

2.   INTRODUCTION

This Data Protection and Privacy Policy (the “Privacy Policy”) describes your privacy rights regarding DUKKA INC. (“we”, “us” or “our”) collection, use, storage, sharing, and protection of your personal information. It applies to our website and all related sites, applications, services, and tools (“Services”) regardless of how you access or use them.

This Privacy Policy applies to all forms of systems, operations, and processes within our environment that involve the collection, storage, use, transmission, and disposal of Personal Information (described below). It is provided to help you understand what information we collect from you, how the information collected is used, how we protect it, and your rights to it, amongst others.

This Privacy Policy is strictly restricted to only our Services and therefore does not apply to services that are not owned or controlled by us, including third-party websites. We are committed to handling all Personal Information provided to us in compliance with both applicable and model data protection and privacy laws.

3.   CONSENT

By using our Services in any manner, you confirm to us that you have read and accepted this Privacy Policy and consent to the data practices described in this Privacy Policy. If you do not intend to accept this Privacy Policy or do not meet or comply with the provisions set forth herein, then you may not use our Services.

4.   THE INFORMATION WE COLLECT

A.  Personal Information

As part of our operations, we collect and process certain types of information (such as name, telephone numbers, address, PIN, etc.) of individuals that make them easily identifiable. These individuals include current, past, and prospective registered users, prospective users, newsletter applicants, any and all other persons that in one way or the other interact with our Platform (“Users”), and other individuals with whom we communicate or deal with, jointly and/or severally.

To use our Services, you will be required and hereby undertake to voluntarily provide us with certain Personal Information. Personal Information refers to information relating to an identified person or information that can be used to identify you, (e.g., name, email address, telephone number). It may also include anonymous information that may be linked to you specifically, (e.g., IP address).

We use your Personal Information to:

  1. provide you with the required Services
  2. respond to your questions or requests
  3. improve features, website content and analyse data to develop products and services
  4. address inappropriate use of our Services
  5. prevent, detect and manage risk against misinformation, wrong use, and illegal activities using internal and third-party screening tools
  6. send you marketing content, newsletters, and service updates curated by us, however, we will provide you with an option to unsubscribe if you do not want to hear from us
  7. verify your identity and the information you provide in line with our statutory obligations using internal and third-party tools
  8. maintain up-to-date records
  9. resolve disputes that may arise, including investigations by law enforcement or regulatory bodies
  10. any other purpose that we disclose to you while providing our Services to you

We may retrieve additional Personal Information about you from third parties and other identification/verification services. With your consent, we may also collect additional Personal Information in other ways including emails, surveys, and other forms of communication. Once you begin using our Services, we will keep records of and collect information regarding your activities as it relates to our Services. We will not share or disclose your Personal Information with a third party without your consent except as may be required for the purpose of providing you with our Services or under applicable legislation.


B.  Information that we collect from website visitors not Users

As a visitor to our website, we do not collect your Personal Information. However, so we can monitor and improve our website and Services, we may collect non-personally identifiable information. We will not share or disclose this information with third parties except as a necessary part of providing our Services. We may where applicable, use the information to target advertisements to you.


C.  Purpose Limitation

We collect Personal Information only for identified purposes and for which consent has been obtained. Such Personal Information cannot be reused for another purpose that is incompatible with the original purpose, except consent is obtained for such purpose


D.   Data Minimization

We limit Personal Information collection and usage to data that is relevant, adequate, and absolutely necessary for carrying out the purpose for which the data is processed. We will evaluate whether and to what extent the processing of Personal Information is necessary and where the purpose allows, anonymized data will be used.


E.   Cookies

We use cookies to identify you as a User and make your user experience easier, customise our Services, content, and advertising, and where applicable help you ensure that your account security is not compromised. We also use cookies to mitigate risk and prevent fraud, promote trust and safety on our website. Cookies allow our servers to remember IP addresses, date and time of visits, monitor web traffic and prevent illegal activities.

Our cookies do not store personal or sensitive information. They simply hold a unique random reference to you so that once you visit our website, we can recognize who you are and provide certain content to you. If your browser or browser add-on permits, you have the choice to disable cookies on our website, however this may impact your experience with using our website.



5.   HOW WE PROTECT YOUR INFORMATION

We shall establish adequate controls in order to protect the integrity and confidentiality of your Personal Information, both in digital and physical format and to prevent your Personal Information from being accidentally or deliberately compromised.

We are committed to managing your Personal Information in line with global industry best practices. We protect your Personal Information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration, we also use industry recommended security protocols to safeguard your Personal Information. Other security safeguards include but are not limited to data encryption, firewalls, and physical access controls to our building and files and only granting access to your Personal Information to only employees who require it to fulfil their job responsibilities. No Personal Information processing will be undertaken by an employee who has not been authorised to carry such out as part of their legitimate duties.

6.   HOW WE SHARE THE PERSONAL INFORMATION YOU PROVIDE

We do not sell, trade, or rent Personal Information to anyone. However, to enable us to render our Services to you on our website, we may share your information with trusted third parties, such third parties include sanctions screening and identity verification services as well as any third parties that you have directly authorised to receive your Personal Information.

We may disclose your Personal Information in compliance with applicable law or a legal obligation to which we are bound. Please note that third-party sites you engage with through our Services will have their privacy policies, and we are therefore not responsible for their actions, including their information protection practices. The use of your information by such third parties will be subject to their applicable privacy policy, which you should carefully review.

7.   TRANSFER OF PERSONAL INFORMATION

A.  Third Party Processor within Nigeria

We may engage the services of third parties to process your Personal Information. The processing by such third parties shall be governed by a written contract with us to ensure adequate protection and security measures are put in place by the third party for the protection of Personal Information in accordance with the terms of this Privacy Policy.

B.   Transfer of Personal Information to Foreign Country

In providing you with the Services, we may rely on third-party servers located in foreign jurisdictions from time to time, which as a result, may require the transfer or maintenance of your Personal Information on computers or servers in foreign jurisdictions.

Where such Personal Information is to be transferred to a country outside Nigeria, we shall put adequate measures in place to ensure the security of such Personal Information. We shall, among other things, confirm whether the country is on the National Information Technology Development Agency (“NITDA”) Whitelist of Countries with adequate data protection laws.

The transfer and subsequent processing of such Personal Information would be in accordance with the provisions of the Nigeria Data Protection Regulation ("NDPR”) which we comply with. We will therefore only transfer and permit the processing of Personal Information outside of Nigeria where:

  1. your consent have been obtained
  2. the transfer and processing are necessary for the performance of a contract between us or implementation of pre-contractual measures taken at your request;
  3. the transfer and processing are necessary to conclude a contract between us and a third party in your interest;
  4. the transfer and processing are necessary for reasons of public interest
  5. the transfer and processing are for the establishment, exercise or defence of legal claims
  6. the transfer and processing are necessary to protect your vital interests or that of other persons, where you are physically or legally incapable of giving consent.

We will take all necessary steps to ensure that your Personal Information is transmitted and processed in a safe and secure manner. Details of the protection given when your Personal Information is transferred outside Nigeria shall be provided to you upon request.

8.   DATA RETENTION

We will retain your Personal Information for as long as is needed to provide our Services to you, comply with our legal and statutory obligations or verify your information with the required verification authorities. Therefore, even after discontinuance of our Services, we will retain certain Personal Information and transaction data to comply with our legal and regulatory obligations. All Personal Information shall be destroyed by us where we have satisfied the legal retention timeframe.

For all Personal Information and records obtained, used, and stored by us, we shall perform periodical reviews of the data retained to confirm the accuracy, purpose, validity, and requirement to retain. The length of storage of your Personal Information shall, amongst other things, be determined by:

  1. the contract terms agreed between us or as long as it is needed for the purpose for which it was obtained; or
  2. whether the transaction or relationship has statutory implication or a required retention period; or
  3. whether there is an express request for deletion of the Personal Information by you, provided that such request will only be treated where you are not under any investigation which may require us to retain such Personal Information or there is no subsisting contractual arrangement with you that would require the processing of the Personal Information; or
  4. whether we have another lawful basis for retaining that information beyond the period for which it is necessary to serve the original purpose.

9.   CHOICES AND RIGHTS

Once your Personal Information is held by us, you are entitled to reach out to us to exercise the following rights:

  1. the right to request for and access your Personal Information collected and stored. Where data is held electronically in a structured form, such as in a Database, you have a right to receive that data in a common electronic format,
  2. the right to information on your Personal Information collected and stored,
  3. the right to objection or request for restriction,
  4. the right to object to automated decision making,
  5. the right to request rectification and modification of your Personal Information which we keep,
  6. the right to request for the deletion of your data,
  7. the right to request the movement of your data from us to a third party called the right to the portability of data; and
  8. the right to object to, and to request that we restrict the processing of your Personal Information. We shall inform you of the effect of such restrictions and how it will affect our Services to you.

Your request will be reviewed by us and carried out except as restricted by law or our statutory obligations. You may review and update your Personal Information directly or by contacting us via email at help@dukka.com

10.   AGE RESTRICTION

Our Services are directed to people between the ages of 18 and above. If as a parent or guardian, you become aware that your child or ward has provided us with any information without your consent, please contact us via email at help@dukka.com

111.   UPDATES, MODIFICATIONS AND AMENDMENTS

We reserve the right to update, modify, change or revise this Privacy Policy from time to time. The changes will not be retroactive, and the most current version of this Privacy Policy which will always be on this page and will continue to govern our relationship with you. We advise that you check this page often, referring to the date of the last modification on the page.

We will also try to notify you of any material changes which could be done via email associated with your account or service notification. By continuing to use our Services after the changes become effective, you agree to be bound by the revised Privacy Policy.

12.   CONTACT US

You may contact us upon becoming aware of any breach of Personal Information or if your access to our Services has been compromised, to enable us to take the necessary steps towards ensuring the security of your Personal Information.

You may also contact us if you have any questions relating to this Privacy Policy or would like to find out more about exercising your data protection rights. All questions and inquiries may be sent to us via email at help@dukka.com