Introduction
LoyaOne Inc (LoyaOne, “We”, “Us” or “Our”) is the owner and operator of LoyaOne, an application and any other software, online platform, website, mobile or tablet application or domains used to provide our services (referred to as the “Platform”). LoyaOne is a loyalty rewards and referral platform that helps businesses develop reward programs to enhance customer retention (referred to as the “Services”). This Privacy Notice (“Notice”) governs your use of our Platform and your rights regarding our collection, use, storage, and protection of your data. Your privacy is important to us.
Your personal data that we process
Personal data means any information about an individual from which that person can be directly or indirectly identified. While using the Platform, we may ask you to provide us with certain personal data directly to contact or identify you, and some automatically for our application to function effectively. We also collect personal data through your use of our services or from third-party sources. The personal data we collect includes:
- Your name
- email address
- phone number
- Contact number
- Location
- The IP address used to connect your device to the internet for identification purposes
- Date and time of visit
- Web pages visited, duration and frequency of visit.
Cookies
Cookies are tools used to collect information from you when you visit our website automatically. We do not use any cookies on our website. Whenever we decide to use Cookies, we will provide you with a Cookies Notice.
Purpose of processing your data and the lawful basis
We collect your data to:
Purpose of Processing | Lawful Bases |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
Your rights as a data subject
As a data subject, the law vests you with certain rights—they include the right to:
- Access personal data we hold about you by requesting a copy of the personal data we hold about you;
- Rectify such information where you believe it to be inaccurate;
- Restrict the processing of your data in certain circumstances;
- Object to the processing of your data where we intend to process such data for marketing purposes;
- Not to be subject to a decision solely based on automatic processing of data except as allowed under the relevant law;
- Where feasible, receive all personal data you have provided to us—in a structured, commonly used, and machine-readable format—and transmit the information to another data controller;
- Request the erasure of your data (also known as the right to be forgotten);
- Withdraw your consent to the processing of your personal data; and
- Lodge a complaint with a relevant authority, where you have reason to believe that we have violated the term(s) of this Privacy Notice. (You may complain or seek redress from us within 30 days from the time you first detected the alleged violation.)
You may seek to exercise any of the above rights at any time by sending us an email at:hello@loyaone.com
The regulatory authority is the Nigeria Data Protection Commission, and complaints can be sent via email atdpo@ndpc.gov.ng
Who we share your data with
We can share your data with the following third parties:
- LoyaOne’s subsidiaries and affiliated entities that provide services, including conducting data processing on our behalf, or for data verification, data centralisation and logistics purposes
- Affiliated entities that provide payment processing services on our behalf
- Google: because we use various Google APIs and services on our application/website
- Legal and Regulatory Authority – We disclose your data if we believe it is reasonably necessary to comply with a law, regulation, order, subpoena, audit, or to protect the safety of any person, to address fraud, security or technical issues
Retention of your data
Your personal data or any other information collected will be stored for as long as necessary to fulfill the purposes described in this Notice. However, we will also retain data subject to relevant provisions of applicable laws, resolve disputes, and enforce our legal agreements and policies. We delete your data for targeted marketing purposes once you unsubscribe from our marketing communications. Please note that your data may be retained for a more extended period, notwithstanding your request to remove your data, where there is a legal requirement to do so.
How your data is stored
We protect your data using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls, and information access authorisation controls. Where there is an actual or suspected data breach capable of causing harm to your rights and freedoms, we will notify you without undue delay and use our best effort to remedy the violation within one (1) month from the date we notify you.
International transfer of data
To achieve the purposes described in this Notice, we may transfer your data to countries that may not offer an adequate protection level or are not considered to have sufficient law by the National Information Technology Development Agency (NITDA). Where personal data is to be transferred to a country outside Nigeria, we shall put adequate measures to ensure data security. Our data transfers to countries that do not offer an adequate protection level are subject to the conditions under the Nigeria Data Protection Act (NDPA). We will therefore only transfer Personal Data out of Nigeria on one of the following conditions:
- Your consent has been obtained;
- The transfer is necessary for the performance of a contract between Us and you or the implementation of pre-contractual measures taken at your request;
- The transfer is necessary to conclude a contract between Us and the third party in your interest;
- The transfer is necessary for reasons of public interest;
- The transfer is for the establishment, exercise or defense of legal claims;
- The transfer is essential to protect your vital interests or other persons, where the Data Subject is physically or legally incapable of giving consent.
Marketing and communications
We only send marketing communications to you with your consent. You may choose to opt out of our marketing emails by clicking on the ‘unsubscribe’ button at the bottom of the page
Security of your data
We are very particular about preserving your privacy and protecting your data. We deploy all reasonable and appropriate technical and organisational measures to keep your data safe. However, we cannot completely guarantee the security of any information you transmit via our application as the internet is not an entirely secure place. We are committed to doing our best to protect you.
Complaints
If you are concerned about an alleged breach of privacy law or any other regulation by us, you can contact the Data Protection Officer (DPO) via hello@LoyaOne.com. The DPO will investigate your complaint and provide information about how your complaint is handled. Please be informed that you may complain to the relevant data protection authority where your complaints are not satisfactorily addressed
Changes to this notice
We update our privacy notice from time to time. We will notify our users when we change it, and visitors will know this by checking the last date of update on this page whenever you visit.
Contact us
If you have any questions relating to this Notice, you can reach us at: hello@LoyaOne.com Office Address: 32B, Okunola Aina Street, Maryland, Lagos State