PRIVACY POLICY
INTRODUCTION
This
Privacy Policy covers how we, EKEDC, and our affiliates handle personal data
when you interact with us through our website, mobile app or in person (including by phone or when visiting any
of our office).
At
Eko Electricity Distribution Company [“EKEDC”], we believe strongly in
fundamental privacy rights as embedded in all applicable laws and regulations,
such as but not limited to the Nigerian Data Protection Act 2023 (NDPA), which
binds us and all customers and representatives (data subjects) whose personal
data we process.
Personal
Data includes any information that directly
identifies you (e.g., name) or can reasonably be linked to you
(e.g., device serial number).
By
accepting this Privacy Policy, you consent to EKEDC collecting and using your
Personal Data as allowed by law, with the
right to withdraw consent readily available subject to legal obligations.
We
may change this Privacy Policy from time to time.
If we make changes, we will notify you by revising the date at the top of
this policy, and we may provide you with additional notice (such as by
adding a statement to the homepages of our website or mobile app, or by sending
you an email notification).
We
encourage you to review the Privacy Policy
whenever you interact with us to stay informed about our information practices
and the ways you can help protect your privacy.
1.
LAWFUL BASIS FOR PROCESSING YOUR INFORMATION
All Personal Data that we collect and process is justified by one or
more of the following lawful reasons:
·
You have given consent to the processing;
·
Processing is necessary for the performance
of a contract which you are a party or to take steps to enter into a
contract;
·
Processing is necessary for compliance with
legal and regulatory obligations to which we are subject;
·
Processing is necessary in order to protect
your vital interests or another natural person; and
·
Processing is necessary for the performance of a
task carried out in the public interest.
·
Processing is necessary for the purposes of our legitimate
interests or those of a third party, provided that such interests are
not overridden by your rights and freedoms, are not incompatible with any
of the above lawful bases, or beyond your reasonable processing expectations.
2.
TYPES OF PERSONAL DATA WE PROCESS
We may collect and process the
following information about you:
·
Information you provide to us, for example, when you fill
out a contract or web form, or if you register to receive alerts or updates.
·
When you provide your Personal Data while signing up for a
service or purchasing a product.
·
Personal Data that we obtain or learn, such as information
about the browser or device you use to access this site (“cookies”), how
you use this site and the pages you visit, traffic and location data.
·
When you contact our customer support, whether by phone,
email, or chat
We may
request information to help resolve site issues or invite you to take part in
research surveys, which are optional.
3.
MEANS OF COLLECTING DATA
We
use different methods to collect Personal Data from and about you including
through:
4.
USE OF YOUR PERSONAL DATA
We may use your Personal Data as
follows:
·
Provide, maintain,
and improve our services.
·
Provide and deliver
the products and services you request, process bill payment transactions, and
send you related information, including confirmations.
·
Verify your identity
and prevent fraud.
·
Send you technical
notices, updates, security alerts and support, and administrative messages in
line with our business with you.
·
Respond to your
comments, questions, and requests and provide customer service.
·
Communicate with you
about products, services, offers, promotions, rewards, and events offered by EKEDC
and others, and provide news and information we think will be of interest to
you.
·
Monitor and analyse
trends, usage, and activities in connection with our services.
·
Personalize and
provide advertisements, content or features to improve EKEDC’s services.
·
Process and deliver
contest or promotion entries and rewards.
·
Link or combine with
information we get from others to help understand your needs and provide you
with better service.
·
Carry out any other
purpose for which the Personal Data was collected.
5.
DISCLOSURE OF YOUR PERSONAL DATA
EKEDC
will disclose your Personal Data to third parties in the following
circumstances:
·
With your consent or
based on our contract with you, we may provide such Personal Data to affiliated
companies or other trusted businesses or persons for the purpose of processing
Personal Data on our behalf. We require that these parties agree to process
such Personal Data based on our instructions and in compliance with the
Applicable Laws and any other appropriate confidentiality and security measures.
Where they no longer need your Personal Data to fulfil this service, they will
dispose of the details in line with Applicable Laws.
·
In response to a request
for Personal Data, if we are required by, or we believe disclosure is in accordance
with, any Applicable Law.
·
With relevant regulatory
authorities, law enforcement officials, a court order, and investigators,
in line with our legal obligation.
·
In connection with,
or during negotiations of, any merger, sale of EKEDC assets, financing or
acquisition of all or a portion of our business to another company on the
basis of your existing contract with us or consent; and
·
With your consent
or at your direction, including if we notify you that the Personal Data you
provide will be shared in a particular manner and you provide such Personal
Data.
6.
STORAGE AND TRANSFER
OF YOUR PERSONAL DATA
We
process Personal Data in digital and physical formats. Physical records Physical
records are secured in a locked fireproof safe while digital data is stored on
cloud platforms with data centres located both within and outside Nigeria.
By
accessing or using our Services or otherwise providing information to us, you
consent to the processing and transfer of your information within Nigeria and
to other countries where we or our cloud service providers operate. Where data
is transferred outside Nigeria, we ensure that the recipient country has
data protection laws that are adequate and comparable to those in Nigeria.
Note
that where your data is transferred to other countries there might be an
increased risk with your personal information, particularly where such
jurisdiction is not subject to the same level of protection as in Nigeria.
We take reasonable steps to
mitigate these risks, including through the use of contractual safeguards
(such as Standard Data Protection Contractual Clauses), security measures, and
by ensuring that third parties processing data on our behalf adhere to high
data protection standards.
7.
SECURITY
EKEDC
takes reasonable measures to help protect all Personal Data about you from
loss, theft, misuse and unauthorized access, disclosure, alteration and
destruction.
We
protect your Personal Data through strict policies, digital and physical
safeguards such as firewalls, encryption, restricted access, and staff training
to prevent data breaches, including using measures such as encryption, access
controls, multi-factor authentication, security testing, audit logs, staff
training, and data retention policies.
8.
PERSONAL DATA
RETENTION PERIOD
We keep Personal Data only as long as needed or as
required by law, and securely delete it once no longer necessary or upon
request, in line with applicable regulations.
9. YOUR RIGHTS AS A DATA
SUBJECT
At
any point while we are in possession of or processing your Personal Data, you,
the data subject, have the following rights, including the right to:
·
withdraw your consent
at any time of our processing of your data
·
request access to a
copy of the information that we hold about you
in a commonly structured format.
·
Lodge a complaint
with the Nigeria Data Protection Commission
if you have a reason to believe that your rights have been violated at (https://ndpc.gov.ng/)
·
correct data that we
hold about you that is inaccurate or incomplete
subject to verification of the accuracy of the new data provided.
·
request for the data
we hold about you to be erased from our
records.
·
restrict our
processing activities on your data
·
request that the data
we hold about you be transferred to another
organisation
·
object to certain
types of processing such as direct
marketing
object to
automated processing, including profiling.
10.
BREACH/PRIVACY
VIOLATION
In
the event of a breach of security leading to the accidental or unlawful destruction,
loss, alteration, unauthorized disclosure of, or access to Personal Data, EKEDC
shall within 72 (Seventy-Two) hours of having knowledge of such breach report
the details of the breach to the Commission. Furthermore, where we ascertain that such breach is detrimental to your
rights and freedoms in relation to your Personal Data, we as soon as reasonably
practicable upon knowing the
occurrence of such breach take steps to inform you of the breach incident, the risk to your rights and freedoms resulting
therefrom and any course of action to remedy said breach.
In the event you
are dissatisfied with how we process your data, we advise that you submit your
complaint through our Data Protection Officer (DPO), whose details are provided
below:
Name: The Data
Protection Officer, Eko Electricity Distribution Plc
Email: [email protected]
Phone Number: 09070400364/0812992907
Office Address: 24/25
Marina Rd, Lagos Island, Lagos State.
If you have
reasons to believe that your Personal Data has not been handled correctly or
you are unhappy with our response to any requests you have made to us regarding
the use of your Personal Data, you have the right to lodge a complaint with the
Commission. The contact details are:
Nigeria Data
Protection Commission
Email: [email protected]
Website: https://ndpc.gov.ng/
Where you
remain dissatisfied, you reserve the right to explore other appropriate legal
remedies as guaranteed under Nigerian law.
12. QUESTIONS OR CONCERNS
If you have any questions or concerns about this
Privacy Policy or would like to contact us for any reason, you can contact us
at [email protected].
