Overview Dangote Group (comprising of all DCP, DSR, and DIL business units) hereinafter referred to as the “Group” is committed to protecting the privacy and confidentiality of Personal Information about its employees, customers, business partners and other identifiable individuals. The Group’s policies, guidelines and actions support this commitment to protecting Personal Information. Each employee bears […]
Dangote Group (comprising of all DCP, DSR, and DIL business units) hereinafter referred to as the “Group” is committed to protecting the privacy and confidentiality of Personal Information about its employees, customers, business partners and other identifiable individuals. The Group’s policies, guidelines and actions support this commitment to protecting Personal Information. Each employee bears a personal responsibility for complying with this Policy in the fulfillment of their responsibilities.
The Group respects the privacy of its employees and third parties such as customers, business partners, vendors, service providers, suppliers, former employees, and candidates for employment and recognizes the need for appropriate protection and management of Personal Information.
This policy sets the minimum standard and shall guide all employees and Agents of the Group even if local law is less restrictive. Supplemental policies and practices will be developed as needed to meet the local legal or departmental requirements. Supplemental policies and practices may provide for more strict or specific privacy and protection standards than are set forth in this Policy.
The Group is guided by the following principles in Processing Personal Information:
When collecting Personal Information directly from individuals, the Group strives to provide clear and appropriate notice about the:
Generally, the Group offers individuals a choice regarding how Personal Information is processed, including the opportunity to choose to opt-out of further Processing or, in certain circumstances, to opt-in. However, explicit consent from individuals is not required when Processing Personal Information for:
Regarding the transfer of Personal Information to either an Agent or Controller, the Group strives to take reasonable and appropriate steps to:
The Group takes reasonable and appropriate measures to protect Personal Information from loss, misuse and unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the Processing and the nature of the Personal Information
The Group will only Process Personal Information in a way that is compatible with the purpose for which it has been collected or subsequently authorized by the individual. The Group shall take steps to help ensure that Personal Information is accurate, reliable, current, and relevant to its intended use.
The Group provides individuals with reasonable access to their Personal Information for purposes of correcting, amending, or deleting that information where it is inaccurate or has been Processed in violation of the Group’s data privacy principles.
Violation of this Policy by an employee or contractor of the Group will result in appropriate discipline up to and including termination. Violation by an Agent, Controller or other third party of this Policy will result in the exercise of appropriate legal remedies available at law or in equity including termination for material breach of contract.
The Group may from time to time Process certain Personal Information from or about employees and third parties such as customers, business partners, vendors, service providers, suppliers, former employees and candidates for employment, including information recorded on various media as well as electronic data.
The Group will use these Personal Information to provide customers, business partners, vendors, service partners and suppliers with information and services and to help the Group personnel better understand the needs and interests of these customers, business partners, vendors, service partners and suppliers. Specifically, the Group uses information to help complete a transaction or order, to facilitate communication, to market and sell products and services, to deliver products/services, to bill for purchased products/services, and to provide ongoing service and support. Occasionally the Group personnel may use Personal Information to contact customers, business partners, vendors, service partners and suppliers to complete surveys that are used for marketing and quality assurance purposes.
The Group may also share Personal Information with its business partners, vendors, service providers and suppliers to the extent needed to support the customers’ business needs. Suppliers are required to keep confidential Personal Information received from the Group and shall not use it for any purpose other than as originally intended or subsequently authorized or permitted.
The Group also collects Human Resources Data in connection with administration of its Human Resources programs and functions and for the purpose of communicating with its employees. These programs and functions may include compensation and benefit programs, employee development planning and review, performance appraisals, training, business travel expense and tuition reimbursement, identification cards, access to the Group’s facilities and computer networks, employee profiles, internal employee directories, Human Resource record keeping, and other employment related purposes.
The Group also collects and uses Personal Information to consider candidates for employment opportunities within its business units. Human Resources Data may be shared with third party vendors and service providers for the purpose of enabling the vendor or service provider to provide service and/or support to the Group in connection with these Human Resources programs and functions. The Group will not share Human Resources Data with third parties for non-employment related purposes. The Group requires third parties receiving Personal Information to apply the same level of privacy protection as contained in this Policy and as required by applicable law.
Without prejudice to the principles set out in Section 5 and conditions set out in Sections 7 and 8 of the NDPR, the Group reserves the lawful right to process personal data either received or submitted as a result of use of any of the Group’s services. Usage of any of the Group’s services entails that at least one of the following below is applicable and acts as a lawful basis to process personal data.
This Section sets out the Group’s data retention policies and procedures, which are designed to help ensure that the Group complies with the legal obligations regarding the retention and deletion of personal data.
To the extent that is required by law.
If the Group believes that the documents may be relevant to any ongoing or prospective legal proceedings, recruitment process or employment gained; and
to establish, exercise, or defend the legal rights (including providing information to others for the purposes of fraud prevention) of the Group.
Responsibility for compliance with this Policy rests with the heads of the individual functions, business units and departments together with any individual employees collecting, using or otherwise Processing Personal Information. Business unit, function, and department heads, in coordination with the Legal Department, are responsible for implementing further standards, guidelines and procedures that uphold this Policy, and for assigning day-to-day responsibilities for privacy protection to specific personnel for enforcement and monitoring.
This Policy is meant to be implemented in conjunction with supplementary data privacy policies specific to a country, or department, if required. These supplementary data privacy policies will account for differences in data protection requirements by jurisdiction or function and will specify individual roles and responsibilities. The Group’s business units will implement supplementary data privacy policies as required to follow applicable laws.