Privacy & Cookies Policy

1. Personal Information Privacy Policy

My Intellectual Property Law Guide (MIPLG or the “Organization”) is dedicated to protecting the confidentiality and privacy of information entrusted to us by staff, offline and online visitors, vendors and stakeholders (data subjects). Our Data Protection and Privacy Policy indicate that we are dedicated to and responsible for processing the information of our staff and other stakeholders with absolute caution and confidentiality. This policy describes how we collect, use, store, handle and secure personal information (sometimes referred to as “Personal Information”, “Personally Identifiable Information” or “PII) fairly, transparently, and with confidentiality.

This privacy policy sets out our current policies and demonstrates our commitment to privacy. MIPLG is a network of Intellectual Property (IP) advocates leading and propagating IP and Competition law education and implementation through its online/digital channels in Nigeria. As a Data Controller majorly providing intellectual enlightenment to various data subjects, hosting webinars and other events, we hereby set out our privacy policy in full compliance with the relevant data protection legislation and in a clear indication of our transparency and regulatory compliance. Our Privacy and personal data protection principles are applied based on this Privacy Notice at all relevant location where hosting and processing takes place.

Our intent is to collect only the personal information that is provided voluntarily by our data subjects so that we can offer information and/or services to those for specific and legitimate purposes. Please review this Privacy Notice to learn more about how we collect, use, share and protect the personal information that we obtain. Since our Privacy Notice may change at any time you will be receiving an update notification letter and your continued access to or use of our online systems / sites will mean that you agree to the changes.

1. Data Protection Policy

The MIPLG’s Information Protection Policy (DPP) applies to personal information held by the Organization as a data controller and as described in this policy. The policy explains what information we collect about our data subjects, how we use that information, who we share it with, the circumstances under which we may share it and what steps are taken to make sure it stays private and secure. The policy also clearly outlines the right of data subjects in respect of information collected in the course of business.

This Privacy Policy stipulates the Organization’s approach to handling collected personal data and rights with regards to our collection, use, storage and sharing of the personal data which may be collected by the Organization in the course of providing you with our services, collectively referred to herein as MIPLG’s “services”, across all our delivery channels to the Organization’s goals.

It is important to know that the policy continues to apply even if the data subject’s agreement with MIPLG ends, subject to a limited time frame as may be prescribed by law.

1. Collection and Use of Personal Information

2.1.      What we collect

We obtain personal information about you if you choose to provide it —for example, to fulfill your request and to provide the requested and / or agreed services. In some cases, you may have previously provided your personal information to MIPLG (if, for example, you are a volunteer, member, online visitor, collaborator or you have had an established agreement or contract with MIPLG). By submitting personal information to MIPLG, you are also acknowledging that MIPLG may use this information in accordance with this Privacy Policy.

Your personal information is not used for purposes other than those listed in this document, unless we obtain your permission, or unless otherwise required by law. In general we collect and generate the following information:

• Individual personal information (e.g. name, previous names, date and place of birth).
• Individual personal contact details (e.g. address, email address, landline, fax and mobile numbers).
• Identity information (e.g. photo ID, passport, utility bill, national ID card and nationality).
• Research (e.g. information and opinions voluntarily expressed).
• User authentication login and subscription data (e.g. login credentials for online webinars, images, interviews, video conferencing, live events and voice print).
• Financial information.
• Information about the ways you interact with MIPLG (e.g. channels used, transaction information, geographic information, and information concerning your complaints).
• Any information received from external authoritative registers required for compliance purposes.
• Information captured in data subject’s documentation or data exchange such as application forms or via telephone (e.g. records of advice).
• Cookies and similar technologies used to remember your preferences and tailor content.
• Data or records of correspondence related to relevant exchanges of information (e.g. emails).
• Closed circuit television (CCTV) in and around MIPLG facilities/platformss (these may collect photos or videos of you).
• Other information about you that is voluntarily provided by filling in forms or by communicating with us, whether face-to-face or via other available channels (e.g. by phone, email, online).

2.2       Why we collect it and the Legal Grounds

MIPLG generally collects only the personal information necessary to fulfill your request and to provide the requested and/or agreed services. Where additional, optional information is sought, you will be notified of this at the point of collection. The applicable law allows us to process personal information, so long as we have a ground under the law to do so. It also requires us to tell you what those grounds are. As a result, when we process your personal information, we will rely on one of the following processing conditions:

1. Performance of a contract: This is when the processing of your personal information is necessary in order to perform our obligations under a contract but also to be able to complete our acceptance procedure prior to the said contract;
2. Legal obligation or for public interest: This is when we are required to process your personal information in order to comply with a legal obligation, such as keeping records for complying with any tax obligations, regulatory purposes, or providing information to a public body or law enforcement organization;
3. Legitimate interests: where necessary, we may process information about you where there is a legitimate interest for us or a third party in pursuing commercial and business interests, except where such interests are overridden by your interests, fundamental rights and freedoms; or you expressly deny.
4. Consent: We may occasionally ask you for specific permission to process some of your personal information for some or more specific purposes, and we will only process your personal information in this way if you so agree.
   1. What constitutes consent? Your consent is given when you consume our services, navigate our website, tick our online/offline forms or boxes, subscribe to our email alerts, and attend our webinars and other events, or when you voluntarily submit your personal data to us.
   1. How do you withdraw your consent? You may withdraw your consent at any time by unsubscribing to our email alerts or other digital platforms or by contacting the MIPLG Data Protection Officer (DPO) via contact@myiplawguide.com

In general we process, transfer and disclose your information to:

• Verify your identity (e.g. for authentication purposes).
• Provide our services (including via online platforms).
• Deal with your transactions or carry out instructions.
• Perform data analytics and understand your preferences and how you use the provided services.
• Use technology for decision making purposes.
• Keep record keeping and accountability.
• (Meet compliance and legal obligations such as to comply with the extant Data regulatory framework.
• Manage our relationship with you (including any activities you agree to).
• Obtain reports of an online problem (e.g. with the MIPLG site).
• Enforce or defend the rights of a member of MIPLG.
• For internal operational support and administrative purposes (e.g development of our service, audit and risk management).
• Ensure security and Organizational continuity.
• For service quality management and product improvement.
• Correspond with third parties (e.g. vendors, regulators and intermediaries).
• To facilitate dissemination of information about our association and events.
• For the purpose of registration and participation at our online and offline events.
• To respond to and build on any feedback you send us.

2.3       Retention of Information

We will only retain your personal data for as long as the extant provisions of the applicable laws of Nigeria require us to, or for the purposes set out in this policy or our contract with you, or when you exercise your right to request deletion of personal data.

After expiration of any of the aforementioned periods as applicable, your personal data will be irreversibly destroyed. This allows us to comply with legal and regulatory requirements or fulfill our legitimate purposes. If we do not need to retain information for a period of time, we may destroy, delete or anonymize it more promptly. Any personal data held by us will be kept by us until such time that you notify us that you no longer wish to receive this information.

2.4       Storage of Information

The data that we collect from you will not be transferred to, and stored at, a destination outside Nigeria. However, such data may be processed by our staff operating outside Nigeria or for one of our third party service providers. Such staff may be engaged in, among other things, the fulfillment of your order and the provision of support services. By submitting your data, you agree to this transfer, storing and/or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. We maintain security standards and procedures with a view to preventing unauthorized access to data by anyone, including our staff. We use technologies (e.g. data encryption, firewalls) to protect the security of data in transit and data at rest by following a risk based approach. All MIPLG members, all our staff and third parties are required to observe our privacy standards and to allow us audit them for compliance.

2.5       Sharing Information

We do not share personal information with unaffiliated third parties, except if necessary for our legitimate professional and business needs, to carry out your requests, and/or as required or permitted by law. These include:

1. Service providers: MIPLG works with reputable partners and service providers so they can process your personal information on our behalf where required. MIPLG will only transfer personal information to them when they meet our standards set in our third party information security policy on the processing of data and security. We only share personal information that allows them to provide their services.
2. Courts, law enforcement or regulatory bodies: MIPLG may disclose personal information in order to respond to requests of courts, government or law enforcement entities or where it is necessary to comply with applicable laws, court orders or rules, or government regulations.
3. Audits: Disclosures of personal information may also be needed for data privacy or security audits and/or to investigate or respond to a complaint or security threat.

In addition, MIPLG may transfer certain personal information to external entities working with us or on our behalf for the purposes described in this Privacy Policy (e.g. in order to provide you with products or services you requested, or due to public or legal duty to do so). MIPLG will not transfer the personal information you provide to any third parties for their own direct marketing use.

As such information may be transferred and disclosed to authorities, law enforcement, government, persons acting on your behalf, payment recipients, beneficiaries, intermediaries, other financial institutions, lenders and holders of security over any property relevant to MIPLG, payment service providers, technology providers, support service providers, etc. We may also share aggregated or anonymized information with partners such as research groups, universities or advertisers.

2.6       Automated Decisions and Profiling

We do not use automated systems to make automated suggestions or decisions, including profiling, based on personal information we have, or that are allowed to collect from other authorized sources, about you. All personal data we collect have human involvement.  

2.7.      Further Processing

We sometimes process personal data for purposes other than those for which the personal data were initially collected where the processing is compatible with the purposes for which the personal data were initially collected. In order to ascertain whether the processing for another purpose is compatible with the purpose for which the personal data were initially collected:

• Any link between the original and proposed new purposes.
• The context in which data have been collected (in particular the relationship between us and your reasonable expectations).
• The nature of the data (particularly whether they are sensitive data or criminal offence data).
• The possible consequences of the proposed processing.
• The existence of safeguards (including encryption). Where the data subject has given consent or the processing is based on the law we are allowed to further process the personal data irrespective of the compatibility of the purposes. Where we intend to process the personal data for a purpose other than that for which they were collected, we will provide you, prior to that further processing, with information on that other purpose and other necessary information.

3.0 Automatic Collection Cookies & IP Addresses

3.1             Use of Cookies and Location Based Tools

In some instances, MIPLG and its service providers use cookies and other technologies to automatically collect certain types of information when you visit MIPLG online platforms, as well as through email exchange. The collection of this information allows MIPLG to customize your online experience, improve the performance and security, usability and effectiveness of MIPLG’s online presence, and to monitor our overall activities. We may collect information about your computer or mobile device, including where available operating system and browser type, for system administration or for our own commercial purposes.

Cookies may be placed on your computer or internet-enabled device whenever you visit MIPLG online. This allows the site to remember your computer or device and serves a number of purposes.

Your selection will be saved in a cookie and is valid for a short period (e.g. 90 days). If you wish to revoke your selection, you may do so by clearing your browser’s cookies. Although most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser’s settings (often found in your browser’s Tools or Preferences menu). You may also delete cookies from your device at any time. However, please be aware that if you do not accept cookies, you may not be able to fully experience some of our web sites’ features.

Cookies by themselves do not tell us your email address or otherwise identify you personally. In our analytical reports, we may obtain other identifiers, but this is for the purpose of identifying the number of unique visitors to our web sites and geographic origin of visitor trends, and not to identify individual visitors. MIPLG may also collect and use the geographical location of your computer or mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.

By navigating on our web sites and accepting cookies or entering your login details to access areas reserved for registered users, you agree that we can place these cookies on your computer or internet enabled device.

3.2       IP Addresses

An IP address is a number assigned to your computer whenever you access the internet. It allows computers and servers to recognize and communicate with one another. IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to conduct web site trend and performance analysis.

4.0 Your Rights

4.1       Data Subject Rights

MIPLG may ask for your permission for certain uses of your personal information, and you can agree to or decline those uses. If you opt-in for particular services or communications, such as an e-newsletter or sms notifications, you will be able to unsubscribe at any time by following the instructions included in each communication. If you decide to unsubscribe from a service or communication, we will try to remove your information promptly, although we may require additional information before we can process your request.

In general if you have submitted personal information to MIPLG, you have the following rights:

1. The right to access information about you and to obtain information about how it is processed.
2. The right to request that your information is corrected if it is inaccurate or incomplete.
3. The right to request that your information is erased (depending on the circumstances and agreements in place).
4. We may continue to retain your information if another legitimate reason for doing so exists. You have the right to have you personal data erased if:
   1. The personal data is no longer necessary for the purpose which it was originally collected or processed for.
   1. MIPLG is relying on consent as the lawful basis for holding the data, and you withdraw your consent.
   1. MIPLG is relying on legitimate interests as the basis for processing, you object to the processing of your data, and there is no overriding legitimate interest to continue this processing.
   1. MIPLG is processing the personal data for direct marketing purposes and you object to that processing.
   1. MIPLG has processed the personal data unlawfully (i.e. in breach of the lawfulness requirement).
   1. It has to be done to comply with a legal obligation.
5. The right to request that we restrict our processing of your information if the information provided to MIPLG are not accurate, the processing is unlawful and your request for erasure is opposed or when we no longer need your data for the purpose of processing but they are required by you for the establishment, exercise or defence of legal claims.
6. The right to withdraw your consent to our processing of your information (depending on the circumstances and agreements in place). We may continue to process your information if another legitimate reason for doing so exists.
7. The right to receive certain information you have provided to us in an electronic format and / or request that it is transmitted to a third party. This applies when:
8. The lawful basis for processing this information is consent or for the performance of a contract.
9. The right to ask us not to process your personal data for marketing purposes. Prior to collecting data, we will usually inform you if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.
10. The right to lodge a complaint with the Data Protection Regulatory Authority, for example the National Information Technology Development Authority (NITDA) if you think that MIPLG has not processed your personal data in accordance with data protection legislation.

You can exercise your rights by contacting us using the details set out in the “Questions and Enforcement” section. We will make all reasonable and practical efforts to comply with your request, if it is consistent with applicable laws and regulations. In such a case every effort to comply within one month shall be made or to inform you of refusal and the basis of this, or of an extension to the period to comply.

5.0      Other Relevant Information

5.1       Data Security

MIPLG has security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite MIPLG’s best efforts, however, security cannot be absolutely guaranteed against all threats. To the best of our ability, access to your personal information is limited to those who have a need to know and they are required to maintain the confidentiality of such information. A series of technology and Cyber Security platforms and solutions are utilized to protect data within the MIPLG environment including, but not limited to perimeter security mechanisms, end point security mechanisms, encryption, etc.

5.2       Your Responsibilities

You are responsible for ensuring that the information provided to MIPLG on your behalf is accurate and up to date, and you must inform us if anything changes as soon as possible. If you provide information for another person on your account, you must direct them to this notice and ensure they also agree to us using their information.

5.3       Questions, Remedies and Time Frame for Remedies

MIPLG is committed to protecting your personal data. If you have questions or comments about our administration of your personal data, please contact us at contact@myiplawguide.com or visit any of our branches. You may also use this contact to communicate any concerns you have regarding compliance with our Privacy Policy.

If you are not satisfied with the response you receive, you may escalate your concern to NITDA by visiting their website at www. nitda.gov.ng or email – info@nitda.gov.ng but this is without prejudice to your right to file an action in a court of law. The time frame for remedies may be determined by a court of competent jurisdiction or the regulator.

5.4       Children’s Privacy  

We do not knowingly collect personally identifiable information from Children below the legal age. If you become aware that a Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

5.5       Links to Other Websites

If you visit another website other than www.myiplawguide.com, read the privacy policy on that website to find out what it does with your information.

5.6       Governing Principles of our Data Processing

We guarantee that your personal data shall be:

• collected and processed in accordance with specific, legitimate and lawful purpose consented to by you; provided that: a further processing may be done only for archiving, research or statistical purposes for public interest;
• restricted to you and shall not be transferred to any person or entity except as required by law;
• it is adequate, accurate and without prejudice to the dignity of human person;
• Stored only for the period within which it is reasonably needed, and;
• Secured against all foreseeable hazards/breaches such as theft, cyberattack, etc.

This Privacy Policy may be updated from time to time and the most recent version (last updated on April 20, 2021) can be found at www.myiplawguide.com