During your interaction with us, The Lacasera Company PLC, and other associated entities (hereafter referred to as “TLCC”, “We”, “Our”, and “Us”) might obtain your information through the mediums defined below. In addition to the purposes set out below, we may use all or a combination of this information to defend our legal rights and comply with the law and regulatory requirements.
A. SCENARIOS VIA WHICH PERSONAL DATA MAY BE COLLECTED
i. As a recruitment candidate undergoing a recruitment process with any of our associated entities.
ii. As a website visitor, visiting the corporate website of any of our 4 associated entities
iii. As a vendor, providing us with a service or goods.
iv. As our distributor, being part of our supply chain in distributing our products to wholesalers and retailers alike.
v. As our customer, using any of our goods or products.
vi. As a visitor to any of our office premises.
B. INFORMATION THAT WE COLLECT
i. As a recruitment candidate, we may collect your name; postal address; postal address; telephone; nationality; place of birth; identification documents; qualification documents; and medical test results (if successful in our recruitment process).
ii. As a website visitor, we may collect your name; telephone number; personal email address; cookies (necessary, statistical, marketing); and JWT web tokens.
iii. As a vendor, we may collect your name; telephone; business/personal email address of contact persons; and/or individuals with a position of significance (Director, Executive Management).
iv. As a distributor, we may collect your name; telephone; business/personal email address of contact persons, and/or individuals with a position of significance (Director, Executive Management).
v. As a customer, we may collect your name; telephone; business/personal email address of contact persons, and/or individuals with a position of significance (Director, Executive Management).
vi. As a visitor, we may collect your name; telephone; and personal email address.
C. BUSINESS/COMMERCIAL PURPOSE FOR PROCESSING
We collect your personal data to:
i. Evaluate the qualifications and professional experience of candidates.
ii. Efficiently manage our recruitment process.
iii. Maintain communication with candidates.
iv. Assess the health status of candidates prior to resumption.
v. Obtain feedback and resolve any complaints.
vi. Understand your preferences via analyzing information from cookies.
vii. Maintain communication with you.
viii. Effectively manage our business relationship with you.
ix. To record your records and for security reasons.
D. LAWFUL BASIS UPON WHICH WE RELY ON TO COLLECT YOUR DATA.
To process your data, we will rely on:
i. Your explicit consent.
ii. The performance of a contract which you have signed with us.
iii. The legal obligation to share your data with regulatory bodies, law enforcement agencies, or public institutions.
E. YOUR RIGHTS AS DATA SUBJECTS
You have rights when it comes to our handling of your Personal Data. Those rights include:
i. The right to request a copy of your Personal Data we hold.
ii. The right to request that the Company erase your Personal Data if it is no longer valid or necessary for the purposes for which it was collected, or if it is incomplete or inaccurate.
iii. The right to rectify or amend inaccurate or incomplete Personal Data.
iv. The right to object to TLCC’s processing of your Personal Data if there are compelling legitimate grounds to do so and to the extent permitted by law or regulation.
v. The right to receive your Personal Data in a commonly used and machine-readable format and the right to transmit these data to another Data Controller when the processing is based on (explicit) consent or when the processing is necessary for the performance of a contract.
vi. The right to lodge a complaint with the Supervisory Authority (NPDB) where you believe our processing of your data violates the requirements of the Nigeria Data Protection Regulation 2019 (NDPR).
vii. The right to request a transfer of your Personal Data to a Third-Party provider of services or Data Controller (data portability).
viii. If you have any request to make concerning your Personal Data with us, please contact our Data Protection Officer at dpo@jotna.com.
For requests you make, we would normally require you to provide us with the information necessary to confirm your identity before responding. We shall acknowledge your request within 72 hours and respond within one month unless otherwise required by law.
While we aim to attend to all requests you may make, certain personal information may be exempt from those requests in some circumstances, which may include a need to keep storing or processing information to comply with a legal obligation. If such an exception applies, we will notify you when responding to your request.
F. TRANSFER OF PERSONAL DATA
Personal data collected by us may be transferred within our various divisions or associated entities, with personnel who have a business need to know, as well as transferred to third-party providers. Whichever the case, we will ensure that appropriate safeguards are in place to ensure the protection of your Personal Data being transferred.
The following describes the various scenarios for which we may share your Personal Data with a third party:
Transfer for Service Provision: We employ other companies and individuals to perform functions on our behalf as service providers (these companies may include, logistics companies, security agencies, etc.). Service providers, and their selected staff, are only allowed to access and use your Personal Data on Our behalf for the specific tasks that they have been requested to carry out, based on our instructions, and are required to keep your Personal Data confidential and secure.
Transfer as a Legal Requirement: We may share your information with other parties when required by law or as necessary to protect our service.
Cross-border Data Transfer: TLCC will not transfer your Personal Data to foreign countries directly. However, we may use business applications and software that have servers located in foreign countries.
Transfer to Related Entities: Your Personal Data may be transferred to any of our associated entities. However, your Data will only be transferred to an associated entity if the transfer is needed to complete or facilitate the processing to which you have consented or which your contract requires.
G. HOW WE ENSURE THE PROTECTION OF YOUR PERSONAL DATA
We use appropriate measures (including physical access controls and secure software and operating environments) to keep your Personal Data confidential and secure.
Please note, however, that these protections do not apply to information you choose to share in public areas, such as third-party social networks.
H. DATA RETENTION
We ensure that your Personal Data is not retained longer than necessary. This is subject to any requirement to retain information, to comply with any applicable law, regulation, professional requirements, or standards.
I. IN THE EVENT OF A BREACH
Personal Data breach refers to a breach of security leading to the accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of, or access to, Personal Data. This includes breaches that are the result of both accidental and deliberate causes.
Because we value the privacy and security of your Personal Data, TLCC will take the necessary security measures to protect your data. However, in the event of a privacy breach, Jotna will take the necessary steps to contain the incident and shall report such breach to the NDPB and the affected individuals of the Personal Data breach within 72 hours of being aware of the breach.
J. RIGHT TO AMEND THIS PRIVACY NOTICE
TLCC may, at any time, change its practices and this Privacy Notice. The amended version will be communicated via various business communication channels.
This privacy policy becomes effective from 06/06/2023.
K. CONTACT INFORMATION
If you have any questions or complaints about our Privacy Policy, please contact us at dpo@jotna.com.
Recent Comments