Effective Date: 1 May, 2024
Effective Date: 1 May, 2024
Effective Date: 1 May, 2024
Privacy Policy
Privacy Policy
Lena's Privacy Policy explains how Lena Technologies Ltd. collects, uses, and disclose the data from our customers. We are committed to protecting your privacy.
Lena's Privacy Policy explains how Lena Technologies Ltd. collects, uses, and disclose the data from our customers. We are committed to protecting your privacy.
Legal Version
Simplified Version
Introduction
Welcome to Lena! We're not just any learning management system; we're dedicated to protecting the privacy and security of our users, including students, teachers, and school administrators. describes your privacy rights regarding our collection, usage, storage, sharing, and protection of your personal information when you interact with our services through our website https://lena.africa/, any associated applications, and services (collectively, "Lena").
Consent
You accept this Privacy Policy when you give consent upon access to our platforms or use our services, content, features, technologies, or functions offered on our website or digital platforms for official or non-official purposes. This Policy governs the use of Lena Technologies Limited’s (Lena) services and intervention projects by our users and stakeholders unless otherwise agreed through a written contract. We may amend this Privacy Policy at any time by posting a revised version on our website. The revised version will be effective 7-days after publication.
Cookies
Cookies are small files placed on your computer’s hard drive that enable the website to identify your computer as you view different pages. Cookies allow websites and applications to store your preferences to present contents, options, or functions that are specific to you. Like most interactive websites, our website uses cookies to enable the tracking of your activity for the duration of a session.
Our website uses only encrypted session cookies which are erased either after a predefined timeout period or once the user logs out of the platform and closes the browser. Session cookies do not collect information from the user’s computer. They will typically store information in the form of a session identification that does not personally identify the user.
Information We Collect
Personal Information:
Identification Data: Full name, date of birth, profile photo.
Contact Data: Email addresses, telephone numbers, mailing addresses.
Professional Data: Professional titles, affiliations with educational institutions, grade levels, class or course enrollment details, and administrative roles.
Academic Information:
Performance Data: Course progression, performance details such as grades and scores, assignment submissions, and feedback.
Engagement Data: Records of interactions within courses, participation in discussions, and usage of educational resources.
Technical and Usage Information:
Device Information: Types of devices accessing Lena, operating system versions, browser types, browser languages, and other device-specific information.
Log Information: Access times, pages viewed, IP address, identifiers associated with cookies or other technologies that may uniquely identify your device or browser.
Usage Statistics: Information about how you interact with Lena, features used, frequency of access, and other actions taken on the platform.
Information from third Party:
We may also use the information provided by third parties like social media sites. Information about you provided by other sites is not controlled by Lena and we are therefore not liable for how they use it.
Location Information:
Geolocation Data: Physical location determined from your IP address or data that indicates a location within a less precise range (e.g., city or ZIP code).
Financial Information:
Payment Information: Payment card details and other related financial information necessary for processing payments for services rendered which would be collected via third-party payment partners.
How We Use Your Information
Service Provision: To administer and manage your access to Lena, including course management, billing, and customer support.
Personalization: To tailor your experience according to your preferences and performance history.
Communication: To send important updates about our service, changes to our terms, conditions, and policies, and other administrative information.
Improvement and Development: To conduct research and analysis aimed at improving our educational tools and interfaces.
Marketing and Promotions: To send you promotional messages and information about opportunities that may be of interest to you.
Legal Compliance: To comply with applicable legal requirements and assist in law enforcement efforts as necessary.
Tracking: Track information breaches and remediate such identified breaches.
Sharing of Information
With Third-Party Service Providers: We engage various third parties to help us operate and improve Lena. These providers offer services such as hosting, data analytics, information technology, payment processing, and marketing services.
In the Event of a Merger, Sale, or Asset Transfer: Your information may be transferred as part of that transaction.
To Comply with Law: When required by law, such as to comply with a subpoena or other legal process, your personal information may be disclosed.
Links to other websites and premises
Certain transaction processing channels may require links to other websites or Organisations other than ours. Please note that Lena is not responsible and has no control over websites outside its domain. We do not monitor or review the content of other party’s websites which are linked from our website or media platforms. Opinions expressed or materials appearing on such websites are not necessarily shared or endorsed by us, and Lena should not be regarded as the publisher of such opinions or materials.
Please be aware that we are not responsible for the privacy practices, or content of these sites. We encourage our users to be aware of when they leave our site and to read the privacy statements of these sites. You should evaluate the security and trustworthiness of any other site connected to this site or accessed through this site yourself, before disclosing any personal information to them. Lena will not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of personal information.
Your Rights and Choices
Access, Correction, Deletion: You can request access to, correction of, or deletion and copies of any information we keep on you, if such requests are made in compliance with the Freedom of Information Act and other relevant enactments.
Restrict Processing: You have the right to restrict how we process your personal information under certain circumstances.
Data Portability: In some jurisdictions, you have the right to be provided with a copy of the personal information you provided to us in a structured, machine-readable format.
Data Confidentiality: Your information is regarded as confidential and will not be divulged to any third party except under legal and/or regulatory conditions. While Lena is responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorized officers of the Agency.
How We Protect Your Data
We will always hold your information securely. To prevent unauthorized access to your information, we have implemented strong controls and security safeguards at the technical and operational levels. This site uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure secure transmission of your personal data. You should see the padlock symbol in your URL address bar once you are successfully logged into the platform. The URL address will also start with https:// depicting a secure webpage. SSL applies encryption between two points such as your PC and the connecting server.
Any data transmitted during the session will be encrypted before transmission and decrypted at the receiving end. This is to ensure that data cannot be read during transmission Lena has also taken measures to comply with global Information Security Management Systems (ISMS) we therefore have put in place digital and physical security measures to limit or eliminate possibilities of data privacy breach incidents.
Lena reserves the right to make changes, from time to time, to reflect technological developments and industry best practices; provided, always, that such changes do not result in any objective degradation to the security of Customer Data, the manner in which the Services are provided or which fall below the standard of any applicable law.
The technical and organizational security measures implemented by Lena include (and will include at all material times), at a minimum, the following:
Lena has implemented and will maintain appropriate procedures to ensure that unauthorized persons will not have access to Customer Data and to the systems used to process Customer Data, and that any persons authorized to have access to Customer Data will protect and maintain its confidentiality and security;
Lena has implemented and will maintain appropriate measures to ensure that all employees and contractors involved in the processing of Customer Data are authorized personnel with a need to access the data, are bound by appropriate confidentiality obligations, and have undergone appropriate training in the protection and handling of Customer Data;
Lena will take reasonable steps to ensure the reliability of any personnel who have access to Customer Data; and
Lena will not copy or reproduce any Customer Data, except as technically necessary to provide the Services or as otherwise established in the Agreement or to comply with statutory data retention rules.
Security Breach Provisions
If Lena becomes aware of a Security Breach, then Lena shall, without undue delay: (a) notify Customer of the Security Breach; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach.
In the event of a Security Breach, Lena shall provide the Customer with all reasonable assistance in dealing with the Security Breach, in particular in relation to making any notification to a Supervisory Authority or any communication to Data Subject. In order to provide such assistance, and taking into account the nature of the Services and the information available to Lena, the notification of the Security Breach shall include, at a minimum, the following:
A description of the nature of the Security Breach including the categories and approximate number of data records concerned;
The likely consequences of the Security Breach; and
The measures taken or to be taken by Lena to address the Security Breach, including measures to mitigate any possible adverse consequences;
Where, and insofar as, it is not possible for Lena to provide such information at the time of the notice, then such notice shall nevertheless be made, in as complete a form as possible, and the remaining required information may be provided by Lena, in phases and as it shall become available, without undue delay.
The Customer agrees that:
Any Unsuccessful Security Incident shall not be subject to the obligations imposed on Lena under this Section. An “Unsuccessful Security Incident” occurs where there has been no unauthorized access to Customer Personal Data or to any Lena controlled systems used to Process Customer Personal Data which may include, without limitation, pings and other broadcast attacks on firewalls or edge server, port scans, unsuccessful login attempts, denial of service attack, packet sniffing or similar incidents; and
Lena’s obligation to report or respond to a Security Breach under this Section is not and will not be construed as an acknowledgement by Lena of any fault or liability of Lena with respect to the Security Breach.
Notification of a Security Breach shall be made via email as provided in the Customer’s Lena platform.
Child/Minor Protection and Privacy
Lena values the safety and privacy of minors. Our platform is accessible to children under the age of 18 with parental or guardian consent. We do not intentionally gather personal information from children without such consent. If you are a parent or guardian and are concerned that your child has provided us with personal information without your consent, please contact us immediately. We will work swiftly to address the issue and remove any unauthorised information.
Data Retention
Personal information is retained only for as long as necessary to fulfill the purposes outlined in this policy. Suppose a user, including a minor, chooses to delete their account. In that case, we ensure that their data is deleted from our records within 5 months subject to any legal obligations to retain data.
Legal Basis for Processing Personal Data
Our processing of personal data is based on the following legal grounds:
Consent: Your explicit consent for specific purposes.
Contractual Necessity: The need to fulfil our contractual obligations to you.
Legal Obligations: Any legal obligations we must adhere to under Nigerian law.
Legitimate Interests: The pursuit of our legitimate interests in a manner that does not unduly affect your rights and freedoms.
Personal information is retained only for as long as necessary to fulfill the purposes outlined in this policy. Suppose a user, including a minor, chooses to delete their account. In that case, we ensure that their data is deleted from our records within 5 months subject to any legal obligations to retain data.
Changes to This Privacy Policy
We reserve the right to update this policy at any time. If we make changes, we will post the revised policy on this page with an updated revision date. We encourage you to review this Privacy Policy frequently to stay informed of the latest modifications. We will also send out a notification to inform you of any changes to our Privacy Policy.
Governing Law
This Privacy Policy is made pursuant to the Nigeria Data Protection Regulation (2019) and other relevant Nigerian laws, regulations or international conventions applicable to Nigeria. Where any provision of this Policy is deemed inconsistent with a law, regulation or convention, such provision shall be subject to the overriding law, regulation or convention.
Contact Information
If you have any questions or concerns about our use of your information or this Privacy Policy, please contact us at privacy@lena.africa.
Legal Version
Simplified Version
Introduction
Welcome to Lena! We're not just any learning management system; we're dedicated to protecting the privacy and security of our users, including students, teachers, and school administrators. describes your privacy rights regarding our collection, usage, storage, sharing, and protection of your personal information when you interact with our services through our website https://lena.africa/, any associated applications, and services (collectively, "Lena").
Consent
You accept this Privacy Policy when you give consent upon access to our platforms or use our services, content, features, technologies, or functions offered on our website or digital platforms for official or non-official purposes. This Policy governs the use of Lena Technologies Limited’s (Lena) services and intervention projects by our users and stakeholders unless otherwise agreed through a written contract. We may amend this Privacy Policy at any time by posting a revised version on our website. The revised version will be effective 7-days after publication.
Cookies
Cookies are small files placed on your computer’s hard drive that enable the website to identify your computer as you view different pages. Cookies allow websites and applications to store your preferences to present contents, options, or functions that are specific to you. Like most interactive websites, our website uses cookies to enable the tracking of your activity for the duration of a session.
Our website uses only encrypted session cookies which are erased either after a predefined timeout period or once the user logs out of the platform and closes the browser. Session cookies do not collect information from the user’s computer. They will typically store information in the form of a session identification that does not personally identify the user.
Information We Collect
Personal Information:
Identification Data: Full name, date of birth, profile photo.
Contact Data: Email addresses, telephone numbers, mailing addresses.
Professional Data: Professional titles, affiliations with educational institutions, grade levels, class or course enrollment details, and administrative roles.
Academic Information:
Performance Data: Course progression, performance details such as grades and scores, assignment submissions, and feedback.
Engagement Data: Records of interactions within courses, participation in discussions, and usage of educational resources.
Technical and Usage Information:
Device Information: Types of devices accessing Lena, operating system versions, browser types, browser languages, and other device-specific information.
Log Information: Access times, pages viewed, IP address, identifiers associated with cookies or other technologies that may uniquely identify your device or browser.
Usage Statistics: Information about how you interact with Lena, features used, frequency of access, and other actions taken on the platform.
Information from third Party:
We may also use the information provided by third parties like social media sites. Information about you provided by other sites is not controlled by Lena and we are therefore not liable for how they use it.
Location Information:
Geolocation Data: Physical location determined from your IP address or data that indicates a location within a less precise range (e.g., city or ZIP code).
Financial Information:
Payment Information: Payment card details and other related financial information necessary for processing payments for services rendered which would be collected via third-party payment partners.
How We Use Your Information
Service Provision: To administer and manage your access to Lena, including course management, billing, and customer support.
Personalization: To tailor your experience according to your preferences and performance history.
Communication: To send important updates about our service, changes to our terms, conditions, and policies, and other administrative information.
Improvement and Development: To conduct research and analysis aimed at improving our educational tools and interfaces.
Marketing and Promotions: To send you promotional messages and information about opportunities that may be of interest to you.
Legal Compliance: To comply with applicable legal requirements and assist in law enforcement efforts as necessary.
Tracking: Track information breaches and remediate such identified breaches.
Sharing of Information
With Third-Party Service Providers: We engage various third parties to help us operate and improve Lena. These providers offer services such as hosting, data analytics, information technology, payment processing, and marketing services.
In the Event of a Merger, Sale, or Asset Transfer: Your information may be transferred as part of that transaction.
To Comply with Law: When required by law, such as to comply with a subpoena or other legal process, your personal information may be disclosed.
Links to other websites and premises
Certain transaction processing channels may require links to other websites or Organisations other than ours. Please note that Lena is not responsible and has no control over websites outside its domain. We do not monitor or review the content of other party’s websites which are linked from our website or media platforms. Opinions expressed or materials appearing on such websites are not necessarily shared or endorsed by us, and Lena should not be regarded as the publisher of such opinions or materials.
Please be aware that we are not responsible for the privacy practices, or content of these sites. We encourage our users to be aware of when they leave our site and to read the privacy statements of these sites. You should evaluate the security and trustworthiness of any other site connected to this site or accessed through this site yourself, before disclosing any personal information to them. Lena will not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of personal information.
Your Rights and Choices
Access, Correction, Deletion: You can request access to, correction of, or deletion and copies of any information we keep on you, if such requests are made in compliance with the Freedom of Information Act and other relevant enactments.
Restrict Processing: You have the right to restrict how we process your personal information under certain circumstances.
Data Portability: In some jurisdictions, you have the right to be provided with a copy of the personal information you provided to us in a structured, machine-readable format.
Data Confidentiality: Your information is regarded as confidential and will not be divulged to any third party except under legal and/or regulatory conditions. While Lena is responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorized officers of the Agency.
How We Protect Your Data
We will always hold your information securely. To prevent unauthorized access to your information, we have implemented strong controls and security safeguards at the technical and operational levels. This site uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure secure transmission of your personal data. You should see the padlock symbol in your URL address bar once you are successfully logged into the platform. The URL address will also start with https:// depicting a secure webpage. SSL applies encryption between two points such as your PC and the connecting server.
Any data transmitted during the session will be encrypted before transmission and decrypted at the receiving end. This is to ensure that data cannot be read during transmission Lena has also taken measures to comply with global Information Security Management Systems (ISMS) we therefore have put in place digital and physical security measures to limit or eliminate possibilities of data privacy breach incidents.
Lena reserves the right to make changes, from time to time, to reflect technological developments and industry best practices; provided, always, that such changes do not result in any objective degradation to the security of Customer Data, the manner in which the Services are provided or which fall below the standard of any applicable law.
The technical and organizational security measures implemented by Lena include (and will include at all material times), at a minimum, the following:
Lena has implemented and will maintain appropriate procedures to ensure that unauthorized persons will not have access to Customer Data and to the systems used to process Customer Data, and that any persons authorized to have access to Customer Data will protect and maintain its confidentiality and security;
Lena has implemented and will maintain appropriate measures to ensure that all employees and contractors involved in the processing of Customer Data are authorized personnel with a need to access the data, are bound by appropriate confidentiality obligations, and have undergone appropriate training in the protection and handling of Customer Data;
Lena will take reasonable steps to ensure the reliability of any personnel who have access to Customer Data; and
Lena will not copy or reproduce any Customer Data, except as technically necessary to provide the Services or as otherwise established in the Agreement or to comply with statutory data retention rules.
Security Breach Provisions
If Lena becomes aware of a Security Breach, then Lena shall, without undue delay: (a) notify Customer of the Security Breach; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach.
In the event of a Security Breach, Lena shall provide the Customer with all reasonable assistance in dealing with the Security Breach, in particular in relation to making any notification to a Supervisory Authority or any communication to Data Subject. In order to provide such assistance, and taking into account the nature of the Services and the information available to Lena, the notification of the Security Breach shall include, at a minimum, the following:
A description of the nature of the Security Breach including the categories and approximate number of data records concerned;
The likely consequences of the Security Breach; and
The measures taken or to be taken by Lena to address the Security Breach, including measures to mitigate any possible adverse consequences;
Where, and insofar as, it is not possible for Lena to provide such information at the time of the notice, then such notice shall nevertheless be made, in as complete a form as possible, and the remaining required information may be provided by Lena, in phases and as it shall become available, without undue delay.
The Customer agrees that:
Any Unsuccessful Security Incident shall not be subject to the obligations imposed on Lena under this Section. An “Unsuccessful Security Incident” occurs where there has been no unauthorized access to Customer Personal Data or to any Lena controlled systems used to Process Customer Personal Data which may include, without limitation, pings and other broadcast attacks on firewalls or edge server, port scans, unsuccessful login attempts, denial of service attack, packet sniffing or similar incidents; and
Lena’s obligation to report or respond to a Security Breach under this Section is not and will not be construed as an acknowledgement by Lena of any fault or liability of Lena with respect to the Security Breach.
Notification of a Security Breach shall be made via email as provided in the Customer’s Lena platform.
Child/Minor Protection and Privacy
Lena values the safety and privacy of minors. Our platform is accessible to children under the age of 18 with parental or guardian consent. We do not intentionally gather personal information from children without such consent. If you are a parent or guardian and are concerned that your child has provided us with personal information without your consent, please contact us immediately. We will work swiftly to address the issue and remove any unauthorised information.
Data Retention
Personal information is retained only for as long as necessary to fulfill the purposes outlined in this policy. Suppose a user, including a minor, chooses to delete their account. In that case, we ensure that their data is deleted from our records within 5 months subject to any legal obligations to retain data.
Legal Basis for Processing Personal Data
Our processing of personal data is based on the following legal grounds:
Consent: Your explicit consent for specific purposes.
Contractual Necessity: The need to fulfil our contractual obligations to you.
Legal Obligations: Any legal obligations we must adhere to under Nigerian law.
Legitimate Interests: The pursuit of our legitimate interests in a manner that does not unduly affect your rights and freedoms.
Personal information is retained only for as long as necessary to fulfill the purposes outlined in this policy. Suppose a user, including a minor, chooses to delete their account. In that case, we ensure that their data is deleted from our records within 5 months subject to any legal obligations to retain data.
Changes to This Privacy Policy
We reserve the right to update this policy at any time. If we make changes, we will post the revised policy on this page with an updated revision date. We encourage you to review this Privacy Policy frequently to stay informed of the latest modifications. We will also send out a notification to inform you of any changes to our Privacy Policy.
Governing Law
This Privacy Policy is made pursuant to the Nigeria Data Protection Regulation (2019) and other relevant Nigerian laws, regulations or international conventions applicable to Nigeria. Where any provision of this Policy is deemed inconsistent with a law, regulation or convention, such provision shall be subject to the overriding law, regulation or convention.
Contact Information
If you have any questions or concerns about our use of your information or this Privacy Policy, please contact us at privacy@lena.africa.
Legal Version
Simplified Version
Introduction
Welcome to Lena! We're not just any learning management system; we're dedicated to protecting the privacy and security of our users, including students, teachers, and school administrators. describes your privacy rights regarding our collection, usage, storage, sharing, and protection of your personal information when you interact with our services through our website https://lena.africa/, any associated applications, and services (collectively, "Lena").
Consent
You accept this Privacy Policy when you give consent upon access to our platforms or use our services, content, features, technologies, or functions offered on our website or digital platforms for official or non-official purposes. This Policy governs the use of Lena Technologies Limited’s (Lena) services and intervention projects by our users and stakeholders unless otherwise agreed through a written contract. We may amend this Privacy Policy at any time by posting a revised version on our website. The revised version will be effective 7-days after publication.
Cookies
Cookies are small files placed on your computer’s hard drive that enable the website to identify your computer as you view different pages. Cookies allow websites and applications to store your preferences to present contents, options, or functions that are specific to you. Like most interactive websites, our website uses cookies to enable the tracking of your activity for the duration of a session.
Our website uses only encrypted session cookies which are erased either after a predefined timeout period or once the user logs out of the platform and closes the browser. Session cookies do not collect information from the user’s computer. They will typically store information in the form of a session identification that does not personally identify the user.
Information We Collect
Personal Information:
Identification Data: Full name, date of birth, profile photo.
Contact Data: Email addresses, telephone numbers, mailing addresses.
Professional Data: Professional titles, affiliations with educational institutions, grade levels, class or course enrollment details, and administrative roles.
Academic Information:
Performance Data: Course progression, performance details such as grades and scores, assignment submissions, and feedback.
Engagement Data: Records of interactions within courses, participation in discussions, and usage of educational resources.
Technical and Usage Information:
Device Information: Types of devices accessing Lena, operating system versions, browser types, browser languages, and other device-specific information.
Log Information: Access times, pages viewed, IP address, identifiers associated with cookies or other technologies that may uniquely identify your device or browser.
Usage Statistics: Information about how you interact with Lena, features used, frequency of access, and other actions taken on the platform.
Information from third Party:
We may also use the information provided by third parties like social media sites. Information about you provided by other sites is not controlled by Lena and we are therefore not liable for how they use it.
Location Information:
Geolocation Data: Physical location determined from your IP address or data that indicates a location within a less precise range (e.g., city or ZIP code).
Financial Information:
Payment Information: Payment card details and other related financial information necessary for processing payments for services rendered which would be collected via third-party payment partners.
How We Use Your Information
Service Provision: To administer and manage your access to Lena, including course management, billing, and customer support.
Personalization: To tailor your experience according to your preferences and performance history.
Communication: To send important updates about our service, changes to our terms, conditions, and policies, and other administrative information.
Improvement and Development: To conduct research and analysis aimed at improving our educational tools and interfaces.
Marketing and Promotions: To send you promotional messages and information about opportunities that may be of interest to you.
Legal Compliance: To comply with applicable legal requirements and assist in law enforcement efforts as necessary.
Tracking: Track information breaches and remediate such identified breaches.
Sharing of Information
With Third-Party Service Providers: We engage various third parties to help us operate and improve Lena. These providers offer services such as hosting, data analytics, information technology, payment processing, and marketing services.
In the Event of a Merger, Sale, or Asset Transfer: Your information may be transferred as part of that transaction.
To Comply with Law: When required by law, such as to comply with a subpoena or other legal process, your personal information may be disclosed.
Links to other websites and premises
Certain transaction processing channels may require links to other websites or Organisations other than ours. Please note that Lena is not responsible and has no control over websites outside its domain. We do not monitor or review the content of other party’s websites which are linked from our website or media platforms. Opinions expressed or materials appearing on such websites are not necessarily shared or endorsed by us, and Lena should not be regarded as the publisher of such opinions or materials.
Please be aware that we are not responsible for the privacy practices, or content of these sites. We encourage our users to be aware of when they leave our site and to read the privacy statements of these sites. You should evaluate the security and trustworthiness of any other site connected to this site or accessed through this site yourself, before disclosing any personal information to them. Lena will not accept any responsibility for any loss or damage in whatever manner, howsoever caused, resulting from your disclosure to third parties of personal information.
Your Rights and Choices
Access, Correction, Deletion: You can request access to, correction of, or deletion and copies of any information we keep on you, if such requests are made in compliance with the Freedom of Information Act and other relevant enactments.
Restrict Processing: You have the right to restrict how we process your personal information under certain circumstances.
Data Portability: In some jurisdictions, you have the right to be provided with a copy of the personal information you provided to us in a structured, machine-readable format.
Data Confidentiality: Your information is regarded as confidential and will not be divulged to any third party except under legal and/or regulatory conditions. While Lena is responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorized officers of the Agency.
How We Protect Your Data
We will always hold your information securely. To prevent unauthorized access to your information, we have implemented strong controls and security safeguards at the technical and operational levels. This site uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure secure transmission of your personal data. You should see the padlock symbol in your URL address bar once you are successfully logged into the platform. The URL address will also start with https:// depicting a secure webpage. SSL applies encryption between two points such as your PC and the connecting server.
Any data transmitted during the session will be encrypted before transmission and decrypted at the receiving end. This is to ensure that data cannot be read during transmission Lena has also taken measures to comply with global Information Security Management Systems (ISMS) we therefore have put in place digital and physical security measures to limit or eliminate possibilities of data privacy breach incidents.
Lena reserves the right to make changes, from time to time, to reflect technological developments and industry best practices; provided, always, that such changes do not result in any objective degradation to the security of Customer Data, the manner in which the Services are provided or which fall below the standard of any applicable law.
The technical and organizational security measures implemented by Lena include (and will include at all material times), at a minimum, the following:
Lena has implemented and will maintain appropriate procedures to ensure that unauthorized persons will not have access to Customer Data and to the systems used to process Customer Data, and that any persons authorized to have access to Customer Data will protect and maintain its confidentiality and security;
Lena has implemented and will maintain appropriate measures to ensure that all employees and contractors involved in the processing of Customer Data are authorized personnel with a need to access the data, are bound by appropriate confidentiality obligations, and have undergone appropriate training in the protection and handling of Customer Data;
Lena will take reasonable steps to ensure the reliability of any personnel who have access to Customer Data; and
Lena will not copy or reproduce any Customer Data, except as technically necessary to provide the Services or as otherwise established in the Agreement or to comply with statutory data retention rules.
Security Breach Provisions
If Lena becomes aware of a Security Breach, then Lena shall, without undue delay: (a) notify Customer of the Security Breach; and (b) take reasonable steps to mitigate the effects and to minimize any damage resulting from the Security Breach.
In the event of a Security Breach, Lena shall provide the Customer with all reasonable assistance in dealing with the Security Breach, in particular in relation to making any notification to a Supervisory Authority or any communication to Data Subject. In order to provide such assistance, and taking into account the nature of the Services and the information available to Lena, the notification of the Security Breach shall include, at a minimum, the following:
A description of the nature of the Security Breach including the categories and approximate number of data records concerned;
The likely consequences of the Security Breach; and
The measures taken or to be taken by Lena to address the Security Breach, including measures to mitigate any possible adverse consequences;
Where, and insofar as, it is not possible for Lena to provide such information at the time of the notice, then such notice shall nevertheless be made, in as complete a form as possible, and the remaining required information may be provided by Lena, in phases and as it shall become available, without undue delay.
The Customer agrees that:
Any Unsuccessful Security Incident shall not be subject to the obligations imposed on Lena under this Section. An “Unsuccessful Security Incident” occurs where there has been no unauthorized access to Customer Personal Data or to any Lena controlled systems used to Process Customer Personal Data which may include, without limitation, pings and other broadcast attacks on firewalls or edge server, port scans, unsuccessful login attempts, denial of service attack, packet sniffing or similar incidents; and
Lena’s obligation to report or respond to a Security Breach under this Section is not and will not be construed as an acknowledgement by Lena of any fault or liability of Lena with respect to the Security Breach.
Notification of a Security Breach shall be made via email as provided in the Customer’s Lena platform.
Child/Minor Protection and Privacy
Lena values the safety and privacy of minors. Our platform is accessible to children under the age of 18 with parental or guardian consent. We do not intentionally gather personal information from children without such consent. If you are a parent or guardian and are concerned that your child has provided us with personal information without your consent, please contact us immediately. We will work swiftly to address the issue and remove any unauthorised information.
Data Retention
Personal information is retained only for as long as necessary to fulfill the purposes outlined in this policy. Suppose a user, including a minor, chooses to delete their account. In that case, we ensure that their data is deleted from our records within 5 months subject to any legal obligations to retain data.
Legal Basis for Processing Personal Data
Our processing of personal data is based on the following legal grounds:
Consent: Your explicit consent for specific purposes.
Contractual Necessity: The need to fulfil our contractual obligations to you.
Legal Obligations: Any legal obligations we must adhere to under Nigerian law.
Legitimate Interests: The pursuit of our legitimate interests in a manner that does not unduly affect your rights and freedoms.
Personal information is retained only for as long as necessary to fulfill the purposes outlined in this policy. Suppose a user, including a minor, chooses to delete their account. In that case, we ensure that their data is deleted from our records within 5 months subject to any legal obligations to retain data.
Changes to This Privacy Policy
We reserve the right to update this policy at any time. If we make changes, we will post the revised policy on this page with an updated revision date. We encourage you to review this Privacy Policy frequently to stay informed of the latest modifications. We will also send out a notification to inform you of any changes to our Privacy Policy.
Governing Law
This Privacy Policy is made pursuant to the Nigeria Data Protection Regulation (2019) and other relevant Nigerian laws, regulations or international conventions applicable to Nigeria. Where any provision of this Policy is deemed inconsistent with a law, regulation or convention, such provision shall be subject to the overriding law, regulation or convention.
Contact Information
If you have any questions or concerns about our use of your information or this Privacy Policy, please contact us at privacy@lena.africa.