Privacy Policy - Daystar Christian Center

1. General

We are DAYSTAR CHRISTIAN CENTRE (“DAYSTAR”) and are committed to safeguarding the privacy of your personal data. This Data Protection and Privacy Policy (“Policy”) is issued in compliance with the provisions of the Nigeria Data Protection Regulation 2019 (the “Regulation”) issued by the National Information Technology Development Agency and it is designed to provide you with information on how your personal data will be treated by DAYSTAR.

This Policy is subject to change at any time without notice.

For questions, comments and requests regarding this Policy please contact us by e-mail at [email protected] our Data Protection Officer will be ready and able to attend to you.

2. Consent to Use of Data

By agreeing to the terms of this Policy you consent to: provide us your relevant personal data, its processing, use and storage for the purposes stated herein or any purposes communicated to you.

At any time when your consent is requested, you will also have the option of objecting to the processing of your personal data by not providing the requested details as the provision of your personal data is absolutely voluntary.

In accordance with the Regulation, DAYSTAR will only collect and/or process your personal data where one of the following conditions exists:

You give us your consent to process your data for one or more purposes; or
It is required for compliance with a legal obligation to which DAYSTAR is subject.

Please note that you have a right to withdraw your consent at any time. More information on the withdrawal of your consent is contained in paragraph 7 (‘Your Rights’) below.

3. Nature of Data Collected and Purpose for Collection

We may collect the following personal data from you, including your name, address, email address, age range, telephone or mobile number, location data, gender, occupation, marital status, online identifier and any other personal information that may be necessarily required for the purpose of providing our services.

In line with the purposes of DAYSTAR, we use the personal data we collect for the following purposes:

Updating of membership database;
Following-up on our members for welfare purposes;
Providing premarital and marital counseling services;
Evaluating application for membership of any of our service units;iv. Evaluating application for membership of any of our service units;
Producing demographic feedback for our strategic planning.

Your data may be used in order to send you relevant notifications, to respond to your enquiries, to profile and identify services which may interest you or best meet your needs.

Any further processing of your data will only be for archiving purposes in the public interest, or statistical purposes. Where we intend to further process your personal data for a purpose other than for the purposes stated herein or which it was collected, we will provide you, prior to that further processing, with information on such other purpose and with any relevant further information.

You can always update or amend your personal data provided to DAYSTAR through our self-service portal. Other means of updating your personal data include written request through e-mail or letter or verbal request over the phone.

4. Collection and Storage of Personal Data

We may collect your data by telephone, SMS, web forms, cookies, APIs (Json, Rest). Our policy is to ensure that your data is only stored for a period for which it is reasonably needed for the provision of our services to you, and as such:

We keep records of all our members irrespective of when they joined us;
We keep records of the alumni of our various trainings; and

Notwithstanding the above, DAYSTAR will delete your personal data where:

It is no longer necessary in relation to the purposes for which it was collected or processed;
You withdraw your consent to the processing of your data, or on which the processing is based;
You object to the processing of your personal data and there are no overriding legitimate grounds for the processing; and
Compliance with a legal obligation requires the erasure of your personal data.

5. Third Parties

We generally do not share your personal data with third parties.

6. Data Security and Protection

To prevent unauthorised access and maintain security against foreseeable hazards, we have in place physical, electronic and managerial procedures to protect, secure and safeguard your data and ensure accuracy of our records.

We use secure socket layer (SSL) protocol technology for the collection. However, DAYSTAR cannot guarantee the security of any personal data disclosed to us or collected by us to the extent that we have no control over the public or third-party network through which personal data may be sent to our website.
We have a management and corporate commitment to information security within the organisation and provide clear direction, guidance and responsibilities and procedures in this respect.
We have a Data Protection Officer who deals with security of information and personal data together with relevant compliance with the Regulation, and the knowledge and skills of our Data Protection Officer are continuously updated.
Our staff are trained on the importance of data security and practical aspects of the Regulation, confidentiality and our security system. We have procedures in place in relation to our obligations under the Regulation. Accordingly, our staff are aware of the information security issues and can go to the compliance officer with any issues relating to or arising from the Regulation, privacy or personal data.
We control the physical access to the personal data kept at our facilities and restrict access to our sites, buildings, computer rooms, file rooms, offices, technology areas, equipment and other facilities where unauthorised access by the public could compromise our security. Personal data and information in intangible forms are currently stored on public cloud and we control access to such information and personal data through existing procedures for authorising and authenticating users as well as software control for restricting access and techniques for protecting data.
We monitor and log access to assist in the detection and investigation of security breaches and any attempted breaches where they occur and have in place relevant controls which alert us to breaches in our security. We endeavor to investigate every breach of security and take relevant measures as required by law or our Policy.
We maintain a continuity plan as a contingency which identify our services and assets (including personal data) which would need to be maintained in the event of a disaster and set out the procedure for protecting and restoring them if necessary.
We are taking and will endeavour to continue to take all reasonable steps in order to protect our information and all personal data.

7. Your Rights