IMPORTANT PRIVACY NOTICE

HIB is an Insurance broking institution that processes data in furtherance to the legitimate interest of the data-subject. We process various categories of your data based on the type of engagement we have with you. Embedded applications or codes (which are in some cases called “cookies”) on our website may process your pattern of engagement with our website and thereby create automated responses and notifications that seem most likely to suit your interest. We accept your continued engagement with our website as your CONSENT to the processing of your personal data. Click the following words TO READ OUR DATA PRIVACY POLICY. This notice applies to HIB. Make sure you read privacy notices on every website that you visit.

 

PREAMBLE:

Heirs Insurance Brokers Ltd (HIB) provide risk management solutions to help protect and preserve what our customers value most.

This privacy policy is in consonance with the Nigeria Data Protection Regulation (NDPR) requirement, Section 37 of the Constitution of the Federal Republic of Nigeria (CFRN) 1999 (as amended) and all other legal instruments designed to protect the privacy rights of natural persons.

 

As a company and the Data Controller, we are cognizant of the privacy rights of all natural persons who are part of HIB or interact with us on all our data processing mediums or platforms. These people are our “Data Subjects”. Hence, as a responsible organization, we are committed to safeguarding the privacy rights of our data subjects through this strict privacy policy.

 

SECTION 1:- OUR GUIDING PRINCIPLES ON DATA PROCESSING

We adhere strictly to the principles as set out in Article 2.1 of the NDPR in the processing of data subjects ‘personal data. Therefore, we ensure that personal data shall only be:

  1. a) collected and processed in accordance with specific, legitimate and lawful purpose consented to by the Data Subject;
  2. b) adequate, accurate and without prejudice to the dignity of human person;
  3. c) stored only for the period within which it is reasonably needed; and
  4. d) secured against all foreseeable hazards and breaches such as theft, cyber-attack, viral attack, dissemination, manipulations of any kind, damage by rain, fire or exposure to other natural elements.

 

 

SECTION 2:- CONSENT OF DATA SUBJECT

Except it is required by operation of law or principles of law, your consent as the Data Subject is the entry point for data processing. You have the right to give, withhold or otherwise withdraw your consent to data processing. For further understanding of the operation of the principle of consent under data processing see Articles 2.1(a), 2.2, 2.3 and 2.4 of the NDPR. Those who seek information on our website or other platforms shall be deemed to have given constructive consent to receiving information of specific or of general nature through us from time to time.

 

SECTION 3:- OUR SCOPE OF DATA PROCESSING

In varying degrees vis-à-vis the insurance broking services, we render or your level of engagement with us, we do process your personal data legitimately and lawfully.

 

SECTION 4:- RIGHTS OF DATA SUBJECTS

As the Data Controller, we hold your privacy rights very dear to our operations. Apart from the right to give, withhold or withdraw consent, you have rights to all relevant information that may guide you in making informed decisions about your personal data. For example, you have the right to be notified of anyone or any place to which we may transfer your personal data. The totality your rights include but are not limited to the following:

 

  • a) right to data portability,
  • b) right to erasure,
  • c) right to limit processing and
  • d) right to obtain your data.

SECTION 5:- WITHOLDING RELEVANT DATA

There are types of personal data that are mandatory for us to process in order carry out your instruction for your benefit. If you withhold such information, it may be impracticable for us to carry out our mandate in relation to you. If you seek more clarification on our data processing, please contact our designated Data Protection Officer as provided under SECTION 12 below.

 

 

SECTION 6:- TECHNICAL INFORMATION

Usually, websites are designed to collect certain information from the visitor. Our website is also designed to collect your IP address and other information that your web browser typically shares with the websites that you visit. The purpose of this is to know you better and to automatically and dynamically engage with you through your actions and preferences on our website.

 

SECTION 7:- PERSONAL DATA SECURITY AND INTEGRITY

HIB engage the use cutting-edge technologies and foolproof protocols to provide you with comprehensive layers of security in the area of personal data. Thus, we are constantly vigilant in preventing cyber-attacks, fraudulent intrusion, unauthorized access, loss or corruption of personal data. We are equally conscious of the obligations imposed on us by law in terms of data protection.

 

SECTION 8:- PURPOSE AND STORAGE LIMITATION

The Intention for data processing usually determines the length of time within which your personal data is stored with us and the residue of data actually stored for this purpose. We reasonably collect and store personal data that is reasonably required by law or best practice to serve you or respond to legitimate enquiry about our transaction with you. We take this responsibility very seriously in the knowledge of the need for you to enjoy your privacy as guaranteed under the 1999 Constitution of the Federal Republic of Nigeria and international human rights law.

 

SECTION 9:- CAVEAT ON WEBSITE LINKS:

Our website may contain links to other websites. Save and except as otherwise expressly stated by us, any link to another website is not covered by our privacy policy. We strongly advise that you should satisfy yourself with the details of any privacy policy provided on other websites or links.

 

SECTION 10:- TRANSFER TO THIRD PARTIES AND COUNTRIES

In helping to protect what our customers valued most, we may require the services of third party vendors who may be within or outside the NDPR jurisdiction (Nigeria). Examples of such services include but are not limited to the following:

 

  • a) Internet connectivity,
  • b) cloud storage,
  • c) data analytics,
  • d) data security,
  • e) software development, and
  • f) Legitimate Public interest.

 

However, in transferring your data to third parties, we shall be guided by extant public policy of the NDPR as regards the adequacy level of the foreign jurisdictions. See PART 2 Article 2.11 and PART 3 under the NDPR for details of your right under this section.

SECTION 11: – USE OF SPECIAL DATA PROCESSING CODES (COOKIES)

“Cookies”, are text files that are downloaded to your browsing devices such as phones or computers when you visit our websites. They contain small amounts of data and their essential function is to intelligently memorize your preferences and therefore present them to you as choices when you are browsing – even at different times. Note that various websites use cookies for different purposes some of which may undermine your privacy rights. We have taken measures to ensure that all methods adopted by us to engage automatically with you do not violate your privacy rights under the NDPR. In the case of cookies, we ensure that they have security protocols and are not vulnerable to abuses by anyone.

 

SECTION 12:- DATA PRIVACY SERVICE UNIT (DPSU).

A platform has been provided to respond promptly and satisfactorily to all your requests, suggestions and complaints. This is called the DPSU. We have a Data Protection Officer responsible for prompt action on your data privacy. Contact the DPSU via this link: dpo@heirsinsurancebrokers.com

 

Our DPSU serves as the internal mechanism to carry out the following services amongst others:

  • a) Data protection regulations compliance and breach services
  • b) Data protection and privacy advisory services
  • c) Data protection capacity building
  • d) Data Regulations Contracts drafting and advisory
  • e) Data protection and privacy breach remediation planning and support services
  • f) Information privacy audit
  • g) Data privacy breach impact assessment
  • h) Data Protection and Privacy Due Diligence Investigation
  • i) Data Protection Officer

 

SECTION 14:- REMEDIATION

Data subjects are encouraged to report any complaint or concern about their data privacy through the DPSU. Our team at the DPSU shall take action to redress any grievance within 7 working days.

 

SECTION 15:- ALTERATION OF PRIVACY POLICY

The Data Controller reserves the right to alter the foregoing policy for the purpose of advancing data privacy rights, public interest or complying with lawful directives of the Federal Government.