DATA PROTECTION & PRIVACY POLICY
1. Introduction
The Institute of Information Management (IIM), operating with chapters in Nigeria, Ghana, South Africa, United States, Canada, United Kingdom, Australia, Switzerland, and India, is committed to safeguarding the privacy and security of personal information. This Data Protection and Privacy Policy outlines our commitment to respecting and protecting the personal data of individuals and complies with applicable data protection laws across all the jurisdictions in which we operate.
2. Definitions
• Personal Information: Personal Information consists of any data that relates to an individual and/or information from which an individual can be identified, directly or indirectly. It includes but is not limited to names, contact details, date of birth, photographs, and biometric data, such as facial recognition data.
3. Data Collection
3.1 Types of Personal Information Collected
IIM may collect, use, store, and transfer different kinds of Personal Information about members and customers, including prospective members. This Personal Information includes, but is not limited to:
IIM may also collect biometric data, including facial recognition data, as part of the Personal Information.
3.2 Consent and Opt-In
When collecting biometric data, including facial recognition data, IIM will obtain explicit consent from individuals. By providing such data, individuals consent to its processing in accordance with this policy.
3.3 How Personal Information is Collected
IIM collects information through various means, including but not limited to:
4. Purpose of Data Collection
IIM may use the Personal Information, including biometric data, for the following purposes:
5. Sharing of Personal Information
IIM may share Personal Information, including biometric data, with:
IIM will never sell any Personal Information to third parties.
6. Data Security
IIM implements appropriate physical and technical measures to safeguard the Personal Information, including biometric data. Access to this data is restricted to authorized personnel who are subject to a duty of confidentiality. While all reasonable measures are taken to protect data, no system is entirely secure, and IIM cannot guarantee the security of Personal Information.
7. Data Retention
IIM retains Personal Information for as long as necessary to fulfill the purposes for which it was collected, in accordance with applicable laws. When data is no longer needed, it will be deleted or returned in compliance with applicable law.
8. Data Subject Rights
Under applicable Data Protection Laws, individuals have the following rights concerning their Personal Information, including biometric data:
9. International Data Transfers
IIM may transfer Personal Information across borders when necessary. These transfers will be carried out in accordance with applicable data protection regulations and may involve mechanisms such as Standard Contractual Clauses.
10. Compliance with Specific Regulations
IIM commits to compliance with all applicable data protection regulations in the jurisdictions where it operates, including but not limited to GDPR, CCPA, and relevant local data protection laws.
11. Changes to this Policy
IIM may update this Data Protection and Privacy Policy from time to time. Material changes will be communicated to individuals as required by applicable law. Updates will be effective upon posting the revised policy on our website.
Please ensure that you read and understand this Data Protection and Privacy Policy. By continuing to engage with IIM's services, you signify your consent to this policy.
LOCATION: If you have any queries at all in relation to your data and how we protect your data rights, please contact us:
LOCATION: If you have any queries at all in relation to your data and how we protect your data rights, please contact us:
Address: 13 Association Avenue, Ilupeju Lagos, Nigeria.
Phone: +234 808 377 3640, +234 705 8000 405
Email: info@iim-africa.org