At Acuitas Legal, we are committed to safeguarding the privacy of the personal information that is provided to us or collected by us during the course of our business as well as the personal information we receive from visitors to our website.
What information do we collect about you and how?
2.1. Business development and business acceptance
We collect personal information about prospective clients and their beneficial owners or controllers as part of business development initiatives and our business acceptance process. The type of personal information we may collect includes name, address, nationality, business interests and employment history. We obtain this information from publicly available open sources.
2.2 Legal services and keeping you up to date with relevant marketing
The type of personal information that we may collect includes current and historical information including your name and contact details (such as your address, email address and telephone numbers) and identifiers such as your organisation, employment history and positions held. We obtain personal information from your IP address and the operating system and web browser that you use to access our Websites. It enables us to identify which organisations have visited our Websites and we use this information to compile statistical data on the use of those sites to help us to improve the user experience.
If you apply for a role or work experience opportunity, or event at the firm you may need to provide personal information including special categories of personal information (for example, details of extenuating circumstances). Your application directly to us, or via a recruitment agency, will constitute your express consent to our use of this information. We will use this information to consider your application for a position with Acuitas Legal. We may also use the information to carry out checks to verify the information provided by you (including reference, background, identity, suitability etc.).
How we use your information
We will only use your personal information if and to the extent that applicable law allows. We will therefore only process your personal information if:
- it is necessary for the performance of a contract with you or the organisation you work for;
- it is necessary in connection with a legal obligation;
- you have given your consent (where necessary) to such use or the organisation you work for has obtained your consent (where necessary) to share your information with us; or
- if we (or a third party) have a legitimate interest which is not overridden by your interests or your rights and freedoms. Such legitimate interests include the provision of legal services, running the firm’s business and marketing relevant services directly to you.
We may use your personal information to:
- consider whether we can pursue certain business development initiatives;
- comply with our legal obligations to identify and verify the identity of our clients and their beneficial owners;
- deliver legal services to you and/or the organisation you work for, if you are a client;
- run the firm’s business (e.g. carry out administrative or operational processes, including recruitment);
- maintain and develop our business relationship with you;
- improve our services and products to you, if you or the organisation you work for are a client or prospective client;
- identify services you may be interested in;
- send you marketing and invite you to events;
- monitor and analyse our business; or
- process and respond to requests, enquiries or complaints received from you.
We may share your personal data with the parties set out below:
- Internal Third Parties,which are other entities within Acuitas Legal acting as joint controllers and who provide IT and system administration services and undertake leadership reporting.
- External Third Partieswhich are:
- Service providers, acting as processors, who provide IT and system administration services.
- Professional advisers, acting as processors or joint controllers, including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
- Regulators and other authorities, acting as processors or joint controllers, based who require reporting of processing activities in certain circumstances.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
International Data Transfers
You, as a data subject, have the right to be informed if your Personal Information is intended to being transferred outside of Nigeria or to an international organisation and the existence or absence of an adequacy decision by the National Information Technology Development Agency (NITDA) for that third country.
Should your Personal Information move outside of Nigeria, we use locally-compliant mechanisms to require that the same or similar levels of data protection that are provided under the Nigerian Data Protection Regulation, 2019 are applied in the country or organisation to which the personal information is being processed.
You consent to the transfer of your Personal Information to outside of Nigeria in accordance with all applicable law and this privacy statement.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Your Legal Rights
You have the right to:
- Request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- If you want us to establish the data’s accuracy.
- Where our use of the data is unlawful but you do not want us to erase it.
- Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
- You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above, please contact us at email@example.com
What is a cookie? Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user’s device, preferences and generally help to improve your online experience.
By using our website, you agree that we can place these types of cookies on your device. If you want to restrict or block any of the above cookies, you should do this through the web browser settings for each browser you use and on each device you use to access the internet. Please be aware that some of areas of our Website may not function properly if your web browser does not accept cookies. However, you can allow cookies from specific websites by making them “trusted websites” in your web browser.