Last Updated: March, 2024.
1. Introduction:
This privacy policy (“Policy”) applies to the website(s) and mobile application(s) (hereinafter referred to as, the “digital platforms”) provided by Competence Asset Management Company Limited and other products/services (Edike) of Competence Asset Management Company Limited. This Policy discloses our data protection practices on our Sites, products and subscriber-based services (“Services’’), inclusive of the type of personal data that we collect, our method of collection of personal data, use of personal data and procedures for sharing personal data with third parties.
The Sites covered by this Policy include our existing websites, mobile applications and all other additional websites and mobile applications produced and managed by Competence Asset Management Company Limited/www.competenceassetmanagers.com.
2. Policy Statement and Review
At a minimum, this Privacy policies shall be reviewed and approved at a minimum of once every year, to be able adapt to changes in Privacy policies by the NDPR and or other Data protection and privacy organizations and in line with CAM strategic intent and compliance with regulatory operating guidelines. Changes induced by regulatory requirements shall however be adopted as directed and the Policy amended, accordingly.
3.Eligibility
The Sites and Services are intended solely for persons who, if they are natural persons, are eighteen (18) years of age or older, and any registration by, use of or access to the Sites and Services by any natural person under eighteen (18) is unauthorised, unlicensed and in violation of this Policy.
4. Who We Are?
Competence Asset Management Company Limited, a financial services company that offers financial advisory & product-based solutions in a fast-changing environment. We take pride in our collaborative approach to Cost Containment, Risk Management & driving profitable growth for our clients. We offer affordable personal & business loans to enable clients achieve their financial & business goals.
5. Information We May Collect from You
When you use the Sites or Mobile App, we collect and store your personal data which is provided by you from time to time.
For the purpose of accessing our Services, the personal data we may collect include: your full legal names, marital status, title, date of birth, gender, business name, email address, mailing address, telephone number, bank account number, payment card details, bank verification number, national identification number, international passport number, means of identification, guarantors contact details, bank statements, usernames, password, your preferences, interests, feedback and survey responses, preference in receiving marketing information from us and our third parties and your communication preferences, etc.
Personal data/ information in this context shall include all data such as: any means of information relating to an identified or identifiable natural person.
| Personal Data Type | Sources |
| Identity data | Web portal/Mobile App |
| Contact data | Web portal/Mobile App |
| Financial data | Web portal/Mobile App |
| Technical data | Web portal/Mobile App |
| Profile data | Web portal/Mobile App |
| Marketing/Communication data | Web portal/Mobile App |
6. Why Do We Need Your Information?
Our primary goal in collecting the above stated personal data is to provide you with a safe, efficient, smooth and customized experience. This allows us to provide Services and features that most likely meet your needs, and to customize the Sites to make your experience safer and easier.
| Purpose of Processing | Lawful Basis of Processing |
| Identity verification and maintenance of records | Compliance with a legal obligation in which Competence Asset Management is subject. |
| To provide, manage and improve the requested services. | Consent |
| To manage risk, detect, prevent, and/or remediate fraud or other potential prohibited or illegal activities. | Compliance with a legal obligation in which Competence Asset Management is subject. |
| To process transactions and send notices about your transactions to requisite parties | Consent |
| To contact you at any time through your provided telephone number, email address or other contact details | Consent |
| To notify you about activities on your account, troubleshoot problems with your account and collect fees or monies owed | Consent |
| To personalise your experience on our Sites or communications/advertising | Consent |
| To make public any information as required by an official public mandate vested on us, in the interest of the general public | Public Interest |
Lawful Basis for Collecting and Processing Personal Data
In accordance with the provisions of the NDPR, prior to the processing of personal data there must be in existence a legal basis for such processing. In compliance with the provisions of the NDPR, we process your personal data in line with the following legal basis:
Consent: where you have consented to our processing of your personal data for one or more specific reasons. Such consent is given by you through your continuous use of the Services and the Sites.
Performance of a contract: in order to perform a contract, we have with you or a contract to which you are a party to and in order to take necessary steps at your request prior to entering into such a contract.
Legal obligation: where processing of personal data is required by law. We are required by law to retain certain account opening information and personal data of our customers beyond the date such customers cease to carry on business with us.
Public interest: such processing is necessary for the performance of a task carried out in the interest of the public on in exercise of an official public mandate vested on us.
7. How We Collect Your Data
We collect information you provide directly to us, for example, we collect information when you register or log on to the Sites/Mobile App, create an account, subscribe to a Service, participate in any interactive features on our Services, fill out a form, take part in surveys, post on our message boards, upload any documentation, request customer support, make an enquiry, communicate with us by email, phone or post, interact with us on social media, etc.
We will also collect your information where you partially complete and/or abandon any information inputted in the Sites/mobile App and may use this information to contact you to remind you to complete any outstanding information.
We will not sell, share, transfer or rent out any personal information to others in ways different from what is disclosed in this Policy, and our terms and conditions of use.
We may share generic information not linked to any personal identification information regarding visitors and users with our partners (Badij technologies limited, Paystack, Credit registry, Periculum, Termii, Doja).
Providing Us with Information about Others
If you provide us with personal data about someone else, you are responsible for ensuring that you have provided the required notices and have obtained the individual’s explicit consent to provide us with the personal data and that you explain to them how we collect, use, disclose and retain their personal data or direct them to read our Policy.
8. Cookies
We use data collection devices such as ‘cookies’ on certain pages of the Sites. Cookies are small files stored on your hard drive that assist us in providing Services customised to your requirements and tastes. We also offer certain features that are only available through the use of a ‘cookie’. Cookies can also help us provide information, which is targeted to your interests. Cookies may be used whether you choose to register with Us or not.
We also use cookies to allow you to enter your password less frequently during a session. Most cookies are ‘session cookies’, meaning that they are automatically deleted from your hard drive at the end of a session. You are always free to decline our cookies if your browser permits, although in that case you may not be able to use certain features on the Sites and you may be required to re-enter your password more frequently during a session. A cookie cannot read data off your hard disk or read cookie files created by other sites. Use of a cookie is in no way linked to any personally identifiable information while on the Sites.
Once you close your browser, the cookie simply terminates. For instance, by setting a cookie on your browser, you would not have to log in a password more than once, thereby saving time while on the Sites.
You can choose whether to accept cookies by changing the settings of your browser. You can reset your browser to refuse all cookies or allow your browser to show you when a cookie is being sent. If you reject the cookies on the Sites, you may still be able to use the Sites, but it shall be limited to certain minimal functionality.
The only drawback to this is that you may be limited to some areas of Sites or limited to certain functions of the Sites.
9. Consent
By using the Sites, Services and by providing your personal data, you consent to the collection and use of the information you disclose to us in accordance with this Policy, including but not limited to your consent for sharing your personal data in line with the terms contained in this Policy. If we decide to change this Policy, we will post those changes on this page so that you are always aware of what information we collect, how we use it and under what circumstances we disclose it.
We reserve the right, at our sole discretion, to alter and update this Policy from time to time as required by the law and as our business process maybe inclined to improve subsequently. We will notify or invite you to review the current version of this Policy each time there is an update, as you return to our portals digitally or otherwise.
10. Disclosure
You further acknowledge that the sites may contain information which is designated confidential by us and that you shall not disclose such information without our prior written consent. Your information is regarded as confidential and therefore will not be divulged to any third party, unless if legally required to do so to the appropriate authorities. We will not sell, share, or rent your personal data to any third party nor use your email address for unsolicited mail. Any emails sent by us will only be in connection with the provision of agreed Services.
11. Security of your Data
We take all necessary precautions to protect your personal information both online and off-line. It is important for you to protect against unauthorised access to your password, your mobile phone or computer. Be sure to log off from the Sites when you are using a shared phone/computer. We also protect your personal data off-line. Access to your personal data is limited to employees, agents or partners and third parties with whom we are working who we reasonably believe will need that information to provide the Services to you.
In order to protect your personal data, we have put in place appropriate organisational and technical security measures. These measures include storing data on a dedicated and secure server with at least 256-bit encryption, restricting access to your personal data to certain employees, ensuring that our internal information technology systems are suitably secure, and implementing procedures to deal with any suspected data breach.
In the unlikely event of a data breach, Competence Asset Management Limited Company will take steps to mitigate any loss or destruction of data and, if appropriate will notify you and any applicable authority of such a breach.
12. Retention of Records
We will not retain your personal data for longer than is necessary for the purposes for which such personal data is processed. This means we will hold your personal information on our server for as long as is necessary to fulfil the purpose for which it was collected or to comply with any legal, regulatory, tax, accounting, reporting requirements or internal policy requirements. We endeavour to dispose of your personal data once we have concluded that we no longer require your personal data in connection with the purpose for which it was collected and if disposing of such personal data would not expose us to actions, sanctions or claims. The periods for which we hold different categories of data differ. For example, we may hold data received:
- During a request to the help desk for three (3) years after the resolution of such request.
- While handling customer complaints for six (6) years after the resolution: and
- From customers in relation to their accounts for six (6) years after the successful closure of their accounts.
Please note that the periods stated above are subject to overriding legal obligations and public policy, as well as changing business realities. Therefore, we shall endeavour to update the above-stated periods accordingly.
13. Data Subject Rights
Your personal data is protected by legal rights enshrined in the NDPR. These rights include the following:
the right to be told how we use your personal data and obtain access to your personal data;
- the right to have your personal data rectified or erased or place restrictions on processing your personal data;
- the right to object to the processing of your personal data e.g., where the processing is based on our legitimate interests. Please note that this may prevent us from continuing to provide Services to you;
- the right to have any information you provided to us on an automated basis returned to you in a structured, commonly used and machine-readable format, or sent directly to another organisation, where technically feasible (“data portability”);
- where the processing of your personal data is based on your consent, the right to withdraw that consent subject to legal or contractual restrictions;
- the right to object to any decisions based on the automated processing of your personal data, including profiling; and
- the right to lodge a complaint with the supervisory authority responsible for data protection matters.
Please note that if you request for a copy of your personal data, you may be required to pay a fee.
If you would like to exercise any of the above stated rights, please follow the following procedures:
- put your request in writing and send it to us through your usual registered channel (e.g., by registered email).
- specify the right you wish to exercise.
- You can also access the Data Subject Access Request (DSAR) on our website via the contact us page.
For more information or to exercise your data protection rights please, please contact our Data Protection Officer at dpo@competenceassetmanagers.com.
We will endeavour to process all subject access requests within thirty (30) days and if any further extension is required, we will communicate the same through existing consented channels – at no cost. However, please note that you may continue to receive existing communications for a transitional period whilst we update your preferences.
14. Complaints
If you have any questions, comments and requests regarding your privacy and rights, please let us know how we can help. You can relay your complaints to the following contacts:
| Supervisory Authority
Nigeria Data Protection Commission |
Data Protection Officer (DPO) |
|
| Address: | No. 12 Clement Isong Street, Asokoro, Abuja, Nigeria | 15, Kafayat Abdulrazaq Street, Lekki phase 1, Lagos, Nigeria. |
| Email: | info@ndpc.gov.ng | dpo@competenceassetmanagers.com |
| Telephone: | 09160615551 | 07025000490 |