# Privacy Policy
Last updated: 22/02/2025
1. Introduction
Welcome to 9News Nigeria ("we," "our," or "us"). This Privacy Policy explains how we collect, use, and protect your personal data in accordance with the Nigeria Data Protection Act 2023 (NDPA), the General Data Protection Regulation (GDPR), and other applicable data protection laws.
Data Controller:
Nine Communications Nig Ltd
Email: [email protected]
Hot lIne: +2348115805632
2. Legal Basis for Processing
We process your personal data under the following legal bases:
- Consent: For newsletter subscriptions
- Legitimate Interests: For analytics and website improvement
- Legal Obligation**: To comply with legal requirements
- Contract: When necessary to fulfill our terms of service
3. Information We Collect
3.1 Personal Data You Provide
- Email Addresses: When you subscribe to our newsletter
- Legal basis: Consent
- Retention period: Until you unsubscribe or request deletion
- Data storage location: Nigeria
3.2 Information Automatically Collected
Through Google Tag Manager and Analytics, we collect:
- IP address
- Browser type and version
- Device type and settings
- Operating system
- Geographic location (country/city level)
- Access times and dates
- Pages visited and interaction patterns
- Referring websites
Legal basis: Legitimate interests
Retention period: 26 months (Google Analytics default)
3.3 Cookies and Tracking Technologies
We use the following categories of cookies:
- Strictly Necessary Cookies: Essential for website functionality
-Analytics Cookies: To understand user behavior (Google Analytics)
- Advertising Cookies: For targeted advertising (Google Ads)
You have the right to refuse non-essential cookies through our cookie consent manager.
Essential Data
The Essential Data is needed to run the Site you are visiting technically. You can not deactivate them.
- Session Cookie: PHP uses a Cookie to identify user sessions. Without this Cookie the Website is not working.
- XSRF-Token Cookie: Laravel automatically generates a CSRF "token" for each active user session managed by the application. This token is used to verify that the authenticated user is the one actually making the requests to the application.
4. Data Processing Principles
We adhere to both NDPA and GDPR principles:
1. Lawfulness, Fairness, and Transparency
2. Purpose Limitation
3. Data Minimization
4. Accuracy
5. Storage Limitation
6. Integrity and Confidentiality
7. Accountability
5. International Data Transfers
5.1 Transfers from Nigeria
For data transfers outside Nigeria, we ensure:
- Adequate level of protection in recipient country
- Contractual safeguards including Standard Contractual Clauses
- Prior authorization from the Nigeria Data Protection Commission (NDPC) where required
- Data subject notification of international transfers
6. Your Rights Under NDPA and GDPR
You have the following rights:
1. Right to Access: Obtain a copy of your personal data
2. Right to Rectification: Correct inaccurate data
3. Right to Erasure: Request deletion of your data
4. Right to Restrict Processing: Limit how we use your data
5. Right to Data Portability: Receive and transfer your data
6. Right to Object: Stop certain data processing activities
7. Rights Related to Automated Decision Making: Not applicable as we don't perform automated decision making
8. Right to Withdraw Consent: Stop processing based on consent
To exercise these rights, contact us at [Your Email]. We'll respond within:
- 7 days to acknowledge receipt (NDPA requirement)
- 30 days to fully address your request (may be extended if necessary)
7. Third-Party Data Processors
7.1 Google Services
We use several Google services that process your data:
Google Tag Manager & Analytics
- Purpose: Website analytics
- Data collected: Usage patterns, device information
- Location of processing: United States
- Transfer safeguards: Standard Contractual Clauses
- Local data residency compliance: [Specify measures]
- Privacy policy: [Google Privacy Policy](https://policies.google.com/privacy)
Google Ads
- Purpose: Advertisement display
- Data collected: Ad interaction data
- Location of processing: United States
- Transfer safeguards: Standard Contractual Clauses
- Local data residency compliance: [Specify measures]
- Privacy policy: [Google Ads Privacy Policy](https://policies.google.com/privacy)
8. Data Security
We implement appropriate technical and organizational measures including:
- Encryption of data in transit and at rest
- Access controls and authentication measures
- Regular security assessments
- Staff training on data protection
- Annual data protection audit as required by NDPA
- Data Protection Compliance Organization (DPCO) registration where applicable
In case of a data breach:
- We will notify the NDPC within 72 hours
- Affected data subjects will be notified if the breach poses significant risks
- Remedial actions will be taken to prevent future occurrences
9. Children's Privacy
We do not knowingly collect or process data from children under 18 (NDPA requirement). If you believe we have such data, contact us for immediate deletion.
10. Changes to This Privacy Policy
We may update this policy occasionally. Material changes will be notified to you via email or website notice. You have the right to object to any changes.
11. Complaints
You have the right to lodge complaints with:
Nigeria:
Nigeria Data Protection Commission (NDPC)
[NDPC Contact Details]
EU/UK:
Your local supervisory authority
For EU member states: [European Data Protection Board website]
For UK: Information Commissioner's Office (ICO)
12. Contact Us
For privacy-related queries or to exercise your rights:
- Email: [email protected]
- Phone: +2348115805632
Response time:
- Initial response: Within 7 days
- Full resolution: Within 30 days
13. Consent
By using our website, you acknowledge this Privacy Policy. For specific data processing requiring consent, we will obtain it separately and explicitly through clear affirmative action.