Last Updated: October 10, 2024

Definitions

  • African-Festivals.com: This refers to the website, content, and services provided by African-Festivals.com, which is owned and operated by Kodachi Digital, a Nigerian-based company focused on promoting and showcasing festivals and cultural events across Africa.
  • GDPR: The General Data Protection Regulation (GDPR) is a comprehensive data protection law that regulates the collection, processing, storage, and use of personal data in the European Economic Area (EEA).
  • NDPR: The Nigeria Data Protection Regulation (NDPR) is the legal framework that governs the processing and protection of personal data in Nigeria.
  • Data Controller: The entity that determines the purposes and means of processing personal data. For African-Festivals.com, the Data Controller is Kodachi Digital, located in Calabar, Nigeria.
  • Data Processor: Any person or entity that processes data on behalf of the Data Controller, such as third-party service providers who assist us in delivering our services.
  • Data Subject: Any living individual whose personal data is collected, held, or processed by African-Festivals.com.

1. Principles for Processing Personal Data

African-Festivals.com adheres to the following principles when processing personal data, in compliance with both the General Data Protection Regulation (GDPR) and the Nigeria Data Protection Regulation (NDPR):

  • Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and transparently, ensuring that individuals are aware of how their data is used and for what purposes.
  • Purpose Limitation: Personal data is collected and processed only for specific, legitimate purposes that have been clearly communicated to the Data Subject.
  • Data Minimization: We collect only the minimum amount of data required to achieve the intended purpose.
  • Accuracy: We strive to ensure that all personal data is accurate, complete, and up to date.
  • Storage Limitation: Personal data is retained only as long as necessary to fulfill the purpose for which it was collected unless otherwise required by law.
  • Integrity and Confidentiality: Personal data is processed in a manner that ensures security, including protection against unauthorized or unlawful processing, loss, or damage.

2. Data We Collect

African-Festivals.com collects several types of personal data for various purposes, including but not limited to:

  • Contact Information: Name, email address, and phone number.
  • Technical Data: IP address, browser type and version, device type, and operating system.
  • Usage Data: Information on how you use and interact with our website, including pages viewed and features used.
  • Marketing Preferences: Your preferences for receiving communications from us.

Additionally, we may collect demographic information, such as age, gender, and interests, when voluntarily submitted by the user.

3. How We Use Collected Data

We use the collected personal data for the following purposes:

  • Service Delivery: To provide users with requested services, content, and event updates.
  • Communication: To send newsletters, marketing communications, and updates about our services and upcoming events.
  • User Experience: To improve the functionality and design of our website based on user interactions.
  • Security: To protect the integrity of our website, prevent unauthorized access, and mitigate fraudulent activities.
  • Compliance: To comply with applicable laws and regulations, including NDPR and GDPR requirements.

4. Legal Basis for Data Processing

The legal basis for processing personal data under the NDPR and GDPR includes:

  • User Consent: When users voluntarily provide information, such as subscribing to newsletters or submitting inquiries.
  • Contractual Necessity: To fulfill obligations under a contract, such as responding to inquiries or providing access to services.
  • Legitimate Interest: For purposes such as marketing and improving user experience, provided it does not override user rights and freedoms.
  • Legal Obligation: When processing is necessary to comply with legal and regulatory requirements.

5. Data Retention Policy

African-Festivals.com will retain your data only for as long as necessary to achieve the purposes outlined in this Privacy Policy or as required by law. We periodically review our data retention practices and securely delete any data no longer needed for its intended purpose.

6. Data Protection Rights

As a Data Subject under NDPR and GDPR, you have the following rights:

  • Right to Access: Request access to personal data we hold about you.
  • Right to Rectification: Request corrections to any inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): Request deletion of personal data under certain conditions.
  • Right to Restriction: Request to limit the processing of your personal data.
  • Right to Data Portability: Request to receive your data in a structured, commonly used, and machine-readable format and transfer it to another data controller.
  • Right to Object: Object to certain processing activities, such as direct marketing.
  • Right to Withdraw Consent: Withdraw previously granted consent at any time without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please contact us at:

Email: discoverafricanfestivals@gmail.com
Phone: +234 707 033 6489

We will respond to your request within 30 days, in compliance with applicable laws.

7. Security Measures

We implement robust technical and organizational measures to protect personal data against unauthorized access, loss, alteration, or destruction. This includes encryption, secure servers, firewalls, and regular security audits. However, please note that no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security, but we strive to use commercially acceptable means to protect your data.

8. International Transfers

African-Festivals.com may transfer personal data to servers or third parties located outside of Nigeria. Such transfers are conducted in compliance with applicable data protection regulations, ensuring that an adequate level of protection is maintained.

9. Data Sharing and Disclosure

We may share personal data with third parties under the following circumstances:

  • Service Providers: With service providers who support our operations, such as IT service providers, data analytics providers, and payment processors.
  • Legal and Regulatory Compliance: When required by law or to respond to legal process.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, we may transfer your data to the new owner.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track user activity and enhance your experience on our website. Cookies are small data files stored on your device. For more information on how we use cookies and your options to manage them, please see our [Cookie Policy].

11. Children’s Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children without parental consent. If you believe that a child has provided us with personal data without parental consent, please contact us, and we will take steps to delete such data.

12. Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or operational needs. Any updates will be posted on this page, and we will notify you through appropriate communication channels. Please review this page regularly to stay informed.

13. Contact Us

If you have any questions, concerns, or complaints regarding this Privacy Policy or our data practices, please reach out to us using the contact information below:

Email: discoverafricanfestivals@gmail.com
Phone: +234 707 033 6489

You may also contact the Nigerian Data Protection Bureau (NDPB) if you are not satisfied with our response to your request or believe that your data protection rights have been violated.