Watchmen Systems Solutions Ltd. Privacy Policy

Introduction

Watchmen Systems Solutions Ltd. (“Watchmen Systems,” “we,” “our” or “us”) is a Nigeria-based technology solutions company providing services in precision agriculture, aerial intelligence, defence, security, and other sectors. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains what information we collect, how we use it, and the measures we take to safeguard it when you visit our website (watchmensystems.net) or interact with us in any other way. It is drafted in compliance with the Nigeria Data Protection Regulation (NDPR) 2019 and relevant Nigerian data protection laws. We adhere to the NDPR’s core principles of lawful, fair, and transparent data processing, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality. By using our website or providing us with personal data, you indicate your consent to the practices described in this Policy. (Under the NDPR, “consent” means any freely given, specific, informed, and unambiguous indication of your wishes signifying agreement to the processing of your personal data)

Information We Collect

We collect personal information in two ways: (1) information you provide directly (for example, via contact forms or communications), and (2) information collected automatically (for example, through cookies and analytics tools when you use our site). The types of information we may collect include:

·      Contact Information: If you fill out a contact form, request information, or communicate with us, we collect the personal details you provide. This may include your name, email address, phone number, company/organization, and any other information you choose to share in your message. We use this information to respond to your inquiries or provide services you request. (For example, if you ask about our products or services, we will use your contact details to communicate with you.)

·      Correspondence Content: We also collect any content of your communications with us. This includes the details of your inquiries, feedback, or requests when you contact us via web forms, email, phone, WhatsApp, or other channels. We keep a record of this correspondence to address your needs and maintain a history of our communication.

·      Usage Data (Automatically Collected): When you visit our website, certain data is collected automatically by our web servers and analytics tools. This data may include your IP address, browser type, device information, operating system, pages visited, time and date of visits, and referring website. We collect this information through the use of cookies and similar technologies in order to understand how our site is used, to optimize its performance, and to improve user experience. This information is usually aggregated and does not directly identify you by name, but it may be considered personal data under NDPR because it can relate to an identifiable individual (for example, via an IP address).

·      Cookies and Identifiers: Our website uses cookies – small text files that are stored on your device – to make the site work properly and to analyze traffic. These cookies may assign a unique identifier to your browser. They help us recognize you on return visits and gather statistical data about how visitors navigate our site. (For more details, see “Use of Cookies and Analytics” below.) We do not use cookies to collect sensitive information or for any advertising purposes at this time.

We do not collect any payment or financial information on our site (since we have no e-commerce or online payment features), and we do not intentionally collect any special categories of personal data (such as information about race, religion, health, etc.). We also do not create user accounts or logins on our website, and we do not run a newsletter; thus, we will not ask you to register or subscribe for regular updates. The personal data we collect is limited to what is necessary for the purposes described in this Policy, in line with NDPR’s data minimization principle.

How We Use Your Information

We use the personal information collected for the following purposes:

·      To Respond to You and Provide Services: We primarily use your information to respond to your inquiries, requests, or feedback. If you contact us via a form, email, or phone, we will use your contact details and message content to communicate with you and provide the information, support, or services you requested. For example, if you ask about a product or request a quote, we will use your information to provide an answer or engage in further communication as necessary.

·      To Improve Our Website and Services: The usage data and feedback we collect help us understand how our website is performing and how users interact with it. We use analytics information to analyze trends and traffic on our site, so that we can improve site functionality, content, and user experience. This may include analyzing which pages are most visited, how users navigate the site, and any issues encountered, allowing us to optimize our offerings.

·      To Ensure Security and Prevent Misuse: We may use information (including IP addresses and other automatically collected data) to maintain the security of our website, systems, and users. This includes detecting and preventing fraudulent activity, spam, or abuse of our site. We may also use it to debug and troubleshoot technical issues.

·      To Comply with Legal Obligations: If we are subject to any legal or regulatory requirements that necessitate the processing of personal data, we will use and retain your information as needed for compliance. For example, we may keep records of communications or transactions as required by law, or disclose information if lawfully required by a court order, law enforcement, or regulatory authority.

·      Internal Records and Administration: We may use personal information for our internal record-keeping, administrative purposes, and to manage our relationship with you (such as maintaining a list of people who have contacted us, so we can follow up or reference past communications).

·      No Unrelated Secondary Use: We will not use your personal data for any purpose that is incompatible with the purposes outlined above, unless we obtain your consent or are required/permitted by law. In particular, we do not sell your personal information to third parties, and we will not use it for unsolicited marketing (e.g. we won’t add you to any mailing list or send you promotional emails just because you contacted us, unless you specifically request or consent to such). If we ever need to use your data for a new purpose, we will update this Privacy Policy and, if required, seek your consent.

Legal Basis for Processing

The NDPR requires that all processing of personal data has a lawful basis and a specific, legitimate purpose. We only process your personal information when we have a valid legal basis to do so. Depending on the context, one or more of the following legal bases under the NDPR (which align with global standards) will apply:

·      Consent: In most cases, we rely on your consent. When you voluntarily provide personal information through our contact form or other means, you are consenting to our use of that information to respond to you and handle your requests. Likewise, by using our site after seeing our cookie notice, you consent to our use of cookies and analytics as described. You have the right to withdraw your consent at any time (see “Your Rights Under the NDPR” below), though note that if you withdraw consent for us to use information needed to fulfil your request, we may not be able to continue the service or communication.

·      Contract (Pre-contractual Steps): If you contact us in order to inquire about our services or enter into a business relationship, the processing of your data may be necessary to take steps at your request before entering into a contract. For instance, using your contact details to send you a proposal or discuss a service agreement would be based on this legal ground. And if you become our client, any processing of your data necessary to perform our obligations under the contract (such as delivering services or customer support) will be lawfully based on that contract.

·      Legal Obligation: We may process your personal data where necessary for compliance with a legal obligation to which we are subject. For example, we might retain certain transactional records for tax or accounting purposes if applicable, or disclose information to authorities if required by Nigerian law. This legal basis would apply only when processing is mandated by applicable law (and we will notify you where required).

·      Legitimate Interests: We may process certain data as necessary for our legitimate interests, provided such processing is not overridden by your own rights and interests. Our legitimate interests include running and improving our website and services, communicating with prospective customers, and securing our systems. For example, using cookies for analytics to understand website usage is a part of our interest in improving our services. We believe this usage is not intrusive and has a limited impact on your privacy (and you always have options to opt out of cookies or object, as described in this Policy). If we rely on legitimate interests, we will ensure that we consider and balance any potential impact on you and your rights under NDPR.

For clarity, these bases correspond with the lawful grounds recognized under NDPR (and similar regulations like GDPR). In practice, consent will be the primary basis for our website’s data collection, supplemented by contractual necessity (when you seek our services) or compliance with law when relevant. We do not generally process data under “vital interests” or “public interest” bases, as those typically apply to emergency or governmental situations, not our business operations. If you have any questions about the legal basis for any specific processing of your personal data, feel free to contact us (see “Contact Information” below) and we will provide additional clarification.

Use of Cookies and Analytics

Cookies are small text files placed on your computer or device when you visit a website. We use cookies and similar technologies on our site to ensure it functions correctly, to make your user experience more convenient, and to help us understand how visitors use the site. By using this site, you agree to our use of cookies. Here is how we use cookies and analytics:

·      Essential Cookies: Some cookies are necessary for the basic functioning of the website. For instance, because our site is built on Google’s platform (Google Sites), certain cookies may be required to enable page loads, integrate with Google services, or remember your preferences (such as the cookie consent banner). These cookies do not collect personal data for marketing, but they might collect minimal technical data to function (e.g. to remember that you clicked “Got it” on the cookie notice so it doesn’t show repeatedly).

·      Analytics Cookies (Google Analytics): We use Google Analytics to understand how visitors engage with our website and to gather usage statistics. Google Analytics sets cookies in your browser to collect information such as your IP address, device and browser type, and details about your site usage (for example, which pages you visit, for how long, and what links you click). This information is transmitted to Google and aggregated to produce anonymous reports that help us gauge things like overall website traffic, popular pages, and general user behaviour. We use these reports to improve our site’s content, layout, and performance. Importantly, we do not receive personally identifying information in these reports – the data is presented to us in aggregate form. Google may also use the data collected to improve its own services. Google's Privacy Policy, which explains how Google handles information, is available at Google Privacy Policy. We do not use Google Analytics to track or collect personal data beyond what is needed for aggregate statistics, and we have not enabled more intrusive analytics features (such as Advertising Features or User-ID tracking) at this time.

·      Cookie Consent: When you first visit our site, you see a banner or notice stating that “This site uses cookies from Google to deliver its services and to analyze traffic. Information about your use of this site is shared with Google. By using this site, you agree to its use of cookies.” By clicking “Got it” or continuing to browse, you indicate your consent to the placement of cookies as described. If you prefer not to allow cookies, you can adjust your browser settings to refuse or delete cookies. Most web browsers provide options to manage cookie behaviour (such as blocking third-party cookies or all cookies, and clearing existing cookies). Please note that if you disable cookies in your browser, some features of our site may not function properly. For example, disabling cookies might prevent the Google Analytics script from running, which is fine for analytics (it simply stops tracking), but other functional cookies (if any) might also be blocked, potentially affecting site usability.

·      Managing Analytics and Opt-Out: If you wish to opt out of Google Analytics specifically, Google provides an opt-out browser add-on you can install (see Google’s website for the Google Analytics Opt-out Browser Add-on). Additionally, you can delete cookies after visiting our site or use browsing in “private/incognito” mode to limit cookie persistence. We honour such choices – our site will still be accessible if you opt out of analytics cookies.

·      No Third-Party Advertising Cookies: We do not use third-party advertising networks or cookies for advertising profiling on our website. You will not receive third-party advertising cookies from using our site beyond the Google Analytics and Google Sites-related cookies mentioned. If in the future we consider using additional cookies (for example, to add new features or integrate third-party content), we will update this Policy and provide appropriate notice or consent options in accordance with NDPR.

Note on Third-Party Links: Our website may include links or references to third-party websites or services (for example, links to our pages on Facebook or Instagram, or references to partner products). If you click those links or engage with third-party content, those third parties may also set cookies or collect data through their sites. This Privacy Policy does not cover third-party websites. We encourage you to review the privacy policies and cookie practices of any external sites you visit. We are not responsible for the privacy practices of websites that are not under our control.

Data Retention

We will retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, as described in this Policy, unless a longer retention period is required or permitted by law. We do not keep personal data indefinitely by default. Our retention practices are guided by the NDPR principle of storage limitation – personal data should not be stored longer than needed for its purpose.

Here’s how we handle retention for different types of data:

·      Contact/Inquiries Data: If you contact us (via form, email, or other means) but do not become a customer or engage in an ongoing business relationship, we will typically retain the personal information you provided (and our correspondence) for a reasonable period in case you follow up or we need to refer back to the conversation. Generally, we do not expect to keep such inquiry data longer than 12 to 24 months from the date of last interaction. This allows us to understand past inquiries if you contact us again, and to improve our services by analyzing what kind of information people seek. After that period, we will delete or anonymize the data unless we have a specific reason to keep it (for example, if you ask us to retain your information for future contact, or if there is a legal necessity). You also have the right to request deletion of your data at any time (see “Your Rights” below), in which case we will delete it from our active systems (unless retention is required by law).

·      Client Data: If you do become a client of Watchmen Systems (for instance, you purchase a product or service from us following your inquiry), we will retain your personal information for the duration of our business relationship. Even after the active service or contract ends, we may need to keep certain data for a defined period. For example, Nigerian financial regulations or tax laws might require us to keep transaction records for a number of years. We will securely retain only the data necessary for such purposes and only for the period required by law or our legitimate business needs (e.g. maintaining accurate financial records, or handling any post-contract support or disputes). Once those needs are fulfilled, we will archive or securely delete the data.

·      Website Analytics Data: Data collected via Google Analytics is mostly aggregated and anonymized in the reports we use. Google Analytics may retain certain identifier-level data (like cookie identifiers or IP-related data) for a period determined by Google’s data retention settings. We have configured Google Analytics to automatically anonymize IP addresses, and we follow default retention settings unless otherwise specified. Currently, Google’s default retention for user-level and event-level data in Analytics is 14 months, after which the data is deleted automatically (and only aggregated data is kept). We do not download or store personal analytics data separately outside Google Analytics. Any analytics cookies placed on your browser will persist for a known duration (e.g., Google Analytics cookies often last for 6 months to 2 years unless cleared). You can clear these at any time via your browser.

·      Backup and Archive: We may include your data in routine backups of our website or email systems (for disaster recovery purposes). Such backups are kept securely and only for the limited time needed for continuity. If data is removed from our active systems, it will also be purged from backups in the normal rotation schedule. During the period it exists in backup form, we will continue to safeguard it and will not restore or use it unless necessary for restoration/testing or as required for legal purposes.

After the applicable retention period has elapsed, or if the data is no longer needed, we will ensure that your personal data is securely deleted, erased, or anonymized so that it can no longer be associated with you. We regularly review the information we hold and delete or anonymize personal data that is no longer required for any legitimate business or legal purpose.

Data Sharing and Third Parties

We treat your personal information with care and confidentiality. We do not sell, rent, or trade your personal data to third parties for marketing or any other purpose. However, in the normal course of operating our business and website, we may share your data with certain trusted third parties under the following circumstances:

·      Service Providers (Processors): We use third-party service providers to help us run our website and deliver our services. For example, our website is hosted on Google’s platform (Google Sites), and we use Google Analytics for website analytics. These providers may process personal data on our behalf – for instance, Google processes your site usage data to provide us with analytics reports. We may also use an email service provider (for instance, if you email us at info@watchmensystems.net, your email is handled by our email hosting service) or cloud storage for record-keeping. In all cases, we only share the information that is necessary for the third party to perform their specific services. They are not allowed to use your data for any other purposes. We ensure that such service providers are bound by appropriate data protection obligations (for example, through contracts or terms of service) to keep your data secure and to use it only under our instructions and in compliance with NDPR.

·      Google (Analytics and Hosting): As noted, Google is a key third-party involved in our site’s operation. Google may independently collect certain data from your browser through our use of Google Analytics and the Google Sites platform (this can include data like your IP address, cookie identifiers, and browsing data). Google acts as our data processor for analytics, providing aggregated data back to us; however, Google may also use certain analytics data for its own purposes according to its privacy policy (for example, improving Google Analytics or, if you allow ad personalization via Google, to inform ads – though we do not use Google Ads on our site). We recommend reviewing Google’s Privacy Policy for details on how Google treats personal data. We have enabled data privacy features in Analytics where possible (such as IP anonymization) to mitigate privacy risks.

·      Business Advisors and Partners: We may share information with our professional advisors (such as our lawyers or accountants) if necessary for consulting, legal, or financial advice, but only on a need-to-know basis and under a duty of confidentiality. For instance, if a legal issue arose that involved a user communication, we might share relevant information with legal counsel to obtain advice. Similarly, if we collaborate with a partner company to fulfil your request (for example, a product supplier or subcontractor for a service you inquired about), we would share your information with that partner only with your knowledge or request and only as needed to serve you. Such partners would be expected to handle your data in accordance with applicable data protection laws and only for the intended purpose.

·      Legal Compliance and Protection: We may disclose personal information to third parties (such as courts, law enforcement, or government agencies) if required to do so by law or legal process, or if we have a good-faith belief that such action is necessary to comply with a legal obligation. For example, in response to a subpoena, court order, or regulatory request (like from the Nigeria Data Protection Bureau/Commission or NITDA), we may have to provide relevant data. Additionally, we may share information when we believe it’s necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, or to enforce our agreements and policies, or to protect the rights, property, or safety of Watchmen Systems, our employees, our customers, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction (though this is unlikely in our context).

·      Corporate Transactions: In the unlikely event that our company undergoes a business transition – for example, a merger, acquisition by another company, or sale of all or part of our assets – personal data we hold may be among the assets transferred to the new owner. If such a transfer occurs, we will ensure the new owner is bound to respect your personal data in a manner consistent with this Privacy Policy (or we will obtain your consent as required by NDPR). We will notify you (for example, via a notice on our website or other communication) of any such change in ownership or use of your personal data, as well as any choices you may have regarding your personal data as a result.

International Data Transfer: Whenever we share data with third parties, we consider the location where they will process the data. Currently, the services we use (like Google) may process data on servers located outside Nigeria (for instance, in the United States or the European Union). When personal data is transferred out of Nigeria, we take steps to ensure that the transfer complies with NDPR requirements for international data transfers. This means we will only transfer data to countries or organizations where there is an adequate level of data protection, or we will put in place appropriate safeguards such as standard contractual clauses, or rely on your consent where permitted. By using our website or submitting your information, you consent to the transfer of your personal data outside Nigeria when it is necessary to achieve the purposes described (for example, your data will travel to Google’s servers in order for us to use Google Analytics). Rest assured, such transfers are handled with care for the confidentiality and security of your information, and we remain responsible for the protection of your personal data even when it is processed by our service providers abroad.

Apart from the situations described above, we will not share your personal data with any third party unless you have expressly authorized us to do so. If we ever need to share your information for any new reason not covered in this Policy, we will notify you and obtain your consent if required.

Your Rights Under the NDPR

Under the Nigeria Data Protection Regulation, you, as a data subject, have certain rights regarding your personal data. We respect and uphold these rights, and we provide you with the ability to exercise them. Your rights under the NDPR (which are similar to rights under other global data protection laws) include:

·      Right to Be Informed: You have the right to be informed about the collection and use of your personal data. This Privacy Policy is one of the ways we fulfil this right, by providing you with details on what data we collect, why, and how we process it clearly and understandably. We aim to be transparent in our practices (transparency is a key principle under NDPR) so you can make informed decisions about your data.

·      Right to Object: You have the right to object to certain types of processing of your personal data. In particular, NDPR gives you the right to object at any time to the processing of your data for direct marketing purposes. (As noted, we do not currently process your data for marketing without consent, but if we ever were to, you could opt out easily.) You can also object to other processing in cases where we are relying on legitimate interests as the legal basis (see “Legal Basis” section), and you have a particular situation that makes you desire to stop that processing. For example, you can object to us using your data for analytics or improvement purposes if you want, and we will consider your request and refrain from processing your data for that purpose unless we have a compelling legitimate ground to continue (or if it’s legally required). We will always honour your objection to any marketing or unsolicited contact. Mechanisms: To object, you can contact us at any time (see Contact Information below). If you object to cookies/analytics, you can also accomplish this by disabling cookies or using the opt-outs described in the Cookies section of this Policy.

·      Right of Access: You have the right to request access to the personal data we hold about you. This is sometimes called a Subject Access Request. It means you can ask us to confirm whether we are processing your personal data and, if so, provide you with a copy of that data, as well as information about how we are processing it. For example, you can ask us to give you a copy of the information you provided to us and any notes or records we have associated with you. We will provide this in a commonly used electronic format (unless you request another format) and will do so free of charge, except if the request is manifestly unfounded or excessive (in which case NDPR allows a reasonable fee or refusal, but we will generally try to comply).

·      Right to Rectification: You have the right to have inaccurate personal data corrected or incomplete data completed (and we have a duty to ensure your data is accurate). If you discover that the information we hold about you is incorrect or outdated – for instance, if your name is misspelt in our records or you wish to update your contact details – you can request that we correct it. We encourage you to keep us informed if your personal information changes during your relationship with us, so we can keep our records up to date.

·      Right to Deletion (Right to Erasure): You have the right to request that we delete your personal data, also known as the “right to be forgotten.” You can ask us to erase your personal information in certain circumstances, for example: if it is no longer necessary for us to have your data for the purpose it was collected, if you have withdrawn your consent and we have no other legal basis to keep the data, or if you believe we have processed your data unlawfully. We will honour such requests provided that we do not have an overriding lawful reason to retain the data (for instance, we may need to keep certain records to comply with a legal obligation, or if the data is relevant to a legal dispute, we might need to retain it). We will inform you of the outcome of your deletion request. When we delete personal data, we will do so securely.

·      Right to Restrict Processing: You have the right to ask us to restrict (i.e., pause or limit) the processing of your personal data in certain situations. This means that while we would store your data, we would not use it until the restriction is lifted. You can request restriction if: you contest the accuracy of the data (for a period allowing us to verify it); or if the processing is unlawful but you oppose full deletion and prefer restriction; or if we no longer need the data but you need us to keep it for the establishment, exercise or defense of legal claims; or if you have objected to processing (see “Right to Object” above) and we are verifying whether our legitimate grounds override yours. When processing is restricted, we will mark the data as such and only process it for certain allowed reasons (like with your consent or for legal claims).

·      Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and to have that data transmitted to another data controller where technically feasible. This right applies when the processing is based on your consent or on a contract and is carried out by automated means. In practical terms, if you request it, we will provide you with your personal data (that you initially gave us) in a format like CSV or JSON, which is easily usable, so you can transfer it to another service provider or for your own purposes. If you prefer, and if it’s feasible, you can also ask us to directly transfer the data to another organization’s system at your direction. Note that data portability does not apply to data we generate internally (like analytics data that is not personally identified to you) or data collected on other legal bases like legal obligation – it mostly covers the data you provided us actively.

·      Right to Withdraw Consent: When we rely on your consent to process your data, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we conducted before your withdrawal, but it will mean we will stop the specific processing that was based on consent. For example, if you consented to us using your contact information to send you updates, you can later ask us to stop (and we will cease sending). To withdraw consent, you can contact us or, where applicable (for example, email communications), use the provided opt-out mechanisms. If you withdraw consent for cookies/analytics, you can delete or block cookies as described in the Cookies section.

·      Right to Lodge a Complaint: If you believe your data privacy rights have been violated or you are unsatisfied with how we’ve handled your personal data, you have the right to complain with the Nigeria Data Protection Bureau (NDPB) or its successor the Nigeria Data Protection Commission (NDPC), which is the regulatory authority responsible for enforcing data protection laws in Nigeria. You can typically find contact details for the NDPB/NDPC on their official website (formerly via NITDA). We would, however, appreciate the chance to address your concerns first before you approach the regulators, so we encourage you to contact us directly with any complaint, and we will do our best to resolve it to your satisfaction.

We are committed to upholding these rights. Exercising Your Rights: You can exercise any of your rights by contacting us (see the Contact Information section below). For security, we may need to verify your identity before fulfilling certain requests (to ensure that we do not disclose data to the wrong person or delete data at the behest of someone impersonating you). This might involve asking for some additional information or identification. We will respond to your requests as quickly as possible and in any event within the timeframe required by law. NDPR does not specify an exact timeframe in the text, but as a best practice aligned with GDPR, we aim to respond within one month of receiving a request. If your request is particularly complex or if we have received numerous requests, we may extend this by another two months, but we will inform you of the need for an extension and the reasons. There is generally no fee for requesting to exercise your rights. However, if requests are manifestly unfounded or excessive (for example, repetitive), we may charge a reasonable fee or refuse to act on the request, as allowed by law – but we will explain our reasoning in such cases. Rest assured, we will not discriminate against you for exercising any of these rights. Our goal is to respect your privacy and facilitate your control over your personal data.

Data Security

We take data security very seriously and have implemented various measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. While no website or electronic storage system can be 100% secure, we follow industry best practices and NDPR guidelines to safeguard your data’s integrity and confidentiality. Our security measures include:

·      Secure Hosting: Our website is hosted on a secure platform (Google), which employs modern security infrastructure. All web traffic between your browser and our site is encrypted using HTTPS/TLS. This means that the information you input on our website (for example, through a contact form) is transmitted securely and cannot be easily intercepted. You can verify you’re on a secure connection by the padlock icon in your browser address bar for our site.

·      Access Controls: Internally, access to personal data is restricted to authorized personnel who need that information to perform their duties. For example, only designated staff or management at Watchmen Systems who handle inquiries or customer relationships will have access to contact form submissions or emails containing personal data. Each such person is bound by confidentiality obligations. We limit administrative access to our website and databases, and use strong authentication (such as passwords and, where possible, two-factor authentication) to prevent unauthorized access.

·      Encryption & Protection: We utilize up-to-date security software and protocols to protect data. Whenever feasible, personal data is stored in encrypted form or on secure systems behind firewalls. We employ reputable cloud services (like Google’s infrastructure) which offer robust security features. Any sensitive information (if we ever handle such, e.g., in future) would be encrypted in transit and at rest. We also maintain antivirus and anti-malware protection on our systems to prevent data loss or theft.

·      Monitoring and Testing: We monitor our systems for possible vulnerabilities and attacks, and we take proactive steps to update and patch software to the latest security standards. Regular backups are performed so that data can be recovered in case of any accidental loss or corruption. We also ensure that any third-party plugins or scripts (like analytics code) are kept updated to mitigate security risks.

·      Organizational Policies: We have internal policies and training for our team about the importance of data privacy and security. This includes guidelines on how to handle personal data, how to recognize and prevent phishing or social engineering attempts, and how to respond in the event of a security concern. Only minimal necessary data is kept, reducing the risk exposure.

Despite all these precautions, it’s important to understand that no system is completely foolproof. We therefore also have measures in place to deal with any suspected data breach. In the event of a security incident that compromises personal data, we will act promptly to contain and investigate the breach, notify affected individuals and the authorities as required by NDPR, and take steps to prevent future incidents[23]. NDPR (and the new Data Protection Act) may require us to report certain breaches to the Nigeria Data Protection Bureau/Commission, within a short period, and to inform you if the breach poses a high risk to your rights and freedoms. We will strictly adhere to those requirements. We also encourage you, as a user, to play a role in keeping your data secure: for example, by not sending highly sensitive information via the open contact form (if one is on the site) and by using secure networks when communicating with us.

If you have any reason to believe that your interaction with us or the security of your data has been compromised (for instance, if you suspect that someone has intercepted your communications with us), please contact us immediately so we can investigate and address it.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us. We are here to help and address any issues related to your privacy and security.

Data Controller:
Watchmen Systems Solutions Ltd.
24, Chief Kola Ologolo Street, off Aro Ologolo Road,
Ologolo, Lekki, Lagos, Nigeria.

Email: privacy@watchmensystems.net (or info@watchmensystems.net)

Phone: +234 809 131 2001

You can email us anytime with questions about this Privacy Policy or to exercise your NDPR data rights. We will respond as promptly as possible.

You may also call our office during business hours (9 am – 5 pm, Monday to Friday) with urgent inquiries. Keep in mind that for certain requests (like data access or deletion), we may still ask that you confirm the request in writing (email) so we have a record.

Data Protection Officer (DPO): Given our current size and activities, we are not legally required to appoint a formal DPO under NDPR. However, we have designated a privacy point-of-contact internally to oversee compliance. If you have specific questions or complaints, please address them to the contact information above, and it will be directed to the appropriate person handling data protection compliance.

We value your privacy and will do our utmost to resolve any concerns. When you contact us, please provide enough information for us to identify you and understand your request. For example, if you are requesting a copy of your data, it helps to include the context (e.g., “I filled out the contact form on [date] with the name X and email Y”). This will assist us in locating your data quickly. Rest assured, any information you provide when contacting us for privacy reasons will only be used to address your request and will be handled securely.

Changes to This Policy

We may update or revise this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will post the updated Policy on this page with a new “Last Updated” date to notify you of the revision. If the changes are significant, we may also provide a more prominent notice, such as a banner on our website or an email notification, to inform you of the update. We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting your information.

Your continued use of our website or services after any changes to this Policy have been posted will constitute your acknowledgement of the changes and your agreement to be bound by the updated terms (to the extent permitted by law). If required by NDPR or other laws, we will seek your consent for material changes in how we use your personal data (especially if we plan to use it for a new purpose not originally disclosed).

This Policy is effective as of the date posted at the top. Previous versions of our Privacy Policy (if any) will be archived and available upon request for your reference.

Thank you for reading our Privacy Policy. We hope it answers your questions about how Watchmen Systems handles your personal data. We are committed to protecting your privacy and being transparent about our data practices. If you have any further questions or concerns, please do not hesitate to reach out using the contact information provided above.