Cryptolife is committed to keeping your information private.
By “your information” we mean any information about you that you or third parties provide to us. This policy explains the principles that Cryptolife applies to the processing of personal information, the rights that you have pertaining to your personal information, what personal information is collected, why we are processing it and who we may sharing it with.
Cryptolife is committed to safeguarding the privacy of your information in the following ways:
- We will only collect and use your information where we have lawful grounds and legitimate business reasons to do so.
- We will be transparent in our dealings with you and will tell you about how we will collect and use your information.
- If we have collected your information for a particular purpose, we will not use it for anything else unless you have been informed and, where relevant, your permission obtained.
- We will not ask for more information than we need for the purposes for which we are collecting it.
- We will update our records when you inform us that your details have changed.
- We will continue to review and assess the quality of our information system collection.
- We will implement and adhere to information retention policies relating to your information, and will ensure that your information is securely disposed of at the end of the appropriate retention period.
- We will observe the rights granted to you under applicable privacy and data protection laws, and will ensure that queries relating to privacy issues are promptly and transparently dealt with.
- We will train our staff on their privacy obligations.
- We will ensure we have appropriate physical and technological security measure to protect your information regardless of where it is held.
- We will ensure that when we outsource any processes, the supplier has appropriate security measures in place and will contractually require them to comply with these privacy principles.
- We will ensure that suitable safeguards are in place before personal information is transferred to other countries/third-party.
Data collected and how we use them
i. We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:
ii. Identity Data includes names, username, date of birth, passport photo and gender, Government issued ID, payment account information etc.
iii. Contact Data includes residential address, next of kin information, email address and telephone numbers. iv. Technical Data includes internet protocol (IP) address, your login device, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, Website usage through cookies and logs of activities during visit and other technology on the devices you use to access this website.
v. Usage Data includes information about how you use our website and services.
vi. Marketing and Communications Dataincludes your preferences in receiving
marketing communications from us and our Affiliated Third Parties and your communication preferences.
vii. You provide this information through direct interaction when you visit our website, sign up to our newsletters or publications, request marketing materials to be sent to you, respond to surveys, complete our feedback or comment form, provide your business card to any of our staff, sign our visitor management form, complete other forms, apply for employment through our careers page, or contact us to request for any information or other correspondence by post, email, our website or otherwise.
ix. We do not intentionally or knowingly collect any Sensitive Personal Data. We ask that you do not send to us nor disclose such Sensitive Personal Data save where required for a specific purpose.
Your personal data and how it is used
- Primarily, we collect, process and store your Personal Data to help us better connect with you. The following are the purposes for which we collect your Personal Data:
- To verify tour account in accordance with KYC and AML laws.
- To monitor, review, evaluate and improve your experience when you visit our website/app.
- To analyse the traffic on our website, including determining the number of visitors to the website and analyse how they navigate the website.
- To better manage our business and your relationship with us;
- To invite you to complete a survey or provide feedback to us on specific matters.
- At any time, you request information from us via a form or other electronic transmission we may use your Personal Data to fulfil that request and keep a record of such request and how it was handled, for quality assurance and service improvement purposes.
- To improve our products and services and to develop new products and services;
- To keep you updated on our activities, programmes and events where your explicit consent has been given.
- To notify you of changes to our websites/app or relevant processes.
- To notify you about benefits and changes to the features of products and services;
- To administer offers, competitions and promotions; to respond to your enquiries and complaints and to generally resolve disputes;
- To update, consolidate and improve the accuracy of our records; to produce data, reports and statistics which have been anonymized or aggregated in a manner that does not identify you as an individual;
- To conduct research for analytical purposes including but not limited to data mining and analysis of your transactions with us; to meet the disclosure requirements of any law binding on us;
- We may also use your information or allow Affiliated Third Parties such as our affiliate companies or partners use of this Personal Data, to offer you information about unrelated products or services you may be interested in. We or such Affiliated Third Parties can only communicate with you if you have expressly consented to such communication and data use.
- We may share your personal data with Affiliated Third Parties such as service providers who we have engaged to assist with providing certain services on our behalf, for which they require your personal data.
- Where we have any contracts with you which create a commitment, we may require contact or use of your information to perform the contract.
- To process or manage your appointments with any of our staff.
- To fulfil legal/ regulatory obligations or to report any criminal or unethical activity.
- To store either on our central computer system or a third-party Computer’s central computer system for archiving and back up purposes.
- Be aware that we do not reveal identifiable information about you to our advertisers, though we may at times share statistical visitor information with our advertisers: for audit, compliance and risk management purposes; to assess financial and insurance risks; to conduct anti-money laundering checks; for crime detection, prevention and prosecution; to comply with any sanction requirements; for any other purpose that is required or permitted by any law, regulations, guidelines or relevant regulatory authorities.
Change of purpose
We will only use your Personal Data for the aforementioned purposes, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your Personal Data for an unrelated purpose, we will notify you and request for your express consent.
i. Right to be Informed
ii. Right of Access to Your Personal Data.
You have the right to access information held about you. In order to exercise this right, you must complete a subject access request that should be submitted to firstname.lastname@example.org. Once received, we will respond within 28 days confirming whether or not we are processing your personal data and will give you access to that data in electronic format. No fee will apply for such requests.
iii. Right to Restrict Processing of Your Personal Data.
You have the right to request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.
iv. Right to Portability of Your Personal Data.
You have the right to request the transfer of your personal information to another party in certain formats, if practicable. This allows you to obtain and reuse your personal data for your own purposes across different services.
v. Right to Object.
You have the right to object to processing of your personal information where there is something about your particular situation which makes you want to object to processing. You also have the right to object where we are processing your personal information for direct marketing purposes. You can at any time tell us not to send you marketing communications by e-mail by clicking on the unsubscribe link within any marketing e-mails you receive from us or by contacting us as indicated below.
vi. Right to Have Your Personal Data Erased.
You have the right to be forgotten and can request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
vii. Right to Rectification of Your Personal Data.
Cryptolife endeavours to ensure that all personal information is complete and accurate at all times. If, however, you determine that the personal information we hold about you is incomplete or inaccurate, you have the right to request correction of that personal information.
viii. Right to Make a Complaint
If we fall short of your expectations in processing your personal information or you wish to make a complaint about our privacy practices, please tell us because it gives us an opportunity to fix the problem. You may contact us by submitted your complaint to email@example.com to assist us in responding to your request, please give full details of the issue. You may exercise any of the above stated rights following our Data Subject Access Request Procedure.
Persons who have access to your Personal Data
In addition to our staff who have a business need to know, the following trusted third parties have access to your information:
a. We use a customer relationship management tool to help manage our contact database and send out email communications to you.
c. Professional service providers such as IT service providers and website hosts.
We will transfer your Personal Data to only those Affiliated Third Parties who we are sure can offer the required level of protection to your privacy and information and who are also contractually obligated to us to do so. We do not and will not at any point in time sell your Personal Data. We require all Affiliated Third Parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our professional service providers to use your Personal Data for their own purposes and only permit them to process your Personal Data for specified purposes and in accordance with our instructions.
Security and Confidentiality
Information submitted by you is stored on secure servers we have which are encrypted and access is restricted to only authorised persons in charge of maintaining the servers. We have put in place physical, electronic and procedural processes that safeguard and protect your information against unauthorised access, modification or erasure. However, we cannot guarantee 100% security as no security programme is completely fool proof. In the unlikely event that we experience any breach to your personal data, such breach shall be handled in accordance with our Personal Data Breach Management Procedures. Our staff also have an obligation to maintain the confidentiality of any Personal Data held by us.
As you know, transmission of data on the internet is never guaranteed regarding safety. It is impossible to completely guarantee your safety with electronic data and transmission. You are therefore at your own risk if you elect to transmit any data electronically.
Transfer of Personal Data outside Nigeria
The Personal Data we collect may be transferred to and processed in another country other than your country of residence for the purposes stated above. The data protection laws in those countries may be different from, and less stringent than the laws applicable in your country of residence.
By accepting this Policy or by providing your Personal Data to us, you expressly consent to such transfer and Processing. We will however take all reasonable steps to ensure that your data is treated securely and transfer of your Personal Data will only be done in accordance with the requirements of applicable laws and to parties who have put in place adequate controls to secure and protect your Personal Data.
Retention of Personal Data
We retain your Personal Data for no longer than reasonably necessary for the purposes set out in this Policy and in accordance with legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Where your Personal Data is contained within a document, the retention period applicable to such type of document in our document retention policy shall appl
Third party links