DEBT MANAGEMENT OFFICE (DMO) NIGERIA - PRIVACY NOTICE

1. INTRODUCTION

At the Debt Management Office (DMO) Nigeria, we deeply value privacy and understand the critical nature of protecting personal information. Our primary role is to centrally coordinate the management of Nigeria's debt, which involves handling personal and sensitive data with the utmost care and responsibility. We appreciate that the information we process, and the manner in which we handle it, has significant implications for individuals and entities, and we are steadfast in our commitment to safeguarding this information.

As a government agency entrusted with these responsibilities, we acknowledge the importance of complying with data protection legislation and maintaining the highest standards of confidentiality and data security. We are dedicated to upholding these standards not just as legal obligations, but as core components of our operational ethos. We firmly believe that transparency, respect for privacy, and diligent data management are vital in fostering trust in our services and achieving our mission effectively.

To achieve this, we have implemented robust data protection practices across our operations. These include measures to prevent unauthorized access, unlawful processing, accidental loss, destruction, or damage to personal data. Additionally, we provide ongoing training to our staff to ensure that everyone in our organization understands their data protection responsibilities and is equipped to handle data securely.

This Privacy Notice serves as a comprehensive guide to our data processing activities. It outlines why and how we collect, use, disclose, and retain your personal data, and it highlights your rights regarding your data under applicable data protection laws. We have endeavored to make this notice as clear and user-friendly as possible, but if you have any queries or require any clarification, we encourage you to reach out to us.

This Privacy Notice explains how we collect, use, disclose, retain, and protect your personal information.

2. IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER

The Data Controller responsible for your personal data is:

  • Debt Management Office (DMO) Nigeria
  • Address: [1st Floor NDIC Building, Plot 447/448 Constitution Avenue, CBD Abuja]
  • Contact: [This email address is being protected from spambots. You need JavaScript enabled to view it., +2348073580521]

If you have any questions about this privacy notice or our data protection practices, please contact us using the details provided above. For more specific inquiries related to your personal data, please reach out to our appointed Data Protection Officer.

Data Protection Officer (DPO)

  • Name: [Imoh Undokang-Ahunanya]
  • Contact: [This email address is being protected from spambots. You need JavaScript enabled to view it.]

Our DPO is responsible for overseeing our data protection strategy and implementation to ensure we are in compliance with data protection laws and principles. If you have any concerns about how we process your personal data, please feel free to contact our DPO directly.

3. PURPOSE AND LEGAL BASIS FOR PROCESSING

  1. The Debt Management Office (DMO) Nigeria undertakes the collection and processing of personal data in order to efficiently and effectively coordinate the management of Nigeria's debt. The success of this endeavor necessitates the maintaining of comprehensive and accurate records, thorough communication with involved parties, as well as the precise tracking and documenting of debt obligations.

  1. The specific personal data we collect depends significantly on the nature of our relationship with you and the services we provide. This can encompass basic contact details such as your name, address, and telephone number, or in certain instances, more sensitive data such as financial information.

  1. Regardless of the nature of the personal data, DMO Nigeria is committed to treating each piece of information with the highest level of care, discretion, and respect for your privacy.

  1. The legal justification for our processing of personal data varies with circumstances, and falls into one of the following categories:

  1. Compliance with a legal obligation: As a government entity, DMO Nigeria is bound by various legal requirements which necessitate the processing of certain personal data. This legal obligation is a paramount driver behind our data collection and processing activities.

  1. Performance of a contract: When DMO Nigeria enters into a contract with you, or at your request before finalizing a contract, it may be necessary to process your personal data. This ensures that we can satisfactorily fulfill our obligations under the contract.

  1. Consent: In certain scenarios, the processing of your personal data will be underpinned by the consent you have given. It's important to note that you hold the right to withdraw your consent at any point, and we are committed to making this process straightforward and accessible.

  1. Legitimate interests: DMO Nigeria, or a third party, may have legitimate interests that require the processing of your personal data. However, we are dedicated to ensuring that such interests do not override your rights and interests. In any case where we rely on legitimate interests as a basis for processing, we will conduct a thorough balancing test to ensure that your privacy rights are respected.

We aim to be transparent about why and how we process your data. If you have any queries or would like further clarification, we encourage you to reach out to us or to our Data Protection Officer

4. CATEGORIES OF PERSONAL DATA

DMO Nigeria is required to collect and process various types of personal data to fulfil our obligations and provide efficient debt management services. The types of personal data we may collect and process include, but are not limited to:

  1. Full Name: We collect your full name for identification purposes, ensuring that all our interactions are with the correct individual and that the services we provide are correctly attributed.

  1. Address: Your address allows us to maintain contact with you in a variety of ways, to send necessary documents and to verify your location for regulatory and statutory purposes.

  1. Telephone Number: Your telephone number enables us to contact you directly for time-sensitive communication, updates, clarifications, or for addressing any issues or queries you may have.

  1. Email Address: Your email address is essential for sending electronic communications, updates, notifications, and digital documents.

  1. [Any other relevant data]: This may include other personal data necessary for providing our services or complying with our legal obligations. We strive to minimize the data we collect and process to what is directly relevant and necessary for our operations.

5. RECIPIENTS OF PERSONAL DATA

In order to fulfil our legal obligations, to provide our services, and to conduct regular business operations, we may need to share your personal data with specific third parties. Please note that we have rigorous measures in place to ensure that any data sharing respects your privacy rights and is conducted in accordance with applicable data protection laws. The types of third parties with whom we may share your personal data include:

  1. Government Agencies: As a government entity, we may need to share data with other government agencies for legal, regulatory, or administrative purposes.

  1. External Auditors: External auditors may require access to personal data during the auditing process to verify our operations' legality and integrity.

  1. Service Providers: We may need to share personal data with various service providers that we engage for different services, including IT services, document management, legal services, among others. These service providers are obliged to protect your data and can only process it on our instruction.

We require all third parties to uphold stringent data security standards and to treat your personal data in strict compliance with the law. We do not permit third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes in accordance with our instructions.

6. TRANSFER OF PERSONAL DATA OUTSIDE NIGERIA

DMO Nigeria may occasionally need to transfer personal data outside Nigeria. Such transfers may occur for various reasons, such as engaging with international stakeholders, using international service providers, or complying with international legal obligations.

Whenever personal data is transferred outside Nigeria, we take stringent measures to ensure that the receiving country has adequate data protection laws and safeguards that align with Nigerian legal standards. Specific precautions we take include:

  1. Assessing Adequacy: Before any transfer, we thoroughly assess the data protection laws and regulations of the receiving country to ensure they are consistent with our legal requirements.

  1. Binding Agreements: We may utilize legally binding contractual clauses that mandate the receiving party to adhere to specific data protection obligations.

  1. Compliance with Regulations: We closely follow the guidance and requirements of Nigerian Data Protection Commission and international standards.

  1. Data Subject Consent: Where applicable, we will seek your explicit consent for such transfers, ensuring you have all the information needed to make an informed decision.

The transfer of personal data outside Nigeria is a process we undertake with great care, adhering to all relevant legal and regulatory obligations to safeguard your privacy rights.

7. DATA RETENTION

Your personal data is of utmost importance to us, and we commit to retaining it only for the time required to fulfil the purposes for which it was collected. Our Data Retention Policy aligns with this commitment and guides how we manage the data lifecycle:

  1. a.Retention Periods: Different types of data may have different retention periods, depending on legal requirements, contractual obligations, or operational needs. Specific retention periods for various data categories are defined in our Data Retention Policy.

  1. b.Legal and Regulatory Compliance: We ensure that our data retention aligns with all legal and regulatory requirements, maintaining records as required by law, but also ensuring data is deleted or anonymized when no longer needed.

  1. c.Secure Disposal: Once the retention period has expired, and the data is no longer necessary, we follow strict procedures to securely dispose of the data, ensuring it cannot be accessed or used unlawfully.

  1. d.Periodic Review: Our Data Retention Policy is subject to regular review to ensure that it continues to comply with legal requirements and reflects our operational needs.

By adhering to our Data Retention Policy, we ensure that your personal data is handled with care throughout its lifecycle, from collection to secure disposal, in accordance with all relevant laws and best practices. If you have any questions about our data retention practices, please do not hesitate to contact us.

8. YOUR RIGHTS

Under the relevant data protection laws, you have several rights concerning your personal data that DMO Nigeria respects and upholds. These rights may include:

  1. Right to Access: You have the right to request access to your personal data. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

  1. Right to Rectification: You have the right to request correction of any data we hold about you that may be incorrect or incomplete.

  1. Right to Erasure:In certain circumstances, you have the right to request the deletion of your personal data from our systems.

  1. Right to Restriction of Processing: Under specific conditions, you can request the restriction of processing your personal data.

  1. Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, or you may request it be directly transferred to another entity, where technically feasible.

  1. Right to Object: You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data.

  1. Right to Withdraw Consent: If the processing of your data is based on your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

  1. Right to Lodge a Complaint: If you believe that your data protection rights have been infringed or if you are dissatisfied with how we have handled your personal data, you have the right to lodge a complaint with the National Data Protection Commission (NDPC). The NDPC is the supervisory authority responsible for data protection compliance in Nigeria. You can contact the NDPC using the following details:
  • National Data Protection Commission (NDPC)
    Address: No.12 Clement Isong Street, Asokoro, Abuja, Nigeria
  • Email: https://ndpc.gov.ng/
  • Phone: :+2349160615551
  • Website: This email address is being protected from spambots. You need JavaScript enabled to view it.

We encourage you to first contact our Data Protection Officer (DPO) to address any concerns before reaching out to the NDPC, as we are committed to resolving any issues you may have also we take your rights seriously. If you wish to exercise any of these rights, or for more information, please contact our Data Protection Officer using the contact details provided in this notice.

9. UPDATES TO THIS NOTICE

As part of our commitment to compliance with data protection laws, and to ensure transparency in our data practices, this Privacy Notice may be updated periodically. Updates may reflect changes in our data processing practices, changes in applicable laws, or improvements in our data protection measures.

We encourage you to review this Privacy Notice often to ensure that you are aware of any changes and how your data may be used. Where any changes significantly affect your rights or the way we process personal data, we will take steps to inform you in a timely and appropriate manner.

It's important to us that you feel confident and informed about how we handle your personal data. If you have any questions or concerns, please do not hesitate to contact us or our Data Protection Officer.

10. Contact Us

We welcome any inquiries, comments, or requests you may have regarding this Privacy Notice or our privacy practices. Our dedicated Data Protection Officer (DPO) is available to address any concerns and provide you with further information.

You can reach out to our DPO via the following:

Postal Address: [1st Floor NDIC Building, Plot 447/448 Constitution Avenue, CBD, Abuja]

Email: [This email address is being protected from spambots. You need JavaScript enabled to view it.]

Our DPO is committed to ensuring that your personal data is protected and that we are in full compliance with all applicable data protection laws. If you believe that the processing of your personal data infringes on data protection laws, you also have the right to lodge a complaint with a supervisory authority.

At the Debt Management Office Nigeria, we are committed to maintaining open channels of communication with our stakeholders, and your feedback is valuable to us. Let us know if there's anything we can do to enhance our services and uphold our commitment to data privacy.

back to top

Latest Publications.

DMO In The News

Read more

Subscribe to Publications