Legal

CMVP Privacy Policy

Rev.01; 22 January, 2025

1.0 Introduction

www.cmvp.net is an online record management solution provided by PROLIANCE LTD, a registered company with the Corporate Affairs Commission of Nigeria with certificate of incorporation number RC 1451877. The platform is designed to assist businesses such as Inspection Bodies, Calibration and Testing Labs, Certification Bodies, Training organisations, schools and institutes, as well as any related entities in managing, storing, and verifying issued certificates or results in a secure and organised manner.

Our services are carried out with the clear understanding that our customer data privacy is important, and we are committed to the protection of personal information in accordance with the Nigeria Data Protection Act (NDPA), General Data Protection Regulation (GDPR) and other relevant global privacy regulations.

2.0 Definitions

  • NDPA: Nigerian Data Protection Act, 2023
  • NDPR: Nigerian Data Protection Regulation, 2019
  • DPO: "Data Protection Officer" that is appointed under the Data Protection Laws and in accordance with its requirements.
  • Data Subject: Any individual, person, who can be identified, directly or, through an identifier (example, an identification number, location data, or through other factors specific to the individual or person’s physical, physiological, genetic, mental, economic, cultural or social identity.
  • Data Processing: any operation or set of operations, which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

3.0 Scope

This policy covers Proliance Ltd requirements for the processing, protection and storage of data in manual, electronic or any other documented format for www.cmvp.net records management services.

4.0 Information Collection and Use

We collect different types of information for various purposes to provide and continually improve our services to you.

5.0 Types of Data Collected

5.1 Personal Data

For the purposes of service delivery, we may request that you provide us with certain personal information for identification that we can use for your identification and to contact. Such personally identifiable information may include, but is not limited to:

  • Name and Contact Data: We may collect your first name, middle and last name, work email address, company address, phone number, signature, date of birth, an identifiable document such work identity card, national identity card, and any other similar contact and identity data.
  • Credentials: When you register in www.cpmvp.net or upload certificate credentials, you will be required to provide credentials such as:User Data: Information provided during account creation, including organization name, contact information, and login credentials.
  • Certificate Data: Information about issued certificates, such as recipient details, certificate ID, issuance date, and validity period.
  • Usage Data: We may collect certain information that your browser sends whenever you access our website or online platforms. This may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our service that you visit, time and period of your visit, duration spent on pages, geo-location information, mobile device access, mobile device data, tracking and cookies data and any other diagnostic data.
  • Cookies Data: We use cookies and similar tracking technologies to track the activity on our services. Cookies are files with small amount of data which may include an anonymous unique identifier. We do not use cookies to track you or to retain any personal information, the cookies are used to store some information about the technical capabilities of your computer or device in order to give you a better experience. You can instruct your browser to refuse all cookies or to indicate when cookie is being sent.

5.2 Web Analytics

We use Google Analytics to measure behavior of users on the website. Google Analytics cookies records data about a user as well as remember user behavior across websites. A unique ID is assigned to users which does not identify personality and is not used to track personal information. It only enables Google to track individual activity and return visits.

If you wish to prevent the collection of data regarding your activity on our website by Google Analytics, you can use Google Analytics opt-out browser add-on available at https://tools.google.com/dlpage/gaoptout/. You can also prevent the storage of cookies by adjusting your browser software accordingly. For more information on the privacy policies of Google, please visit the Google Privacy & Terms web page at https://policies.google.com/privacy?hl=en.

5.3 Links to Other Sites

Our website and online platforms may contain links to other sites that are not operated by Proliance Ltd or her partners. If you click on a third-party link, you will be directed to that third-party site. It is recommended that review the "Privacy Policy" of every site you visit and interact with.

6.0 Basis for Lawful Processing

The personal data we collect and how we collect it depends on the nature of services or requests we receive. Please note that we only process your personal data in line with the Nigeria Data Protection Regulation and the Nigeria Data Protection Act, 2023. We rely on the basis of the following for lawful processing:

  • Where you give us consent to the processing of your Personal Data for one or more specific purposes. You are at liberty to withdraw the consent and Proliance Ltd will cease to process your Personal Data where there is no other basis to do so.
  • Where the processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract;
  • Processing is necessary for compliance with a legal obligation to which Proliance Ltd is subject;
  • Processing is necessary to protect the vital interests of the Data Subject or of another natural person; and
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official public mandate vested in Proliance Ltd.
  • For the purpose of legitimate interests pursued by the data controller or data processor or by a third party to whom the data is disclosed so such legitimate interests are within the scope of the Nigeria Data Protection Act, 2023.

7.0 Who Do We Share Your Personal Information With, and Why?

We share your personal information with:

  • Your Employer: To track information on uploaded certificates and when certificates are verified by others.
  • Third-Party Service Providers: Such as IT support or platform hosting, under strict confidentiality agreements.

We do not share your information with any third party for marketing purposes and only share data externally when legally required or necessary to fulfill contractual obligations.

8.0 Protection of Your Data

Proliance Ltd has established adequate controls to protect the integrity and confidentiality of Personal Data, both in digital format, and to prevent personal data from being accidentally or deliberately compromised.

Our website is secure and duly encrypted to ensure adequacy in the protection of your personal data. We shall carry out routine maintenance and reviews to ensure only authorized parties have access to your personal information.

9.0 General Principles for Processing of Personal Data

Proliance Ltd is committed to maintaining the principles in the NDPR regarding the processing of Personal Data.

9.1 Lawfulness, Fairness, and Transparency

Personal Data must be processed lawfully, fairly, and in a transparent manner at all times. This implies that Personal Data collected and processed by or on behalf of Proliance Ltd must be in accordance with the specific, legitimate, and lawful purpose consented to by the Data Subject.

9.2 Data Accuracy

Personal Data must be accurate and kept up to date. Proliance Ltd shall:

  • Ensure that any data collected is accurate and not misleading in a way that could be harmful to the Data Subject.
  • Make efforts to keep Personal Data updated where reasonable and applicable.
  • Correct or erase Personal Data when inaccuracies are discovered.

9.3 Purpose Limitations

Proliance Ltd collects Personal Data only for the purposes identified in the appropriate Privacy Notice provided to the Data Subject and for which consent has been obtained.

9.4 Data Minimization

We limit Personal Data collection and usage to data that is relevant, adequate, and necessary for carrying out the purpose for which the data is processed.

9.5 Integrity and Confidentiality

Proliance Ltd establishes adequate controls to protect the integrity and confidentiality of Personal Data, both in digital and physical format.

9.6 Personal Data Retention

All personal information shall be retained, stored, and destroyed by Proliance Ltd in line with legislative and regulatory guidelines.

9.7 Accountability

Proliance Ltd demonstrates accountability by monitoring and continuously improving data privacy practices within the company.

10.0 Consent of Minors

We do not knowingly collect personally identifiable information from anyone under the age of 18. The consent of minors will always be protected and obtained from their representatives in accordance with NDPR.

11.0 Your Privacy Rights

You can exercise the following rights with respect to your Personal Data with Proliance Ltd:

  • Request for and access your Personal Data collected and stored by Proliance Ltd.
  • Withdraw consent at any time.
  • Object to automated decision-making.
  • Request rectification and modification of Personal Data kept by Proliance Ltd.
  • Request for deletion of your Personal Data.
  • Request that Proliance Ltd restricts the processing of your Personal Data.

12.0 Training and Awareness

Proliance Ltd shall ensure that personnel collecting, accessing, and processing Personal Data are equipped with the required training and awareness to execute their tasks impartially.

13.0 Data Protection Officer (DPO)

Proliance Ltd shall appoint a Data Protection Officer (DPO) responsible for overseeing the company’s data protection programs and ensuring compliance with applicable laws.

14.0 Data Protection Performance Evaluation

Proliance Ltd shall conduct an annual evaluation to verify compliance with applicable data protection laws.

15.0 Review of This Privacy Policy

Proliance Ltd reserves the right to change, amend, or alter this Policy at any point in time. Updated versions will be provided as necessary.

16.0 Contact Information

If you require any questions or comments regarding this policy, email us at:

Address: 5 Owule Ojuan Street, off Peter Odili Road, Trans Amadi, Port Harcourt, Rivers State.

Phone: +2348079701019

Email: [email protected], [email protected]