Legal
CMVP Privacy Policy
Rev.01; 22 January, 2025
1.0 Introduction
www.cmvp.net is an online record management solution provided by PROLIANCE LTD, a registered company with the Corporate Affairs Commission of Nigeria with certificate of incorporation number RC 1451877. The platform is designed to assist businesses such as Inspection Bodies, Calibration and Testing Labs, Certification Bodies, Training organisations, schools and institutes, as well as any related entities in managing, storing, and verifying issued certificates or results in a secure and organised manner.
Our services are carried out with the clear understanding that our customer data privacy is important, and we are committed to the protection of personal information in accordance with the Nigeria Data Protection Act (NDPA), General Data Protection Regulation (GDPR) and other relevant global privacy regulations.
2.0 Definitions
- NDPA: Nigerian Data Protection Act, 2023
- NDPR: Nigerian Data Protection Regulation, 2019
- DPO: "Data Protection Officer" that is appointed under the Data Protection Laws and in accordance with its requirements.
- Data Subject: Any individual, person, who can be identified, directly or, through an identifier (example, an identification number, location data, or through other factors specific to the individual or person’s physical, physiological, genetic, mental, economic, cultural or social identity.
- Data Processing: any operation or set of operations, which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3.0 Scope
This policy covers Proliance Ltd requirements for the processing, protection and storage of data in manual, electronic or any other documented format for www.cmvp.net records management services.
4.0 Information Collection and Use
We collect different types of information for various purposes to provide and continually improve our services to you.
5.0 Types of Data Collected
5.1 Personal Data
For the purposes of service delivery, we may request that you provide us with certain personal information for identification that we can use for your identification and to contact. Such personally identifiable information may include, but is not limited to:
- Name and Contact Data: We may collect your first name, middle and last name, work email address, company address, phone number, signature, date of birth, an identifiable document such work identity card, national identity card, and any other similar contact and identity data.
- Credentials: When you register in www.cpmvp.net or upload certificate credentials, you will be required to provide credentials such as:User Data: Information provided during account creation, including organization name, contact information, and login credentials.
- Certificate Data: Information about issued certificates, such as recipient details, certificate ID, issuance date, and validity period.
- Usage Data: We may collect certain information that your browser sends whenever you access our website or online platforms. This may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our service that you visit, time and period of your visit, duration spent on pages, geo-location information, mobile device access, mobile device data, tracking and cookies data and any other diagnostic data.
- Cookies Data: We use cookies and similar tracking technologies to track the activity on our services. Cookies are files with small amount of data which may include an anonymous unique identifier. We do not use cookies to track you or to retain any personal information, the cookies are used to store some information about the technical capabilities of your computer or device in order to give you a better experience. You can instruct your browser to refuse all cookies or to indicate when cookie is being sent.
5.2 Web Analytics
We use Google Analytics to measure behavior of users on the website. Google Analytics cookies records data about a user as well as remember user behavior across websites. A unique ID is assigned to users which does not identify personality and is not used to track personal information. It only enables Google to track individual activity and return visits.
If you wish to prevent the collection of data regarding your activity on our website by Google Analytics, you can use Google Analytics opt-out browser add-on available at https://tools.google.com/dlpage/gaoptout/. You can also prevent the storage of cookies by adjusting your browser software accordingly. For more information on the privacy policies of Google, please visit the Google Privacy & Terms web page at https://policies.google.com/privacy?hl=en.
5.3 Links to Other Sites
Our website and online platforms may contain links to other sites that are not operated by Proliance Ltd or her partners. If you click on a third-party link, you will be directed to that third-party site. It is recommended that review the "Privacy Policy" of every site you visit and interact with.
6.0 Basis for Lawful Processing
The personal data we collect and how we collect it depends on the nature of services or requests we receive. Please note that we only process your personal data in line with the Nigeria Data Protection Regulation and the Nigeria Data Protection Act, 2023. We rely on the basis of the following for lawful processing:
- Where you give us consent to the processing of your Personal Data for one or more specific purposes. You are at liberty to withdraw the consent and Proliance Ltd will cease to process your Personal Data where there is no other basis to do so.
- Where the processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract;
- Processing is necessary for compliance with a legal obligation to which Proliance Ltd is subject;
- Processing is necessary to protect the vital interests of the Data Subject or of another natural person; and
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official public mandate vested in Proliance Ltd.
- For the purpose of legitimate interests pursued by the data controller or data processor or by a third party to whom the data is disclosed so such legitimate interests are within the scope of the Nigeria Data Protection Act, 2023.
7.0 Who Do We Share Your Personal Information With, and Why?
We share your personal information with:
- Your Employer: To track information on uploaded certificates and when certificates are verified by others.
- Third-Party Service Providers: Such as IT support or platform hosting, under strict confidentiality agreements.
We do not share your information with any third party for marketing purposes and only share data externally when legally required or necessary to fulfill contractual obligations.
8.0 Protection of Your Data
Proliance Ltd has established adequate controls to protect the integrity and confidentiality of Personal Data, both in digital format, and to prevent personal data from being accidentally or deliberately compromised.
Our website is secure and duly encrypted to ensure adequacy in the protection of your personal data. We shall carry out routine maintenance and reviews to ensure only authorized parties have access to your personal information.
9.0 General Principles for Processing of Personal Data
Proliance Ltd is committed to maintaining the principles in the NDPR regarding the processing of Personal Data.
9.1 Lawfulness, Fairness, and Transparency
Personal Data must be processed lawfully, fairly, and in a transparent manner at all times. This implies that Personal Data collected and processed by or on behalf of Proliance Ltd must be in accordance with the specific, legitimate, and lawful purpose consented to by the Data Subject.
9.2 Data Accuracy
Personal Data must be accurate and kept up to date. Proliance Ltd shall:
- Ensure that any data collected is accurate and not misleading in a way that could be harmful to the Data Subject.
- Make efforts to keep Personal Data updated where reasonable and applicable.
- Correct or erase Personal Data when inaccuracies are discovered.
9.3 Purpose Limitations
Proliance Ltd collects Personal Data only for the purposes identified in the appropriate Privacy Notice provided to the Data Subject and for which consent has been obtained.
9.4 Data Minimization
We limit Personal Data collection and usage to data that is relevant, adequate, and necessary for carrying out the purpose for which the data is processed.
9.5 Integrity and Confidentiality
Proliance Ltd establishes adequate controls to protect the integrity and confidentiality of Personal Data, both in digital and physical format.
9.6 Personal Data Retention
All personal information shall be retained, stored, and destroyed by Proliance Ltd in line with legislative and regulatory guidelines.
9.7 Accountability
Proliance Ltd demonstrates accountability by monitoring and continuously improving data privacy practices within the company.
10.0 Consent of Minors
We do not knowingly collect personally identifiable information from anyone under the age of 18. The consent of minors will always be protected and obtained from their representatives in accordance with NDPR.
11.0 Your Privacy Rights
You can exercise the following rights with respect to your Personal Data with Proliance Ltd:
- Request for and access your Personal Data collected and stored by Proliance Ltd.
- Withdraw consent at any time.
- Object to automated decision-making.
- Request rectification and modification of Personal Data kept by Proliance Ltd.
- Request for deletion of your Personal Data.
- Request that Proliance Ltd restricts the processing of your Personal Data.
12.0 Training and Awareness
Proliance Ltd shall ensure that personnel collecting, accessing, and processing Personal Data are equipped with the required training and awareness to execute their tasks impartially.
13.0 Data Protection Officer (DPO)
Proliance Ltd shall appoint a Data Protection Officer (DPO) responsible for overseeing the company’s data protection programs and ensuring compliance with applicable laws.
14.0 Data Protection Performance Evaluation
Proliance Ltd shall conduct an annual evaluation to verify compliance with applicable data protection laws.
15.0 Review of This Privacy Policy
Proliance Ltd reserves the right to change, amend, or alter this Policy at any point in time. Updated versions will be provided as necessary.
16.0 Contact Information
If you require any questions or comments regarding this policy, email us at:
Address: 5 Owule Ojuan Street, off Peter Odili Road, Trans Amadi, Port Harcourt, Rivers State.
Phone: +2348079701019
Email: [email protected], [email protected]
