VividArt

PRIVACY POLICY

Last Updated: 22 July 2024

INTRODUCTION

We prioritize your privacy and are committed to safeguarding your personal information. This Privacy Policy ("Policy") explains how we gather, use, and protect your data. We kindly request you to read this document carefully. If you have any questions or need further information, please reach out to us. By using our services, you agree to the terms outlined in this Policy.

DATA CONTROLLER

The entity responsible for managing your personal data is:

VIVIDART TECHNOLOGY COMPANY LIMITED

Availability Code: 17194911937

Address: 4, MUSTAPHA STREET ISOLO , LAGOS, LAGOS STATE, NIGERIA

Email: support@vividart.ng

As the data controller, we determine the purposes and methods for processing your personal data and ensure compliance with relevant data protection laws. For any questions or concerns about your personal data, please contact us.

INFORMATION WE COLLECT

To provide you with exceptional service, we may collect the following types of data:

(a) Account Information: Profile ID, login details, activity logs, settings, photos, avatars, and other information you upload or share.

(b) Contact Information: Phone number, email address, and physical address.

(d) User-Generated Content: Data you upload through your account and data generated during your use of our services.

(e) Customer Support Data: Information about issues raised and their resolution status.

(f) Transaction Information: Order and purchase details, history, status, and current balance.

(g) Payment Information: Payment history, status, and preferred payment methods, including bank account and card details.

(h) Compliance Data: Information required for legal compliance, including AML/CFT and KYC processes.

(i) Technical Information: Data about your devices, including IP address, operating system, and browser details.

(j) Marketing Preferences: Data on your marketing preferences and participation in loyalty programs.

(k) On-Site Visit Data: Surveillance footage from our office premises.

(l) Communication Records: Phone conversations, chat histories, and email exchanges.

PURPOSES FOR USING YOUR DATA

We use your personal data for various purposes, including:

(a) Service Delivery: To provide the services you request.

(b) Account Management: To create and manage your user account.

(d) Order Processing: To handle and fulfill your orders.

(e) Transaction Management: To process financial transactions.

(f) Legal Compliance: To comply with legal and regulatory requirements.

(g) Dispute Resolution: To manage claims and resolve disputes.

(h) Communication: To communicate with you and provide support.

(i) Technical Support: To identify and resolve technical issues.

(j) Risk Management: To assess and mitigate risks.

(k) Marketing: To send you marketing information and personalized content.

(l) Fraud Prevention: To prevent fraudulent activities.

(m) Service Improvement: To enhance and develop our services.

(n) Security: To protect our information and assets.

LEGAL BASES FOR PROCESSING

We process your personal data based on one or more of following legal grounds:

(a) Contractual Necessity: To fulfill our contractual obligations to you, such as providing services, managing your account, and processing transactions.

(b) Legal Compliance: To comply with legal and regulatory requirements, including anti-money laundering (AML) and counter-terrorist financing (CFT) obligations.

(d) Consent: With your consent, for specific purposes like sending marketing communications. You can withdraw consent at any time by contacting us using contact information provided in this document.

(e) Vital Interests: To protect your vital interests or those of another person in emergency situations.

(f) Public Interest: When necessary for tasks carried out in the public interest or in the exercise of official authority vested in us.

METHODS OF DATA COLLECTION

We may collect personal data from:

(a) Direct Interactions: Information you provide when creating an account, making purchases, or using our services.

(b) Automated Technologies: Data collected automatically through cookies and similar technologies.

REQUIRED AND OPTIONAL DATA

Some data is essential for our services to function properly. Failure to provide mandatory data may limit access to certain features. Other data is optional and can be provided in line with your preferences. Non-provision of optional data does not affect your access to core functionality of our website or services.

DATA SHARING

We never sell or misuse your data. We may share your data with trusted partners to provide our services and with authorities when required by law. We ensure that all data sharing is conducted with care and in compliance with legal requirements.

DATA RETENTION

We retain personal data only as long as necessary for the purposes for which it was collected or as required by law. Retention periods vary based on the type of data and legal requirements. For example, data related to legal obligations is typically retained for 5 years, with possible extensions if needed. In other situations, we establish the retention period based on our business requirements and legal responsibilities. Generally, this corresponds with the statute of limitations for potential claims against us, which can last up to 10 years. After the retention period, we securely delete or anonymize your data.

INTERNATIONAL DATA TRANSFERS

Your data may be transferred outside Nigeria. For international data transfers, we ensure strict compliance with the Nigeria Data Protection Act (NDPA) and other applicable data protection and security laws. Regardless of the destination, your personal data will receive a level of protection that meets or exceeds the standards set by the NDPA.

SECURITY MEASURES

We implement various technical and organizational measures to protect your personal data. These include encryption, robust access controls, and regular security training for our staff to ensure they are well-equipped to handle sensitive information securely. Additionally, we perform regular security audits and updates to stay ahead of potential threats. We also encourage you to take proactive steps in securing your data by using strong passwords and enabling two-factor authentication whenever possible. Your active participation in these practices is crucial for maintaining the highest level of data security.

YOUR RIGHTS

You have the following rights regarding your personal data:

(a) Access: Request access to your personal data.

(b) Correction: Correct inaccuracies in your data.

(d) Restriction: Limit the processing of your data.

(e) Objection: Object to certain processing activities.

(f) Portability: Receive your data in a portable format.

(g) Withdrawal of Consent: Withdraw your consent at any time.

To exercise these rights, contact us at support@vividart.ng. We may need to verify your identity before processing your request. Please note that data subject rights are not absolute and may have certain limitations. Legal or regulatory requirements may prevent us from fully accommodating your request in specific situations. We will inform you of any such limitations when you make your request.

AUTOMATED DECISION-MAKING

We do not use automated decision-making processes that produce legal effects. However, we may use profiling to personalize your experience and offer recommendations.

COMPLAINTS

If you have concerns or complaints about our data processing, please contact us. We are committed to resolving any issues in a friendly and effective manner. However, if contacting us first is not feasible, you also have the right to lodge a complaint with the Nigeria Data Protection Commission.

POLICY UPDATES

This Policy may be updated periodically to reflect changes in our practices. We will publish the revised Policy on our website and notify you in case of significant changes.

CONTACT INFORMATION

For further information or assistance, please contact us at: support@vividart.ng