PRIVACY & COOKIE POLICY
Effective Date: 10/2/2025
Last Updated: 25/2/2026
1. Introduction
Haastrup Advisory (“we,” “our,” “us”) is committed to protecting your personal data and respecting your privacy in accordance with the Nigeria Data Protection Act 2023 (NDPA) and applicable regulatory guidance.
This Privacy & Cookie Policy explains how we collect, use, disclose, store, and protect personal data when you:
- Visit our website
- Engage our advisory services
- Communicate with us
- Subscribe to updates
- Apply for employment
- Interact with us digitally
2. Lawful Basis for Processing
We process personal data only where there is a lawful basis under the NDPA, including:
- Consent
- Performance of a contract
- Compliance with legal obligation
- Legitimate business interests
- Protection of vital interests
Where consent is relied upon, it may be withdrawn at any time.
3. Personal Data We Collect
We may collect the following categories of data:
a) Identity Data
Full name, title, company name, identification details.
b) Contact Data
Email address, phone number, physical address.
c) Professional Data
Job title, employment history, business details.
d) Financial Data
Payment information (where applicable).
e) Technical Data
IP address, browser type, device information, website usage data.
f) Sensitive Personal Data (where necessary)
Only processed where legally permitted and with enhanced safeguards.
4. How We Use Personal Data
We use personal data to:
- Provide advisory and consulting services
- Respond to inquiries
- Manage client relationships
- Issue invoices and receive payments
- Improve our website and services
- Comply with legal and regulatory requirements
- Prevent fraud and ensure cybersecurity
We do not sell personal data.
5. Data Sharing & Disclosure
We may share personal data with:
- Professional advisers (lawyers, auditors)
- IT and cloud service providers
- Regulatory authorities where legally required
- Payment processors
- Employees and contractors on a need-to-know basis
All third parties are required to implement adequate data protection safeguards.
6. International Data Transfers
Where personal data is transferred outside Nigeria, we ensure:
- Adequate level of protection
- Contractual safeguards
- Regulatory compliance in line with NDPA requirements
7. Data Retention
We retain personal data only for as long as necessary for:
- Contractual obligations
- Legal compliance
- Dispute resolution
- Legitimate business purposes
When no longer required, data is securely deleted or anonymized.
8. Your Rights Under the NDPA
Under the Nigeria Data Protection Act, data subjects have the right to:
- Access their personal data
- Request correction
- Request erasure
- Restrict processing
- Object to processing
- Withdraw consent
- Lodge a complaint with the Nigeria Data Protection Commission
Requests can be made via:
Email: [email protected]
We will respond within the statutory timeframe.
COOKIE POLICY
9. What Are Cookies?
Cookies are small text files stored on your device when you visit a website.
10. Types of Cookies We Use
a) Strictly Necessary Cookies
Required for website functionality.
b) Analytics Cookies
Help us understand how visitors use our website.
c) Functional Cookies
Enhance user experience and remember preferences.
d) Marketing Cookies (if applicable)
Used for targeted communication (only with consent).
11. Managing Cookies
Users can:
- Accept or reject cookies via our cookie banner
- Adjust browser settings
- Delete cookies at any time
Disabling some cookies may affect website functionality.
12. Data Security
We implement appropriate technical and organizational measures including:
- Encryption
- Access controls
- Confidentiality agreements
- Secure cloud storage
- Regular system monitoring
13. Data Breach Notification
In the event of a data breach likely to result in risk to individuals’ rights, we will:
- Notify the Nigeria Data Protection Commission
- Notify affected individuals where required
- Take remedial action promptly
14. Children’s Data
Our services are not directed at children under 18. We do not knowingly collect children’s personal data.
15. Updates to This Policy
We may update this Privacy & Cookie Policy periodically. Changes will be posted on our website with the revised effective date.
16. Contact Us
For questions or data protection requests:
Haastrup Advisory
Email: [email protected]
Telephone: +234 703 413 8261
