While we have not made any material changes to the way we process data about our users, we have updated this policy to make it shorter and easier to read, and to comply with the Nigerian Data Protection Regulation (NDPR) and the EU General Data Protection Regulation.
Table of Contents:
1. What Data We Get
2. How We Get Data About You
3. How We Use Your Data
4. How We Share Your Information
6. How We Protect and Retain Information
7. Privacy Shield
8. Updates and Contact Information
Our registered users (“Members”) share their professional identities, engage with their network, exchange knowledge and professional insights, post and view relevant content, learn and develop skills, sell their services and information and find business and career opportunities. Content and data on some of our Services is viewable to non-members (“Visitors”).
DATA CONTROLLERS AND CONTRACTING PARTIES:
Legum will be the controller of your personal data provided to, or collected by or for, or processed in connection with our Services.
1. DATA WE COLLECT
We collect certain data from you directly, like information you enter yourself, data about your participation on the platform, and data from third-party platforms you connect with Legum. We also collect some data automatically, like information about your device and what parts of our Services you interact with or spend time using.
1.1 DATA YOU PROVIDE TO US
We may collect different data from or about you depending on how you use the Services. When you create an account and use the Services, including through a third-party platform, we collect any data you provide directly, including:
1.1.1 ACCOUNT DATA
In order to use our services, you need to create a user account. When you create or update your account, we collect and store the data you provide, like your email address, password, gender, and date of birth.
You create your Legum profile (a complete profile helps you get the most from our Services).
1.1.2 PROFILE DATA
You can also choose to provide profile information like a photo, headline, website link, social media profiles, or other data. You have choices about the information on your profile, such as your education, work experience, skills, city or country and endorsements. You don’t have to provide additional information on your profile; however, profile information helps you to get more from our Services, including helping recruiters and business opportunities find you. It’s your choice whether to include sensitive information on your profile and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be publicly available.
1.1.3 SHARED CONTENT
Parts of the Services let you interact with other users or share content publicly, including by posting on groups or forums, asking or answering questions, sending messages to users or posting photos and materials you upload on the marketplace. Such shared content may be publicly viewable by others depending on where it is posted.
If you sync your contacts or calendars with our Services, we will collect your address book and calendar meeting information to keep growing your network by suggesting connections for you and others, and by providing information about events.
You don’t have to post or upload personal data; though if you don’t, it may limit your ability to grow and engage with your network over our Services.
1.2 DATA FROM OTHERS
Data About Your Accounts on Other Services: We may obtain certain information through your social media or other online accounts if they are connected to your Legum account. If you login to Legum via Facebook or another third-party platform or service, we ask for your permission to access certain information about that other account. For example, depending on the platform or service we may collect your name, profile picture, login email address, location, physical location of your access devices, gender, birthday, and list of friends or contacts.
Those platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service decide to give us.
If you access or use our Services through a third-party platform or service, or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.
1.3 SERVICE USE
We log usage data when you visit or otherwise use our Services, including our sites, app and platform technology, such as when you view or click on content or ads (on or off our sites and apps), time spent on pages or the Service, pages visited, features used, your search queries, click data, date and time install or update one of our mobile apps. We use log-ins, cookies, device information and internet protocol (“IP”) addresses to identify you and log your use.
1.4 YOUR DEVICE AND LOCATION
When you visit or leave our Services (including some plugins and our cookies or similar technology on the sites of others), we receive the URL of both the site you came from and the one you go to and the time of your visit. We also get information about your network and device (e.g., IP address, proxy server, operating system, web browser and add-ons, device identifier and features, cookie IDs and/or ISP, or your mobile carrier). If you use our Services from a mobile device, that device will send us data about your location based on your phone settings. We will ask you to opt-in before we use GPS or other tools to identify your precise location.
Technical data about your computer or device, like your IP address, device type, operating system type and version, unique device identifiers, browser, browser language, domain and other systems data, and platform types (“System Data”).
1.5 SITES AND SERVICES OF OTHERS
We get data when you visit sites that include our ads, cookies or some of our plugins or when you log-in to others’ services with your Legum account.
We receive information about your visits and interaction with services provided by others when you log-in with LinkedIn or visit others’ services that include some of our plugins (such as “Apply with Legum”) or our ads, cookies or similar technologies.
We are improving our Services, which means we get new data and create new ways to use data.
2. HOW WE GET DATA ABOUT YOU
2.1 COOKIES AND SIMILAR TECHNOLOGIES
Legum uses the following types of cookies:
• Preferences: cookies that remember data about your browser and preferred settings that affect the appearance and behavior of the Services (like your preferred language).
• Security: cookies used to enable you to log in and access the Services; protect against fraudulent logins; and help detect and prevent abuse or unauthorized use of your account.
• Functional: cookies that store functional settings (like the volume level you set for video playback).
• Session State: cookies that track your interactions with the Services to help us improve the Services and your browsing experience, remember your login details, and enable processing of your course purchases. These are strictly necessary for the Services to work properly, so if you disable them then certain functionalities will break or be unavailable.
Some of the third-party partners who provide certain features on our site may also use Local Storage Objects (also known as flash cookies or LSOs) to collect and store data.
We use third-party browser and mobile analytics services like Google Analytics. These services use Data Collection Tools to help us analyze your use of the Services, including information like the third-party website you arrive from, how often you visit, events within the Services, usage and performance data, and where the application was downloaded from. We use this data to improve the Services, better understand how the Services perform on different devices, and provide information that may be of interest to you.
2.3 ONLINE ADVERTISING
We use third-party advertising services like Facebook, Google’s ad services, and other ad networks and ad servers to deliver advertising about our Services on other websites and applications you use. The ads may be based on things we know about you, like your Usage Data and System Data (as detailed in Section 1), and things that these ad service providers know about you based on their tracking data. The ads can be based on your recent activity or activity over time and across other sites and services; and may be tailored to your interests.
Depending on the types of advertising services we use, they may place cookies or other tracking technologies on your computer, phone, or other device to collect data about your use of our Services, and may access those tracking technologies in order to serve these tailored advertisements to you.
When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide their own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.
3. HOW WE USE YOUR DATA
We use information to operate the Services, including:
3.1. TO ADMINISTER YOUR ACCOUNT AND PROVIDE THE SERVICES TO YOU
• Create and manage your account.
• Provide you with client support and respond to your requests.
• Communicate with you about the Services.
3.2 TO INFORM YOU ABOUT OFFERS AND EVENTS
• Develop, display and track content and suggestions tailored to your interests on the Services and other websites.
• Communicate with you by email, phone, social media or mobile device about products or services that we think may interest you.
• The information collected in conjunction with events may also be used for the marketing of additional services and events by us and/or our promotional partners and sponsors beyond the contest, sweepstakes and/or special event. Depending on the event, Users either grant their approval on how their information is used before it is collected (‘opt-in’) or choose to deny use of their information for additional purposes (‘opt-out’).
3.3 TO IMPROVE THE SERVICES AND DEVELOP NEW ONES
• Administer focus groups and surveys.
• Conduct research and analysis of Users’ behavior to improve the Services.
• Develop new features and services.
3.4 TO PREVENT, DETECT AND FIGHT FRAUD OR OTHER ILLEGAL OR UNAUTHORIZED ACTIVITIES
• Address ongoing or alleged fraud or other misbehavior on or though the Services.
• Analyze data to better understand and design countermeasures against fraud.
• Retain data related to fraudulent activities to prevent against recurrences.
3.5 TO ENSURE LEGAL COMPLIANCE
• Comply with legal requirements.
• Assist law enforcement.
• Enforce or exercise our rights, for example our Terms of Service.
• Legitimate Interests: We may use your information where we have legitimate interests to do so. For example, we analyze our Users’ behavior to improve the Services, to prevent and detect fraud and misuse, and to market the Email Notifications to you.
• Consent: From time to time, we may ask for your consent to use your information. You may withdraw your consent at any time by contacting us using the contact information provided above.
4. HOW WE SHARE YOUR INFORMATION
4.1 WITH OUR OPERATIONAL PROVIDERS AND PARTNERS
4.2 WITH OUR AFFILIATES
We share your information with our affiliates to help us with technical processing operations, such as data hosting and maintenance, client care, marketing and targeted suggestions, better understanding how the Services are used and Users’ behavior to improve the Services, securing our data and systems, fighting against spam, abuse, fraud and intellectual property infringement.
4.3 WHEN REQUIRED BY LAW
Applicable law may require us and our service providers to disclose your information if:
• reasonably necessary to comply with a legal process, such as a court order, subpoena or search warrant, government investigation or other legal requirements; or
• necessary for the prevention or detection of crime (subject in each case to applicable law).
4.4 TO ENFORCE LEGAL RIGHTS
We may also share information:
• if disclosure would mitigate our liability in an actual or threatened lawsuit;
• as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties;
• to enforce our agreements with you; and
• to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
4.5 WITH YOUR CONSENT OR AT YOUR REQUEST
We may ask for your consent to share your information with third parties. When we do, we will make clear why we want to share the information.
We may collect and provide aggregate information about our Users (such as how many persons visited a particular page or activity or the likes and dislikes of our Users) to our advertisers, sponsors, promotional partners and affiliates but this aggregated information does not include personal information about any individual User.
The Websites also use clear GIFs [Graphics Interchange Formats] (also known as pixel tags, web beacons or web bugs). A clear GIF is computer code that contains a unique identifier that enables us to monitor user activity and traffic of the Websites. We use GIFs to gather aggregate information on visits to our Websites, track usage of Website links and assist with registration and other features.
5.2 USE AND COLLECTION OF INFORMATION BY ADVERTISERS AND SPONSORS; THIRD PARTY COOKIES AND TRACKING TOOLS
We use third-party suggestions companies to serve ads on the Website. These suggestions companies may collect and use information (not including your name, address, e-mail address or telephone number) about your visits to the Website and other websites not owned and operated by us, and may also combine this information with other data about your purchases and interests from other online and offline sources, in order to provide advertisements about goods and services that may interest you (as inferred from your online activity).
We also share usage information about Users of the Websites with these companies for the purpose of managing and targeting advertisements and for market research analysis on the Websites and other websites. For these purposes, we and our third party suggestions companies may note some of the pages you visit on the Websites through the use of GIFs. In the course of serving advertisements to the Websites, our third party advertisers may place or recognize a unique ‘cookie’ on your computer. The Websites may post banner ads and other forms of advertisements, and/or links to the websites of affiliate entities or of advertisers or sponsors who are companies that are not owned or operated by us, or our affiliates or subsidiaries. These entities may independently solicit and collect personal information, or send their own cookies and/or clear GIFs to our Users. The data collected is used in order to provide advertisements about goods and services that may be of interest to Users of the Websites and other interactive media and may be used to keep track of user response to each advertisement. We also work with third-party data analytics and online targeting companies. Some of these companies may use non-personal information (not including your name, address, email address or telephone number) about your visits to the Websites and other websites in order to provide data and targeting recommendations based on which we may provide advertisements about goods and services of interest to you.
6. HOW WE PROTECT AND RETAIN INFORMATION
We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need to know that information to service your account or perform their job functions.
Although we take precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal information.
You are responsible for maintaining the security of your account and the information in your account. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address on record on your account.
If you believe that your account or information is no longer secure, please notify us immediately at firstname.lastname@example.org.
The criteria used to determine our retention periods include:
• The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you have an account with us or keep using the Websites);
• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them)
• Whether retention is advisable; and considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations).
6.1 CROSS BORDER DATA TRANSFERS
Legum is headquartered in Nigeria and Data Privacy is governed by the Nigerian Data Protection Regulation. Sharing of information sometimes involves cross-border data transfers to or from Nigeria and other jurisdictions. By visiting or using our Services, you consent to storage of your data on servers located in Nigeria. If you are using the Services from outside Nigeria, you consent to the transfer, storage, and processing of your data in and to Nigeria or other countries. We use the Nigerian Data Protection Privacy Shield and standard contractual clauses approved by the Nigerian Information Technology Development Agency to validate transfers of foreign residents’ personal information from Nigeria to other countries. For more information about our Privacy Shield certification, please read the PRIVACY SHIELD section below. Standard contractual clauses are commitments between companies transferring personal information of EEA residents to protect the privacy and security of the transferred personal information.
6.2 YOUR CHOICES ABOUT YOUR INFORMATION
If you would like to review, correct, update, suppress, restrict or delete personal information (including Personal Data as defined in the PRIVACY SHIELD section below) that you have previously provided to us, or if you would like to receive an electronic copy of your personal information for purposes of transmitting it to another company (if this right to data portability is provided to you by law), you can contact us at email@example.com or by mail to Legum , 294 Herbert Macaulay Way, Yaba 101212, Lagos
In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information suppressed from our database, or other limitations you would like to put on our use of your personal information. For your protection, we only fulfill requests for the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before fulfilling your request. We will try to comply with your request as soon as reasonably practicable.
6.3 CHILDREN’S PRIVACY
Legum respects the privacy of your child and we want to share with you our policies regarding children under the age of sixteen (16). Although Users of all ages may navigate through the Services, we do not knowingly collect personal information from anyone under age sixteen (16). If we learn that a child under age sixteen (16) has improperly provided us with information, we will notify the child’s parent or legal guardian and thereafter delete the child’s personal information from our records.
6.4 LINKS TO OTHER WEBSITES AND SERVICES
7. PRIVACY SHIELD
Legum complies with the Nigerian Data Protection Privacy (“Privacy Shield Frameworks“) as set forth by the Nigerian Information Technology Development Agency regarding the collection, use and retention of Personal Data (as defined below) transferred from Nigeria to Foreign countries. Legum has certified that it adheres to the Privacy Shield Principles with respect to such Personal Data. If the policies in this Privacy Shield Policy and the data subject rights under the Privacy Shield Principles conflict, the Privacy Shield Principles shall govern.
To learn more about the Privacy Shield program, please visit https://nitda.gov.ng/wp-content/uploads/2019/01/Nigeria%20Data%20Protection%20Regulation.pdf
With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, Legum is subject to the regulatory enforcement powers of the Nigerian Information Technology Development Agency.
In this PRIVACY SHIELD section:
“Database” means a collection of data organized in a manner that allows access, retrieval, deletion and procession of that data; it includes but not limited to structured, unstructured, cached and file system type databases;
“Foreign Country” means other sovereign states, autonomous or semi-autonomous territories within the international community;
“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; It can be anything from a name, address, a photo, an email address, bank details, posts on social networking websites, medical information, and other unique identifier such as but not limited to MAC address, IP address, IMEI number, IMSI number, SIM and others;
“Sensitive Personal Data” means Data relating to religious or other beliefs, sexual tendencies, health, race, ethnicity, political views, trades union membership, criminal records or any other sensitive personal information;
“Third Party” means any natural or legal person, public authority, establishment or any other body other than the Data Subject, the Data Controller, the Data Administrator and the persons who are engaged by the Data Controller or the Data Administrator to process personal data.
PRIVACY SHIELD PRINCIPLES
Legum commits to processing Personal Data in accordance with the Privacy Shield Principles as follows:
Prior to collecting Personal Data, Legum notifies Foreign Users about the categories of Personal Data that Legum collects and the purposes for collection and use of their Personal Data. Legum will only process Personal Data in ways that are compatible with the purpose for which Legum collected it or for purposes later authorized.
Please see the YOUR CHOICES ABOUT YOUR INFORMATION section above for more information about how to exercise your choices.
3. Accountability for Onward Transfer
Legum shares Personal Data collected through the Services as described above.
If Legum transfers Personal Data to a third-party, Legum takes reasonable and appropriate steps to ensure that each third-party transferee processes Personal Data transferred in a manner consistent with Legum ’s obligations under the Privacy Shield Principles. Legum will ensure that each transfer is consistent with any notice provided to Foreign Users and any consent they have given. Legum requires a written contract with any third party receiving Personal Data that ensures that the third party:
(i) processes the Personal Data for limited and specified purposes consistent with any consent provided by Foreign Users,
(ii) provides at least the same level of protection as is required by the Privacy Shield Principles,
(iii) notifies Legum if it cannot comply with Privacy Shield; and
(iv) ceases processing Personal Data or takes other reasonable and appropriate steps to remediate.
As noted above, under certain circumstances, Legum may be required to disclose Personal Data in response to valid requests by public authorities, including for national security or law enforcement requirements.
Legum remains liable under the Privacy Shield Principles if an agent processes Personal Data in a manner inconsistent with the Principles unless Legum is not responsible for the event giving rise to the damage.
Legum takes appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration, unavailability and destruction. In determining these measures, Legum considers the risks involved in the processing and the nature of the Personal Data.
5. Data Integrity and Purpose Limitation
Legum takes reasonable steps to ensure that such Personal Data is reliable for its intended use, accurate, complete and current. Legum adheres to the Privacy Shield Principles for as long as it retains Personal Data in identifiable form. Legum takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain Personal Data in identifiable form only for as long as it serves a purpose of processing.
Legum limits the collection of Personal Data to information that is relevant for processing. Legum does not process Personal Data in a way that is incompatible with the purpose for which it was collected or subsequently authorized by a Foreign User.
A Foreign User has the right to access his or her Personal Data and to correct, amend, limit use of or delete the Personal Data if the Personal Data is inaccurate or processed in violation of the Privacy Shield Principles. Legum is not required to grant the rights to access, correct, amend and delete Personal Data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to the Foreign User’s privacy or if the rights of persons other than the Foreign User are or could be violated.
Please see the YOUR CHOICES ABOUT YOUR INFORMATION section above for more information about how to exercise your choices.
7. Recourse, Enforcement, and Liability
In compliance with the Privacy Shield Principles, Legum commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to Nigeria pursuant to the Data Protection Regulations. Foreign individuals with Privacy Shield inquiries or complaints should first contact Legum at firstname.lastname@example.org.
If your Privacy Shield complaint cannot be resolved by other redress mechanisms Legum has further committed to refer such unresolved complaints under the Privacy Shield Principles to Alternative Dispute Resolution mechanism, Chartered Institutes of Arbitrators Nigeria and its proceedings will be governed by the Nigerian Arbitration Laws.
Legum commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles.
8. UPDATES & CONTACT INFORMATION
When we make a material change to this policy, we’ll notify users via email, in-product notice, or another mechanism required by law. Changes become effective the day they’re posted. Please contact us via email or postal mail with any questions, concerns, or disputes.
What are cookies?
Cookies are small text files stored by your browser as you browse the internet. They can be used to collect, store, and share data about your activities across websites, including on Legum. Cookies also allow us to remember things about your visits to Legum, like your preferred language, and to make the site easier to use.
We use both session cookies, which expire after a short time or when you close your browser, and persistent cookies, which remain stored in your browser for a set period of time. We use session cookies to identify you during a single browsing session, like when you log into Legum. We use persistent cookies where we need to identify you over a longer period, like when you request that we keep you signed in.
Authentication and security
• To log you into Legum.ng
• To protect your security
• To help detect and fight spam, abuse, and other activities that violate Legum’s agreements
• To remember data about your browser and your preferences
• To remember your settings and other choices you’ve made
Analytics and research
• To help us improve and understand how people use Legum.
• To customize Legum with more relevant content
• To provide you with more relevant advertising
Please note that where advertising technology is integrated into the Services, you may still receive advertising on other websites and applications, but it will not be tailored to your interests.
When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide its own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.
What are my privacy options?
• Most browsers automatically accept cookies, but you can change your browser settings to decline cookies by consulting your browser’s support articles. If you decide to decline cookies, please note that you may not be able to sign in, customize, or use some interactive features in the Services.
• Flash cookies operate differently than browser cookies, so your browser’s cookie-management tools may not remove them. To learn more about how to manage Flash cookies, see Adobe’s article on managing flash cookies and Website Storage Settings panel.
• To get information and control cookies used for tailored advertising from participating companies, see the consumer opt-out pages for the Network Advertising Initiative and Digital Advertising Alliance, or if you’re located in the European Union, visit the Your Online Choices site. To opt out of Google Analytics’ display advertising or customize Google Display Network ads, visit the Google Ads Settings page.
• For general information about targeting cookies and how to disable them, visit www.allaboutcookies.org.
UPDATES & CONTACT INFORMATION