Privacy Policy

This Privacy Policy was last updated on July 1, 2020.



While we have not made any material changes to the way we process data about our users, we have updated this policy to make it shorter and easier to read, and to comply with the Nigerian Data Protection Regulation (NDPR) and the EU General Data Protection Regulation.

Thank you for joining the world’s first legal social media marketplace. We at Legum.ng (“Legum”, “we”, “us”) respect your privacy and want you to understand how we collect, use, and share data about you. This Privacy Policy covers our data collection practices and describes your rights to access, correct, or restrict our use of your personal data.

By using the Services, you agree to the terms of this Privacy Policy. You shouldn’t use the Services if you don’t agree with this Privacy Policy or any other agreement that governs your use of the Services.

Table of Contents:



Introduction

1. What Data We Get

2. How We Get Data About You

3. How We Use Your Data

4. How We Share Your Information

5. Our Use of Cookies and other Tools

6. How We Protect and Retain Information

7. Privacy Shield

8. Updates and Contact Information

9. Cookie Policy



INTRODUCTION

We are a social network and online platform for legal professionals. People use our platform to find and be found for business opportunities, to connect with others, find information and sell their services. Our Privacy Policy applies to any Member or Visitor to our platform. Our registered users (“Members”) share their professional identities, engage with their network, exchange knowledge and professional insights, post and view relevant content, learn and develop skills, sell their services and information and find business and career opportunities. Content and data on some of our Services is viewable to non-members (“Visitors”).

SERVICES: This Privacy Policy, including our Cookie Policy applies to your use of our Services. Unless we link to a different policy or state otherwise, this Privacy Policy applies when you visit or use the Legum website, mobile applications, APIs or related sites, apps, communications and services ( “Services”), including off-site Services, such as our ad services and the “Apply with Legum” and “Share with Legum” plugins, but excluding services that state that they are offered under a different privacy policy.

DATA CONTROLLERS AND CONTRACTING PARTIES: Legum will be the controller of your personal data provided to, or collected by or for, or processed in connection with our Services.

As a Visitor or Member of our Services, the collection, use and sharing of your personal data is subject to this Privacy Policy and other documents referenced in this Privacy Policy, as well as updates.

CHANGE: Changes to the Privacy Policy apply to your use of our Services after the “effective date.” Legum (“we” or “us”) can modify this Privacy Policy, and if we make material changes to it, we will provide notice through our Services, or by other means, to provide you the opportunity to review the changes before they become effective. If you object to any changes, you may close your account.

You acknowledge that your continued use of our Services after we publish or send a notice about our changes to this Privacy Policy means that the collection, use and sharing of your personal data is subject to the updated Privacy Policy, as of its effective date.

1. DATA WE COLLECT

We collect certain data from you directly, like information you enter yourself, data about your participation on the platform, and data from third-party platforms you connect with Legum. We also collect some data automatically, like information about your device and what parts of our Services you interact with or spend time using.

1.1 DATA YOU PROVIDE TO US

We may collect different data from or about you depending on how you use the Services. When you create an account and use the Services, including through a third-party platform, we collect any data you provide directly, including:

1.1.1 ACCOUNT DATA

In order to use our services, you need to create a user account. When you create or update your account, we collect and store the data you provide, like your email address, password, gender, and date of birth.

You create your Legum profile (a complete profile helps you get the most from our Services).

1.1.2 PROFILE DATA

You can also choose to provide profile information like a photo, headline, website link, social media profiles, or other data. You have choices about the information on your profile, such as your education, work experience, skills, city or country and endorsements. You don’t have to provide additional information on your profile; however, profile information helps you to get more from our Services, including helping recruiters and business opportunities find you. It’s your choice whether to include sensitive information on your profile and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be publicly available.

1.1.3 SHARED CONTENT

Parts of the Services let you interact with other users or share content publicly, including by posting on groups or forums, asking or answering questions, sending messages to users or posting photos and materials you upload on the marketplace. Such shared content may be publicly viewable by others depending on where it is posted.

If you sync your contacts or calendars with our Services, we will collect your address book and calendar meeting information to keep growing your network by suggesting connections for you and others, and by providing information about events.

You don’t have to post or upload personal data; though if you don’t, it may limit your ability to grow and engage with your network over our Services.

1.2 DATA FROM OTHERS

Data About Your Accounts on Other Services: We may obtain certain information through your social media or other online accounts if they are connected to your Legum account. If you login to Legum via Facebook or another third-party platform or service, we ask for your permission to access certain information about that other account. For example, depending on the platform or service we may collect your name, profile picture, login email address, location, physical location of your access devices, gender, birthday, and list of friends or contacts.

Those platforms and services make information available to us through their APIs. The information we receive depends on what information you (via your privacy settings) or the platform or service decide to give us.

If you access or use our Services through a third-party platform or service, or click on any third-party links, the collection, use, and sharing of your data will also be subject to the privacy policies and other agreements of that third party.

1.3 SERVICE USE

We log usage data when you visit or otherwise use our Services, including our sites, app and platform technology, such as when you view or click on content or ads (on or off our sites and apps), time spent on pages or the Service, pages visited, features used, your search queries, click data, date and time install or update one of our mobile apps. We use log-ins, cookies, device information and internet protocol (“IP”) addresses to identify you and log your use.

1.4 YOUR DEVICE AND LOCATION

When you visit or leave our Services (including some plugins and our cookies or similar technology on the sites of others), we receive the URL of both the site you came from and the one you go to and the time of your visit. We also get information about your network and device (e.g., IP address, proxy server, operating system, web browser and add-ons, device identifier and features, cookie IDs and/or ISP, or your mobile carrier). If you use our Services from a mobile device, that device will send us data about your location based on your phone settings. We will ask you to opt-in before we use GPS or other tools to identify your precise location.

Technical data about your computer or device, like your IP address, device type, operating system type and version, unique device identifiers, browser, browser language, domain and other systems data, and platform types (“System Data”).

1.5 SITES AND SERVICES OF OTHERS

We get data when you visit sites that include our ads, cookies or some of our plugins or when you log-in to others’ services with your Legum account.

We receive information about your visits and interaction with services provided by others when you log-in with LinkedIn or visit others’ services that include some of our plugins (such as “Apply with Legum”) or our ads, cookies or similar technologies.

1.6 OTHER

We are improving our Services, which means we get new data and create new ways to use data.

Our Services are dynamic, and we often introduce new features, which may require the collection of new information. If we collect materially different personal data or materially change how we collect, use or share your data, we will notify you and may also modify this Privacy Policy.

2. HOW WE GET DATA ABOUT YOU

2.1 COOKIES AND SIMILAR TECHNOLOGIES

Legum and service providers acting on our behalf (like Google Analytics and third party advertisers) use server log files and automated data collection tools like cookies, tags, scripts, customized links, device or browser fingerprints, and web beacons (together, “Data Collection Tools”) when you access and use the Services. These Data Collection Tools automatically track and collect certain System Data and Usage Data (as detailed in Section 1) when you use the Services. In some cases, we tie data gathered through those Data Collection Tools to other data that we collect as described in this Privacy Policy. We use cookies (small files that websites send to your device to uniquely identify your browser or device or to store data in your browser) for things like analyzing your use of the Services, personalizing your experience, making it easier to log into the Services, and recognizing you when you return. We use web beacons (small objects that allow us to measure the actions of visitors and users using the Services) for things like identifying whether a page was visited, identifying whether an email was opened, and advertising more efficiently by excluding current users from certain promotional messages or identifying the source of a new mobile app download.

Legum uses the following types of cookies:

• Preferences: cookies that remember data about your browser and preferred settings that affect the appearance and behavior of the Services (like your preferred language).

• Security: cookies used to enable you to log in and access the Services; protect against fraudulent logins; and help detect and prevent abuse or unauthorized use of your account.

• Functional: cookies that store functional settings (like the volume level you set for video playback).

• Session State: cookies that track your interactions with the Services to help us improve the Services and your browsing experience, remember your login details, and enable processing of your course purchases. These are strictly necessary for the Services to work properly, so if you disable them then certain functionalities will break or be unavailable. You can set your web browser to alert you about attempts to place cookies on your computer, limit the types of cookies you allow, or refuse cookies altogether. If you do, you may not be able to use some or all features of the Services, and your experience may be different or less functional.

Some of the third-party partners who provide certain features on our site may also use Local Storage Objects (also known as flash cookies or LSOs) to collect and store data.

2.2 ANALYTICS

We use third-party browser and mobile analytics services like Google Analytics. These services use Data Collection Tools to help us analyze your use of the Services, including information like the third-party website you arrive from, how often you visit, events within the Services, usage and performance data, and where the application was downloaded from. We use this data to improve the Services, better understand how the Services perform on different devices, and provide information that may be of interest to you.

2.3 ONLINE ADVERTISING

We use third-party advertising services like Facebook, Google’s ad services, and other ad networks and ad servers to deliver advertising about our Services on other websites and applications you use. The ads may be based on things we know about you, like your Usage Data and System Data (as detailed in Section 1), and things that these ad service providers know about you based on their tracking data. The ads can be based on your recent activity or activity over time and across other sites and services; and may be tailored to your interests. Depending on the types of advertising services we use, they may place cookies or other tracking technologies on your computer, phone, or other device to collect data about your use of our Services, and may access those tracking technologies in order to serve these tailored advertisements to you.

When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide their own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.

3. HOW WE USE YOUR DATA

We use information to operate the Services, including:

3.1. TO ADMINISTER YOUR ACCOUNT AND PROVIDE THE SERVICES TO YOU

• Create and manage your account.

• Provide you with client support and respond to your requests.

• Communicate with you about the Services.

3.2 TO INFORM YOU ABOUT OFFERS AND EVENTS

• Administer sweepstakes, contests, or other offers with the support of affiliated or non-affiliated sponsors and/or promotional partners. For each contest or sweepstakes, we will provide notice of the applicable rules and if necessary, post any supplemental privacy provisions. To the extent there is a conflict between those privacy provisions and this Privacy Policy, the privacy provisions for the specific contest or sweepstakes will govern but solely to the extent of the conflict.

• Develop, display and track content and suggestions tailored to your interests on the Services and other websites.

• Communicate with you by email, phone, social media or mobile device about products or services that we think may interest you.

• The information collected in conjunction with events may also be used for the marketing of additional services and events by us and/or our promotional partners and sponsors beyond the contest, sweepstakes and/or special event. Depending on the event, Users either grant their approval on how their information is used before it is collected (‘opt-in’) or choose to deny use of their information for additional purposes (‘opt-out’).

3.3 TO IMPROVE THE SERVICES AND DEVELOP NEW ONES

• Administer focus groups and surveys.

• Conduct research and analysis of Users’ behavior to improve the Services.

• Develop new features and services.

3.4 TO PREVENT, DETECT AND FIGHT FRAUD OR OTHER ILLEGAL OR UNAUTHORIZED ACTIVITIES

• Address ongoing or alleged fraud or other misbehavior on or though the Services.

• Analyze data to better understand and design countermeasures against fraud.

• Retain data related to fraudulent activities to prevent against recurrences.

3.5 TO ENSURE LEGAL COMPLIANCE

• Comply with legal requirements.

• Assist law enforcement.

• Enforce or exercise our rights, for example our Terms of Service.

To process your information as described in this Privacy Policy, we rely on the following legal bases:

• Legitimate Interests: We may use your information where we have legitimate interests to do so. For example, we analyze our Users’ behavior to improve the Services, to prevent and detect fraud and misuse, and to market the Email Notifications to you.

• Consent: From time to time, we may ask for your consent to use your information. You may withdraw your consent at any time by contacting us using the contact information provided above.

4. HOW WE SHARE YOUR INFORMATION

4.1 WITH OUR OPERATIONAL PROVIDERS AND PARTNERS

We use third-party operational providers to help us operate and improve the Services. These third parties assist us with data hosting and maintenance, analytics, client care, marketing, payment processing and security operations. All of our service providers must adhere to confidentiality obligations that are consistent with this Privacy Policy.

For the convenience of our Users, we may provide the opportunity to purchase certain goods, merchandise and services through the Services. Companies other than Legum may handle some of these transactions. We call the companies that conduct our e-commerce operations, order fulfillment and/or contract services our “operational providers.” If you choose to use these Services, our operational providers will request information to fulfill your order or request. The voluntary submission of your personal information to these operational providers, including your order or request, is governed by the specific operational provider’s privacy and other terms. To facilitate an order or request, we may share information with the operational provider. The operational provider also may share your information with us. We will store this information in our User database. In most instances, we request that our operational providers adhere to the provisions in this Privacy Policy and only share Users’ personal information with us, unless necessary to complete a User’s request or order. We also request that these providers only use the personal information for the purpose of conducting the sale or fulfilling the requested service or order. However, you must read an operational provider’s privacy policy to determine the extent of use and disclosure of your personal information collected by them. Legum, its parents, affiliates and subsidiaries are not responsible for the collection, use and disclosure practices of operational providers, nor is Legum responsible or liable for the products or services provided by operational providers.

4.2 WITH OUR AFFILIATES

We share your information with our affiliates to help us with technical processing operations, such as data hosting and maintenance, client care, marketing and targeted suggestions, better understanding how the Services are used and Users’ behavior to improve the Services, securing our data and systems, fighting against spam, abuse, fraud and intellectual property infringement.

4.3 WHEN REQUIRED BY LAW

Applicable law may require us and our service providers to disclose your information if:

• reasonably necessary to comply with a legal process, such as a court order, subpoena or search warrant, government investigation or other legal requirements; or

• necessary for the prevention or detection of crime (subject in each case to applicable law).

4.4 TO ENFORCE LEGAL RIGHTS

We may also share information:

• if disclosure would mitigate our liability in an actual or threatened lawsuit;

• as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties;

• to enforce our agreements with you; and

• to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.

4.5 WITH YOUR CONSENT OR AT YOUR REQUEST

We may ask for your consent to share your information with third parties. When we do, we will make clear why we want to share the information. We may collect and provide aggregate information about our Users (such as how many persons visited a particular page or activity or the likes and dislikes of our Users) to our advertisers, sponsors, promotional partners and affiliates but this aggregated information does not include personal information about any individual User.

5. OUR USE OF COOKIES AND OTHER TOOLS

Our Websites use cookies and other other tools.

A cookie is a small data file that contains a unique identification number that a website places on your hard drive when you visit a site. The cookie stores information about your computer, the type of browser you use, and how many times your computer visits a certain site. Cookies enable us to track how often Users are visiting our Websites and the specific pages visited, the number of entries in specific events, the estimated audience size for sponsors and advertisers, and other User preferences. You can refuse to use cookies by turning them off in your browser. You do not need to have cookies turned on to use most of the Website. However, you may find that some areas on the Website will be slower, or may not function at all, and you may not be able to participate in certain activities such as contests or sweepstakes if the cookies are disabled.

The Websites also use clear GIFs [Graphics Interchange Formats] (also known as pixel tags, web beacons or web bugs). A clear GIF is computer code that contains a unique identifier that enables us to monitor user activity and traffic of the Websites. We use GIFs to gather aggregate information on visits to our Websites, track usage of Website links and assist with registration and other features.

5.2 USE AND COLLECTION OF INFORMATION BY ADVERTISERS AND SPONSORS; THIRD PARTY COOKIES AND TRACKING TOOLS

We use third-party suggestions companies to serve ads on the Website. These suggestions companies may collect and use information (not including your name, address, e-mail address or telephone number) about your visits to the Website and other websites not owned and operated by us, and may also combine this information with other data about your purchases and interests from other online and offline sources, in order to provide advertisements about goods and services that may interest you (as inferred from your online activity).

We also share usage information about Users of the Websites with these companies for the purpose of managing and targeting advertisements and for market research analysis on the Websites and other websites. For these purposes, we and our third party suggestions companies may note some of the pages you visit on the Websites through the use of GIFs. In the course of serving advertisements to the Websites, our third party advertisers may place or recognize a unique ‘cookie’ on your computer. The Websites may post banner ads and other forms of advertisements, and/or links to the websites of affiliate entities or of advertisers or sponsors who are companies that are not owned or operated by us, or our affiliates or subsidiaries. These entities may independently solicit and collect personal information, or send their own cookies and/or clear GIFs to our Users. The data collected is used in order to provide advertisements about goods and services that may be of interest to Users of the Websites and other interactive media and may be used to keep track of user response to each advertisement. We also work with third-party data analytics and online targeting companies. Some of these companies may use non-personal information (not including your name, address, email address or telephone number) about your visits to the Websites and other websites in order to provide data and targeting recommendations based on which we may provide advertisements about goods and services of interest to you.

Please be advised that when you link to or visit an advertiser’s or sponsor’s website, we may frame the site with our website logo; however, you will be subject to the privacy policy and terms of usage agreement of that website operator. Legum and its affiliates are not responsible for advertiser or sponsor ads and/or links or the content, activities, information collection, use and disclosure practices of the websites of advertisers and sponsors.

6. HOW WE PROTECT AND RETAIN INFORMATION

We use physical, technical and organizational measures designed to protect your information against unauthorized access, theft and loss. We restrict access to your personal information to those employees who need to know that information to service your account or perform their job functions.

Although we take precautions intended to help protect information that we process, no system or electronic data transmission is completely secure. Any transmission of your personal data is at your own risk and we expect that you will use appropriate security measures to protect your personal information.

You are responsible for maintaining the security of your account and the information in your account. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. You understand and agree that we may deliver electronic notifications about breaches of security to the email address on record on your account. If you believe that your account or information is no longer secure, please notify us immediately at info@legum.ng.

We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

• The length of time we have an ongoing relationship with you and provide services to you (for example, for as long as you have an account with us or keep using the Websites);

• Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them)

• Whether retention is advisable; and considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations).

6.1 CROSS BORDER DATA TRANSFERS

Legum is headquartered in Nigeria and Data Privacy is governed by the Nigerian Data Protection Regulation. Sharing of information sometimes involves cross-border data transfers to or from Nigeria and other jurisdictions. By visiting or using our Services, you consent to storage of your data on servers located in Nigeria. If you are using the Services from outside Nigeria, you consent to the transfer, storage, and processing of your data in and to Nigeria or other countries. We use the Nigerian Data Protection Privacy Shield and standard contractual clauses approved by the Nigerian Information Technology Development Agency to validate transfers of foreign residents’ personal information from Nigeria to other countries. For more information about our Privacy Shield certification, please read the PRIVACY SHIELD section below. Standard contractual clauses are commitments between companies transferring personal information of EEA residents to protect the privacy and security of the transferred personal information.

6.2 YOUR CHOICES ABOUT YOUR INFORMATION

If you would like to review, correct, update, suppress, restrict or delete personal information (including Personal Data as defined in the PRIVACY SHIELD section below) that you have previously provided to us, or if you would like to receive an electronic copy of your personal information for purposes of transmitting it to another company (if this right to data portability is provided to you by law), you can contact us at info@legum.ng or by mail to Legum , 294 Herbert Macaulay Way, Yaba 101212, Lagos

In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information suppressed from our database, or other limitations you would like to put on our use of your personal information. For your protection, we only fulfill requests for the personal information associated with the particular email address that you use to send us your request, and we may need to verify your identity before fulfilling your request. We will try to comply with your request as soon as reasonably practicable.

Please note that we often need to retain certain data for record keeping purposes and/or to complete any transaction that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the personal information provided until after the completion of such purchase or promotion). Our databases and other records may have residual data which will not be removed. In addition, we also may not allow you to review certain data for legal, security or other reasons. If at any time you believe that the Services have not adhered to this Privacy Policy, please let us know. We will use good faith efforts to determine and correct the problem.

6.3 CHILDREN’S PRIVACY

Legum respects the privacy of your child and we want to share with you our policies regarding children under the age of sixteen (16). Although Users of all ages may navigate through the Services, we do not knowingly collect personal information from anyone under age sixteen (16). If we learn that a child under age sixteen (16) has improperly provided us with information, we will notify the child’s parent or legal guardian and thereafter delete the child’s personal information from our records.

6.4 LINKS TO OTHER WEBSITES AND SERVICES

The Services may include links to third-party websites and services that are not operated by us. When you click these links, you will be directed away from the Services. A link to a third-party website or service does not mean that we endorse it or the quality or accuracy of information presented on it. If you decide to visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Privacy Policy does not apply to any personal information that you provide to these other websites and services.

7. PRIVACY SHIELD

Legum complies with the Nigerian Data Protection Privacy (“Privacy Shield Frameworks“) as set forth by the Nigerian Information Technology Development Agency regarding the collection, use and retention of Personal Data (as defined below) transferred from Nigeria to Foreign countries. Legum has certified that it adheres to the Privacy Shield Principles with respect to such Personal Data. If the policies in this Privacy Shield Policy and the data subject rights under the Privacy Shield Principles conflict, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit https://nitda.gov.ng/wp-content/uploads/2019/01/Nigeria%20Data%20Protection%20Regulation.pdf With respect to Personal Data received or transferred pursuant to the Privacy Shield Frameworks, Legum is subject to the regulatory enforcement powers of the Nigerian Information Technology Development Agency.

DEFINITIONS

In this PRIVACY SHIELD section:

“Database” means a collection of data organized in a manner that allows access, retrieval, deletion and procession of that data; it includes but not limited to structured, unstructured, cached and file system type databases;

“Foreign Country” means other sovereign states, autonomous or semi-autonomous territories within the international community;

“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; It can be anything from a name, address, a photo, an email address, bank details, posts on social networking websites, medical information, and other unique identifier such as but not limited to MAC address, IP address, IMEI number, IMSI number, SIM and others;

“Sensitive Personal Data” means Data relating to religious or other beliefs, sexual tendencies, health, race, ethnicity, political views, trades union membership, criminal records or any other sensitive personal information;

“Third Party” means any natural or legal person, public authority, establishment or any other body other than the Data Subject, the Data Controller, the Data Administrator and the persons who are engaged by the Data Controller or the Data Administrator to process personal data.

PRIVACY SHIELD PRINCIPLES

Legum commits to processing Personal Data in accordance with the Privacy Shield Principles as follows:

1. Notice:

Prior to collecting Personal Data, Legum notifies Foreign Users about the categories of Personal Data that Legum collects and the purposes for collection and use of their Personal Data. Legum will only process Personal Data in ways that are compatible with the purpose for which Legum collected it or for purposes later authorized.

We use the Personal Data that we collect from Foreign Users of the Services as described in this Privacy Policy. Before Legum uses Personal Data for a purpose that is materially different from the purpose for which Legum collected it or that was later authorized, Legum will provide Foreign Users with the opportunity to opt out.

2. Choice

If Legum collects Sensitive Personal Data, we will obtain explicit opt-in consent whenever Privacy Shield requires. Legum will obtain opt-in consent before Personal Data is disclosed to third parties other than those described in this Privacy Policy, before Personal Data is used for a different purpose than that purpose for which it was collected or later authorized, and whenever Privacy Shield requires.

Please see the YOUR CHOICES ABOUT YOUR INFORMATION section above for more information about how to exercise your choices.

3. Accountability for Onward Transfer

Legum shares Personal Data collected through the Services as described above. If Legum transfers Personal Data to a third-party, Legum takes reasonable and appropriate steps to ensure that each third-party transferee processes Personal Data transferred in a manner consistent with Legum ’s obligations under the Privacy Shield Principles. Legum will ensure that each transfer is consistent with any notice provided to Foreign Users and any consent they have given. Legum requires a written contract with any third party receiving Personal Data that ensures that the third party:

(i) processes the Personal Data for limited and specified purposes consistent with any consent provided by Foreign Users,

(ii) provides at least the same level of protection as is required by the Privacy Shield Principles,

(iii) notifies Legum if it cannot comply with Privacy Shield; and

(iv) ceases processing Personal Data or takes other reasonable and appropriate steps to remediate.

As noted above, under certain circumstances, Legum may be required to disclose Personal Data in response to valid requests by public authorities, including for national security or law enforcement requirements.

Legum remains liable under the Privacy Shield Principles if an agent processes Personal Data in a manner inconsistent with the Principles unless Legum is not responsible for the event giving rise to the damage.

4. Security

Legum takes appropriate measures to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration, unavailability and destruction. In determining these measures, Legum considers the risks involved in the processing and the nature of the Personal Data.

5. Data Integrity and Purpose Limitation

Legum takes reasonable steps to ensure that such Personal Data is reliable for its intended use, accurate, complete and current. Legum adheres to the Privacy Shield Principles for as long as it retains Personal Data in identifiable form. Legum takes reasonable and appropriate measures to comply with the requirement under the Privacy Shield to retain Personal Data in identifiable form only for as long as it serves a purpose of processing.

Legum limits the collection of Personal Data to information that is relevant for processing. Legum does not process Personal Data in a way that is incompatible with the purpose for which it was collected or subsequently authorized by a Foreign User.

6. Access

A Foreign User has the right to access his or her Personal Data and to correct, amend, limit use of or delete the Personal Data if the Personal Data is inaccurate or processed in violation of the Privacy Shield Principles. Legum is not required to grant the rights to access, correct, amend and delete Personal Data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to the Foreign User’s privacy or if the rights of persons other than the Foreign User are or could be violated.

Please see the YOUR CHOICES ABOUT YOUR INFORMATION section above for more information about how to exercise your choices.

7. Recourse, Enforcement, and Liability

In compliance with the Privacy Shield Principles, Legum commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to Nigeria pursuant to the Data Protection Regulations. Foreign individuals with Privacy Shield inquiries or complaints should first contact Legum at info@legum.ng.

If your Privacy Shield complaint cannot be resolved by other redress mechanisms Legum has further committed to refer such unresolved complaints under the Privacy Shield Principles to Alternative Dispute Resolution mechanism, Chartered Institutes of Arbitrators Nigeria and its proceedings will be governed by the Nigerian Arbitration Laws.

Legum commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles.

8. UPDATES & CONTACT INFORMATION

When we make a material change to this policy, we’ll notify users via email, in-product notice, or another mechanism required by law. Changes become effective the day they’re posted. Please contact us via email or postal mail with any questions, concerns, or disputes.

8.1 MODIFICATIONS TO THIS PRIVACY POLICY

From time to time, we may update this Privacy Policy. If we make any material change to it, we will notify you via email, through a notification posted on the Services, or as required by applicable law. We will also include a summary of the key changes. Unless stated otherwise, modifications will become effective on the day they are posted.

As permitted by applicable law, if you continue to use the Services after the effective date of any change, then your access and/or use will be deemed an acceptance of (and agreement to follow and be bound by) the revised Privacy Policy. The revised Privacy Policy supersedes all previous Privacy Policies.

8.2 INTERPRETATIONS

Any capitalized terms not defined in this policy are defined as specified in Legum’s Terms of Use. Any version of this Privacy Policy in a language other than English is provided for convenience. If there is any conflict with a non-English version, you agree that the English language version will control.

8.3 QUESTIONS

If you have any questions, concerns, or disputes regarding our Privacy Policy, please feel free to contact our privacy team (including our designated personal information protection manager) at info@legum.ng . You can also send postal mail to us at admin@legum.ng , Attn: 6th Floor Co-creation Hub, Yaba Lagos. .

COOKIE POLICY

This Cookie Policy was last updated on July 1, 2020

What are cookies?

Cookies are small text files stored by your browser as you browse the internet. They can be used to collect, store, and share data about your activities across websites, including on Legum. Cookies also allow us to remember things about your visits to Legum, like your preferred language, and to make the site easier to use.

We use both session cookies, which expire after a short time or when you close your browser, and persistent cookies, which remain stored in your browser for a set period of time. We use session cookies to identify you during a single browsing session, like when you log into Legum. We use persistent cookies where we need to identify you over a longer period, like when you request that we keep you signed in.

Why does Legum use cookies and similar technologies?

We use cookies and similar technologies like web beacons, pixel tags, or local shared objects (“flash cookies”), to deliver, measure, and improve our services in various ways. We use these cookies both when you visit our site and services through a browser and through our mobile app. As we adopt additional technologies, we may also gather additional data through other methods.

We use cookies for the following purposes:

Authentication and security

• To log you into Legum.ng

• To protect your security

• To help detect and fight spam, abuse, and other activities that violate Legum’s agreements

Preferences

• To remember data about your browser and your preferences

• To remember your settings and other choices you’ve made

Analytics and research

• To help us improve and understand how people use Legum.

We also work with a number of analytics partners, including Google Analytics who use cookies and similar technologies to help us analyze how users use the Services, including by noting the sites from which you arrive. Those service providers may either collect that data themselves or we may disclose it to them.

Personalized content

• To customize Legum with more relevant content

Advertising

• To provide you with more relevant advertising

Please note that where advertising technology is integrated into the Services, you may still receive advertising on other websites and applications, but it will not be tailored to your interests.

When using mobile applications you may also receive tailored in-app advertisements. Apple iOS, Android OS, and Microsoft Windows each provide its own instructions on how to control in-app tailored advertising. For other devices and operating systems, you should review your privacy settings or contact your platform operator.

What are my privacy options?

You have a number of options to control or limit how we and our partners use cookies:

• Most browsers automatically accept cookies, but you can change your browser settings to decline cookies by consulting your browser’s support articles. If you decide to decline cookies, please note that you may not be able to sign in, customize, or use some interactive features in the Services.

• Flash cookies operate differently than browser cookies, so your browser’s cookie-management tools may not remove them. To learn more about how to manage Flash cookies, see Adobe’s article on managing flash cookies and Website Storage Settings panel.

• To get information and control cookies used for tailored advertising from participating companies, see the consumer opt-out pages for the Network Advertising Initiative and Digital Advertising Alliance, or if you’re located in the European Union, visit the Your Online Choices site. To opt out of Google Analytics’ display advertising or customize Google Display Network ads, visit the Google Ads Settings page.

• For general information about targeting cookies and how to disable them, visit www.allaboutcookies.org.

UPDATES & CONTACT INFORMATION

From time to time, we may update this Cookie Policy. If we do, we’ll notify you by posting the policy on our site with a new effective date. If we make any material changes, we’ll take reasonable steps to notify you in advance of the planned change.

If you have any questions about our use of cookies, please email us at info@legum.ng