The personal informa9on that you are asked to provide, and the reasons why you are asked to provide is so that we can beGer serve you. If you contact us directly, we may receive addi9onal informa9on about you such as your name, email address, phone number, weight, height, the contents of the message and/or aGachments you may send us, and any other informa9on you may choose to provide. When you register for an Account, we may ask for your contact informa9on, including items such as name, company name, address, email address, and telephone number.
We use the informa9on we collect in various ways, including to:
eMedicStore Pharma-Tech Ltd follows a standard procedure of using log files. These files log visitors when they visit websites. All hos9ng companies do this and a part of hos9ng services' analy9cs. The informa9on collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and 9me stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any informa9on that is personally iden9fiable. The purpose of the informa9on is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic informa9on.
Like any other website, eMedicStore Pharma-Tech Ltd uses 'cookies'. These cookies are used to store informa9on including visitors' preferences, and the pages on the website that the visitor accessed or visited. The informa9on is used to op9mize the users' experience by customizing our web page content based on visitors' browser type and/or other informa9on. For more general informa9on on cookies, please read "e;What Are Cookies"e; from Cookie Consent.
Under the Nigeria Data Protec9on Regula9on , among other rights, Nigerian consumers have the right to: Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers. Request that a business delete any personal data about the consumer that a business has collected. Request that a business that sells a consumer's personal data, not sell the consumer's personal data. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
The NDPR mandates all organizations that process the personal data of more than 1000 data subjects in a period of 6 months and 2000 Data Subjects in a period of 12 months to submit a Data Protection Audit report to NITDA not later than 15th March every year. This involves the organization's audit of its data privacy and protec9on prac9ces.
Audits are meant to show that the company complies with the law. The audit should state:
It is not enough for the company to lawfully obtain data; they must also ensure that they develop standard security systems to protect the data in their possession. They should employ cyber-security experts to protect their database from hackers, firewall breaches, etc. They should also put structures in place to prevent their employees from mishandling client data.
To ensure data protec9on compliance amongst their members of staff, organiza9ons should ensure their members of staff are professionally trained in the field of data privacy and protec9on. They may organize data protec9on trainings for them, invi9ng DPCOs in the process. This way, their employees, especially those specifically responsible for processing data e.g., the H.R personnel would be enlightened on how to prevent data breaches.
Where a breach occurs, it is essen9al you no9fy NITDA immediately. According to the NDPR, where a data breach is reported and the data controller is found guilty, they are liable to a payment of a fine of 1% of the annual gross revenue of the preceding year or payment of the sum of N2,000,000 (whichever is greater) where the data controller deals with less than 10,000 data subject. On the other hand, where it is a controller of more than 10,000 data subjects, they are liable to a fine of 2% of the annual gross revenue of the preceding year or a payment of the sum of N10,000,000 (whichever is greater) However, where the organiza9on, self-reports the breach, it is a major considera9on in determining the amount of fine to be levied. Report must be made within 72 hours from 9me of knowledge of the breach
We would like to make sure you are fully aware of all of your data protec9on rights. Every user is en9tled to the following:
The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
The right to rectificatin – You have the right to request that we correct any informa9on you believe is inaccurate. You also have the right to request that we complete the informa9on you believe is incomplete.
The right to erasure – ou have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain condi9ons.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organiza9on, or directly to you, under certain condi9ons. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
Another part of our priority is adding protec9on for children while using the internet. We encourage parents and guardians to observe, par9cipate in, and/or monitor and guide their Children’s online ac9vity. eMedicStore does not knowingly collect any Personal Iden9fiable Informa9on from children under the age of 16. If you think that your child provided this kind of informa9on on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such informa9on from our records.
Subscribe To Our Newsletter To Get Updates on Our Latest Offers!