HomeNews listNewsLAMATA-NEWSLAMATA Privacy Policy

LAMATA Privacy Policy

  • May 25, 2025
  • Posted by: LAMATA
  • Category: LAMATA-NEWS
No Comments

1. Purpose

This policy affirms LAMATA’s commitment to protecting personal data, outlining collection, use, storage, and safeguarding practices per NDPA 2023 and Lagos State Privacy Policy.

2. Scope

This policy applies to:

  • All personal data processed by or on behalf of LAMATA.
  • All employees, contractors, partners, and third parties.
  • All data subjects (e.g., commuters, employees).

3. Definitions

  • Personal Data: Information relating to an identifiable individual (NDPA Section 2).
  • Sensitive Personal Data: Health, biometric, financial, or criminal data.
  • Processing: Operations on personal data (e.g., collection, storage).
  • Data Subject: Individuals whose data is processed.
  • Data Controller: LAMATA.
  • Data Processor: Third parties processing LAMATA data.

4. Legal Basis for Processing

LAMATA processes data based on:

  • Consent (NDPA Section 30).
  • Contract performance.
  • Legal obligations.
  • Vital interests.
  • Public interest/official authority.

5. Data Protection Principles

LAMATA adheres to NDPA principles:

  1. Lawfulness, Fairness, Transparency
  2. Purpose Limitation (NDPA Section 24)
  3. Data Minimization
  4. Accuracy
  5. Storage Limitation
  6. Integrity and Confidentiality (NDPA Section 39)
  7. Accountability

6. Types of Data Collected 

  • Identity: Name, ID, gender, date of birth.
  • Contact: Phone, email, address.
  • Commuter: Travel history, ticketing, feedback.
  • Employee: Employment records, health data.
  • Financial: Payment/bank details.
  • Surveillance: CCTV footage.

7. Data Subject Rights

Rights include (NDPA Section 34):

  • Access, rectification, deletion.
  • Restriction/objection to processing.
  • Data portability.
  • NDPC complaints.

8. Data Security

LAMATA employs:

  • Firewalls, encryption, pseudonymization (NDPA Section 39).
  • Access controls and audits.
  • Secure storage environments.

9. Data Sharing and Third Parties

LAMATA shares data with:

  • Regulators.
  • Vendors under Data Protection Agreements (NDPA Section 29).
  • Law enforcement, if required.

10. International Data Transfers

Transfers outside Nigeria use safeguards (e.g., Standard Contractual Clauses) (NDPA Section 43).

11. Data Retention

Data is retained per the LAMATA Data Retention Policy.

12. Data Breach Management

Breaches are managed per the LAMATA Data Breach Management Policy (NDPA Section 40).

13. Staff Training and Awareness

Regular NDPA training is provided

14. Data Protection Officer (DPO)

Contact: dpo@lamata-ng.com

Email: oabiri@lamata-ng.com

Phone: +234 8025919964

Address: KM 15 Ikorodu Road, Ojota, Lagos, Nigeria

15. Policy Review

Reviewed annually or upon:

  • Legislative changes.
  • Breaches.
  • Processing changes.


Leave a Reply

Previous Next
Close
Test Caption
Test Description goes like this