INTRODUCTION

This Privacy Policy sets out the principles and practices Abdul-Metro Group Limited adheres to in the collection, use, disclosure, and protection of your personal information. We are committed to respecting your privacy and ensuring the confidentiality and security of the data you entrust to us.

Throughout the website, the terms “we,” “our,” or “us” refer to “Abdul-Metro Group Limited,”. This Policy applies to all individuals whose personal data we collect and process, including but not limited to clients, prospective clients, vendors, partners, consultants, and visitors to our digital platforms.

By interacting with us, whether through our website, services, or other communication channels, you agree to the terms outlined in this Privacy Policy. It governs how your personal data is handled under applicable data protection laws and outlines your rights, including how you can access, update, or request the deletion of your information.

This Policy also informs you of your data protection rights and guides how to contact us with questions or concerns regarding your personal information. By accessing our website or using our services, you acknowledge and accept the terms of this Privacy Policy. Any issues related to data privacy will be handled under this Policy and our Terms of Service, which include provisions on dispute resolution and limitations of liability. The Terms of Service are incorporated herein by reference.

Please be aware that our website and services are not intended for access or use in any jurisdiction where such use would be unlawful. We reserve the right to restrict access where local legal or regulatory requirements prohibit it.

If you have any questions regarding this Privacy Policy or how we handle your personal data, you are encouraged to contact us through the details provided herein.

DEFINITIONS

  • Consent: This means the consent of the data subject is freely given, and it is a specific, informed, and unambiguous indication of a data subject’s agreement to the processing of their data.
  • Data Controller: This means Abdul-Metro Group Limited, which determines the purpose and means of processing personal data. For the purpose of this policy, Abdul-Metro Group Limited is the data controller of all personal data relating to data subjects.
  • Data Processor: This means any person or entity that processes personal data on behalf of Abdul-Metro Group Limited, including employees and third-party service providers.
  • Data Protection Legislation: This means all applicable data protection and privacy Laws, including but not limited to the Nigeria Data Protection Act 2023 (NDPA) and any successor legislation.
  • Data Subject: This means any identifiable individual whose personal data is processed by Abdul-Metro Group Limited.
  • Personal Data: This means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data,

online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

  • Personal Data Breach: This means a security breach leading to the accidental or unlawful destruction, loss, or unauthorized disclosure of personal data.
  • Processing: This means any or a series of actions carried out on personal data or datasets, whether through automated means or otherwise. This includes, but is not limited to, the collection, recording, organization, structuring, storage, modification, retrieval, consultation, use, disclosure (by transmission or other means), dissemination, alignment, combination, restriction, erasure, or destruction of personal data
  • Platform: This means, collectively, Metro and Castle’s website, mobile applications, and

other digital services.

  • Country: This means Nigeria.
  • Cookies: This means small text files stored on your computer, mobile device, or other internet-enabled device by a website. They are used to collect information about your browsing activity, such as pages visited, time spent on the site, preferences, and other session data. Cookies serve various purposes, including enhancing website functionality, improving user experience, enabling personalized content, and supporting analytics and security features

CONSENT

Abdul-Metro Group Limited is committed to complying with the Nigerian Data Protection Act (NDPA) 2023 by ensuring that all processing of personal data is carried out with your informed and explicit consent. By accessing our website or using our services, you acknowledge and consent to the collection, use, and processing of your personal data under this Privacy Policy.

Consent is obtained at the point of data collection and forms a key part of our data protection and privacy framework. In line with the NDPA, you have the right to withdraw your consent at any time. Please note, however, that the withdrawal of consent does not affect the legality of any processing carried out prior to the withdrawal.

If we intend to process your personal data for a purpose other than the one for which it was originally collected, particularly if the new purpose is incompatible with the initial one, we will seek your renewed consent before proceeding

AGE RESTRICTION

Per Abdul-Metro Group Limited’s policies, our services are exclusively available to individuals who are 18 years of age or older. By accessing or using our platform, you affirm that you meet this age requirement and have the legal capacity to enter into binding contractual agreements. If it is discovered that personal information has been collected from anyone under the age of 18, we will promptly take appropriate action to remove such data from our records.

DATA PROTECTION PRINCIPLES

Under the applicable Data Protection Legislation, including the Nigerian Data Protection Act (NDPA), Abdul-Metro Group Limited, along with its employees, agents, and contractors, adheres to the core principles governing the collection and processing of personal data. These principles ensure that

personal information is handled responsibly and with respect for individual privacy. All personal data must be:

  1. Lawfully, fairly, and transparently processed: Data must be processed in a legal, fair, and transparent manner concerning the data subject.
  2. Collected for specified and legitimate purposes: Personal data must be collected for clear, explicit, and lawful reasons, and not further processed in ways that are incompatible with those original purposes. Exceptions may apply for processing related to archiving, scientific or historical research, or statistical analysis under the law.
  3. Adequate and relevant: Data collected must be appropriate and limited to what is necessary for the intended purpose.
  4. Accurate and up to date: Reasonable steps must be taken to ensure personal data is accurate and, where necessary, kept current. Inaccurate data must be corrected or erased promptly.
  5. Stored for no longer than necessary: Personal data should be retained only for as long as it is required to fulfill the purpose for which it was collected. Extended storage is permitted for archiving, research, or statistical purposes, provided appropriate safeguards are in place.
  6. Securely processed: Personal data must be handled in a way that ensures its security, including protection against unauthorized or unlawful processing, and against accidental loss, destruction, or damage, using appropriate technical and organizational measures.

Data Collection and Usage

To deliver our services effectively, Abdul-Metro Group Limited collects certain personal and non- personal information from users. We treat this information with strict confidentiality and use it solely for service delivery or as required by applicable laws. This policy covers information relating to both current and former users.

Categories of Information Collected

  1. Automatically Collected Information:

When you visit our website, we automatically gather certain technical and usage data. This may include your IP address, the name of your internet service provider, browser type, access times, pages visited, duration of visit, search terms used, and other general usage metrics. This information helps us understand how our site is used and how we can improve its performance.

2.      Information You Voluntarily Provide:

We collect personal information directly from you when you fill out forms, contact us, subscribe to our services, or interact with us through our digital platforms. This may include details such as your name, email address, phone number, and any other information you voluntarily provide. We collect additional personal data when you contact us or subscribe to our services, including:

3.     Information Collected via Cookies and Tracking Technologies:

We use cookies and similar tools to gather data about your interaction with our website and services. This includes tracking usage patterns, preferences, and performance analytics. Further information is available in our Cookies section below.

USE OF YOUR PERSONALLY IDENTIFIABLE INFORMATION:

“Personally Identifiable Information” (PII) refers to any data that directly or indirectly identifies an individual or can be used to contact, locate, or distinguish a specific person. At Abdul-Metro Group Limited, we collect and use your personal information primarily to deliver efficient and secure services, enhance your user experience, and fulfil our legal and contractual obligations. Your information will be used and disclosed only for legitimate purposes, including but not limited to:

  • Identity Verification: To confirm your identity and ensure secure access to our services.
    • Due Diligence and Compliance: To carry out necessary background checks and obtain information to meet our legal, regulatory, and anti-fraud obligations, including monitoring transaction activity for unusual or suspicious behavior.
    • Contractual Obligations: To fulfill the terms of any agreements or service arrangements entered into with you.
    • Service Delivery: To provide you with the products, services, or information you have requested.
    • Customer Support: To respond to your inquiries, resolve issues, and enhance the quality of our customer service.
    • Communication: To communicate with you through various channels (including email, phone calls, SMS, and in-person visits) regarding your account, transactions, or inquiries.
    • Billing and Account Management: To process payments, manage accounts, and maintain accurate financial records.
    • Fraud Prevention: To detect, investigate, and prevent fraudulent activities or unauthorized access.
    • Record Maintenance: To maintain accurate and up-to-date records of your interactions and transactions with us.
    • Marketing and Recommendations: To provide you with updates or suggest services that may be of interest, unless you opt out of receiving such communications.
    • Notifications and Alerts: To send you important service-related messages, including system updates, security notifications, and newsletters.
    • Risk Assessment: To conduct risk evaluations and internal investigations when necessary.
    • Legal Compliance: To comply with applicable legal, regulatory, or law enforcement requirements.

LEGAL BASIS FOR PROCESSING

Abdul-Metro Group Limited processes your personal data per the legal grounds established under the Nigerian Data Protection Act (NDPA) 2023 and other applicable data protection regulations. The specific legal bases for processing your information include:

  1. Consent: We rely on your explicit consent to process your personal data for specific, clearly defined purposes that are not otherwise covered by another legal basis. Where consent is

required, it is obtained at the point of data collection. You retain the right to withdraw your consent at any time by contacting us. Please note that withdrawal of consent does not affect the legality of processing carried out prior to its withdrawal.

  • Contractual Necessity: Processing of your personal data may be necessary for the performance of a contract to which you are a party or to take pre-contractual steps at your request. This includes:
    • Service Delivery: Using your data to provide products or services you have requested, facilitate transactions, and verify your identity.
    • Account Management: Processing necessary for account setup, access management, and the administration of your user profile.
  • Compliance with Legal Obligations: We will process your personal data where it is necessary for compliance with a legal or regulatory obligation to which we are subject. This includes:

Regulatory Requirements: Collecting and processing your information to comply with statutory obligations such as the Nigerian Data Protection Act, Know Your Customer (KYC) regulations, anti-money laundering (AML) laws, tax reporting duties, and other applicable legal requirements.

DATA ACCURACY AND CONFIDENTIALITY

We treat your information as confidential and will not disclose it to third parties, except as required by law or regulations. You have the right to request access to any information we hold about you, provided such requests comply with the Freedom of Information Act and other relevant laws. While we are committed to protecting the data entrusted to us, it is also your responsibility to maintain confidentiality by implementing appropriate security measures, such as not sharing passwords or login credentials and engaging only with authorized personnel of Abdul-Metro Group Limited.

DISCLOSURES

We do not sell, trade, or publicly disclose your personally identifiable information collected via our website, servers, or other channels, except as necessary to provide our services or as otherwise outlined in this Privacy Policy.

We may share non-personal, aggregated demographic data, unlinked to any identifiable individual, with trusted partners, affiliates, professional advisers, and advertisers for legitimate business purposes, such as improving our services and user experience.

Your personal information may be shared with third parties strictly for service delivery purposes, and only with your consent and under applicable data protection laws.

Where necessary to deliver our services, we may request or provide relevant information about you to or from third parties. In the event of a data breach that poses a potential risk to your rights or freedoms, we will notify you promptly upon becoming aware of the incident.

You have the right to:

  • Request the deletion of your personal data at any time.
  • Be informed before any transfer of your personal data to third parties.
  • Instruct us to stop processing or further sharing your data at your discretion.

Please be aware that any content you voluntarily submit through public forums, comment sections, or social media features on our platform may be visible to others and is not subject to the same confidentiality protections.

We may disclose your personal information when legally required to do so or if we believe in good faith that such action is necessary to:

  • Comply with legal obligations or respond to lawful requests and legal processes.
  • Protect the safety, rights, or property of our users or the general public in emergencies.

Where possible and legally permissible, we will attempt to notify you before disclosing your information in response to legal requests, allowing you to seek protective measures or legal remedies.

TRANSFER OF PERSONAL DATA TO THIRD-PARTY PROCESSORS

We may engage third-party service providers to process your personal data on our behalf. Any such processing activities will be governed by a formal, written agreement between Abdul-Metro Group Limited and the third party, requiring the implementation of appropriate technical and organizational measures to safeguard your personal data.

These agreements ensure that third-party processors handle your data in compliance with this Privacy Policy and all applicable data protection laws, maintaining the confidentiality, integrity, and security of your information at all times.

YOUR DATA PROTECTION RIGHTS

Subject to certain limitations and exceptions, you have the following rights under the Data Protection Legislation:

  • Be informed when your data is transferred.
  • Right to Access: Request a copy of the personal data we hold.
  • Right to Rectification: Correct inaccurate or incomplete information.
  • Right to Erasure: Request data deletion when it is no longer required.
  • Right to Restrict Processing: Limit data processing in specific situations.
  • Lodge complaints with the appropriate data protection authority.
  • Right to Data Portability: Receive your data in a structured, commonly used format (To exercise this right, please reach out to us, and we will respond within 30 days).

WEBSITE SECURITY

  • We prioritize the security of your personal information and have implemented robust measures to protect it against unauthorized access, disclosure, or misuse. To safeguard the data we collect online, we employ a combination of physical, technical, and administrative security controls.
  • These measures include the use of Secure Sockets Layer (SSL) technology to encrypt sensitive data during transmission, as well as encryption tools to protect information exchanged through our website. Additional safeguards include firewalls, strict physical access controls to our data centers, and role-based access restrictions to ensure that only authorized personnel can access personal data.

TRAINING AND CAPACITY BUILDING

We are committed to ensuring that all employees who handle, access, or process personal data receive appropriate training on data privacy and protection. This training is designed to equip them with the knowledge, skills, and competencies necessary to uphold the standards of this Policy and comply with relevant data protection laws. To support ongoing compliance and awareness, we will develop and implement an annual capacity-building plan focused on data privacy and protection, in alignment with applicable regulatory requirements.

USE OF COOKIES

We utilize cookies to recognize you as a user and to enhance your overall experience on our website. These small data files help us tailor our services, content, and advertisements to our preferences; maintain the security of your account; reduce risk; detect and prevent fraudulent activities; and foster a secure and trustworthy environment.

Cookies also enable our systems to remember your login credentials, capture IP addresses, log visit timestamps, and monitor web traffic patterns. You may choose to disable cookies through your browser settings or relevant extensions. Please note, however, that disabling cookies may affect the functionality and availability of certain features on our website.

DATA RETENTION

We will retain your data only for as long as necessary to:

  • Provide our services.
  • Fulfil legal obligations.
  • Prevent fraud and facilitate settlements.

Regulatory requirements may necessitate the retention of data beyond the termination of services.

DATA BREACH MANAGEMENT PROCEDURE

In the event of any actual or suspected data breach involving the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data, we will undertake the following actions:

  • Notification: You will be notified within twenty-four (24) hours of becoming aware of the breach.
  • Investigation and Mitigation: A thorough investigation will be conducted to determine the cause and scope of the breach, and appropriate measures will be taken to contain and mitigate its impact.
  • Remediation and Monitoring: Remediation steps will be identified, implemented, and monitored to prevent recurrence, with ongoing tracking of the resolution process.
  • Regulatory Reporting: Where required, we will notify the relevant data protection authorities in accordance with applicable laws and regulations.

THIRD-PARTY LINKS AND RESOURCES

Our website may include links to external websites or services operated by third parties that are not affiliated with or managed by us.

We do not have control over, and are not responsible for, the content, privacy practices, or operations of any third-party websites or services. By using such links, you acknowledge and agree that we are not liable for any loss or damage that may arise, directly or indirectly, from your use of or reliance on any content, products, or services available through those external platforms.

We recommend that you carefully review the terms of service and privacy policies of any third-party sites or services you choose to access.

LIMITATION OF LIABILITY

We take reasonable measures to protect the security and confidentiality of your personal data. However, we shall not be held liable for any unauthorized disclosure, access, or loss of personal data that occurs without our fault or negligence, including but not limited to incidents resulting from third- party actions, force majeure events, or technical failures beyond our control.

CHANGES TO THIS PRIVACY POLICY

We may revise this Privacy Policy from time to time. When updates occur, we will inform you accordingly. All changes will become effective immediately upon notification. You are advised to review this Privacy Policy periodically for any changes.

CONTACT US

For inquiries regarding our data protection practices, please contact our Data Protection Officer:

By providing this detailed description of data collection and use, we aim to be transparent about how your data is handled and to ensure compliance with the Data Protection Act.