Privacy Policy

Zionstand Digital Technologies (ZDT)
Effective Date: January 22, 2025
Last Updated: January 22, 2025

1. Introduction

Zionstand Digital Technologies (“ZDT,” “we,” “us,” or “our”) is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website (https://zionstand.com), engage our services, or interact with us in any capacity.

This policy applies to all individuals who interact with ZDT, including website visitors, clients, partners, vendors, employees, and service recipients.

2. Information We Collect

2.1 Personal Information

We may collect the following categories of personal information:

Identity Data:

  • Full names, titles, and professional designations
  • Contact details (email addresses, phone numbers, physical addresses)
  • Company information and job titles
  • Government-issued identification numbers (when legally required)

Technical Data:

  • IP addresses and device identifiers
  • Browser types and versions
  • Operating system information
  • Website usage patterns and analytics
  • Cookies and tracking technologies data

Business Data:

  • Project requirements and specifications
  • Business objectives and challenges
  • Financial information related to service agreements
  • Communication records and correspondence
  • Performance metrics and project deliverables

Sensitive Data:

  • With explicit consent, we may process data revealing business strategies
  • Financial records and payment information
  • Proprietary technical specifications and architectures

2.2 Information Collection Methods

  • Direct Collection: Information you provide through forms, consultations, contracts, and communications
  • Automated Collection: Technical data collected through cookies, analytics tools, and website interactions
  • Third-Party Sources: Information from business partners, public records, and professional networks
  • Service Delivery: Data generated during project execution and service delivery

3. Legal Basis for Processing

We process personal information based on the following legal grounds:

3.1 Contract Performance

  • Delivering digital transformation services
  • Managing client relationships and projects
  • Processing payments and financial transactions

3.2 Legitimate Business Interests

  • Marketing and business development
  • Website optimization and analytics
  • Security monitoring and fraud prevention
  • Quality assurance and service improvement

3.3 Legal Compliance

  • Compliance with Nigerian Data Protection Regulation (NDPR)
  • International data protection laws (GDPR where applicable)
  • Tax and financial reporting obligations
  • Professional and industry regulatory requirements

3.4 Consent

  • Marketing communications
  • Cookies and tracking technologies
  • Processing of sensitive business information

4. How We Use Information

4.1 Service Delivery

  • Project Management: Planning, executing, and monitoring digital transformation projects
  • Architecture Services: Designing and implementing technology solutions
  • DevOps Implementation: Managing development and operational processes
  • Consulting Services: Providing strategic technology advice and guidance
  • Training and Support: Delivering educational and support services

4.2 Business Operations

  • Client Communication: Maintaining professional relationships and project communications
  • Quality Assurance: Monitoring service quality and client satisfaction
  • Financial Management: Processing invoices, payments, and financial reporting
  • Legal Compliance: Meeting regulatory and contractual obligations

4.3 Marketing and Growth

  • Business Development: Identifying and pursuing new opportunities
  • Marketing Communications: Sharing relevant industry insights and service updates
  • Website Analytics: Understanding user behavior and improving digital experiences
  • Partnership Development: Building strategic business relationships

5. Information Sharing and Disclosure

5.1 Authorized Sharing

We may share personal information with:

Service Partners:

  • Subcontractors and technical specialists working on client projects
  • Cloud service providers and hosting partners
  • Payment processors and financial service providers
  • Professional advisors (legal, accounting, consulting)

Business Partners:

  • Technology vendors and solution providers
  • Strategic alliance partners
  • Joint venture participants (with explicit consent)

Legal Requirements:

  • Government agencies and regulatory bodies (when legally required)
  • Law enforcement (in response to valid legal requests)
  • Courts and legal proceedings (as required by law)

5.2 International Transfers

When transferring data internationally, we ensure appropriate safeguards through:

  • Adequacy decisions by relevant authorities
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules (BCRs)
  • Professional certification schemes

6. Data Security

6.1 Technical Safeguards

  • Encryption: Data encrypted in transit and at rest using industry-standard protocols
  • Access Controls: Role-based access controls with multi-factor authentication
  • Network Security: Firewalls, intrusion detection systems, and secure network architectures
  • Monitoring: Continuous security monitoring and incident response capabilities

6.2 Organizational Safeguards

  • Staff Training: Regular security awareness and data protection training
  • Policy Framework: Comprehensive information security policies and procedures
  • Vendor Management: Due diligence and contractual protections for third-party processors
  • Incident Response: Formal procedures for security incident management and notification

6.3 Physical Security

  • Secured office premises with access controls
  • Protected data centers and server facilities
  • Secure disposal of physical documents and storage media

7. Data Retention

7.1 Retention Periods

  • Project Data: Retained for the duration of the project plus 7 years for legal and warranty purposes
  • Client Communications: Retained for 5 years following project completion
  • Financial Records: Retained for 7 years as required by Nigerian tax law
  • Marketing Data: Retained until consent is withdrawn or legitimate interest no longer applies
  • Technical Logs: Retained for 12 months for security and operational purposes

7.2 Secure Disposal

Data is securely deleted or destroyed when retention periods expire, using methods that ensure complete and irreversible removal.

8. Individual Rights

8.1 Access and Correction

  • Right to access personal information we hold about you
  • Right to correct inaccurate or incomplete information
  • Right to receive information in a commonly used electronic format

8.2 Data Portability and Erasure

  • Right to receive personal data in a structured, machine-readable format
  • Right to erasure (“right to be forgotten”) subject to legal and contractual obligations
  • Right to restrict processing in certain circumstances

8.3 Consent and Objection

  • Right to withdraw consent for processing based on consent
  • Right to object to processing based on legitimate interests
  • Right to opt-out of marketing communications

8.4 Exercising Rights

To exercise these rights, contact our Data Protection Officer at:

  • Email: privacy@zionstand.com
  • Phone: [Contact Number]
  • Address: [Physical Address]

We will respond to requests within 30 days and may require identity verification.

9. Cookies and Tracking Technologies

9.1 Cookie Types

  • Essential Cookies: Necessary for website functionality
  • Analytics Cookies: Used to understand website usage patterns
  • Marketing Cookies: Used for targeted advertising and marketing
  • Functional Cookies: Remember user preferences and settings

9.2 Cookie Management

Users can manage cookie preferences through browser settings or our cookie consent tool. Disabling certain cookies may impact website functionality.

10. Children’s Privacy

ZDT services are designed for business clients and are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors.

11. Compliance Framework

11.1 Nigerian Compliance

  • NDPR Compliance: Full compliance with Nigerian Data Protection Regulation
  • NITDA Guidelines: Adherence to National Information Technology Development Agency guidelines
  • Professional Standards: Compliance with relevant professional and industry standards

11.2 International Compliance

  • GDPR: Compliance when processing EU residents’ data
  • Other Jurisdictions: Adherence to applicable data protection laws in client jurisdictions

12. Changes to Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or business operations. Significant changes will be communicated through:

  • Website notifications
  • Email communications to registered users
  • Direct notification to active clients

13. Contact Information

13.1 Data Protection Officer

Name: [DPO Name]
Email: privacy@zionstand.com
Phone: [Contact Number]

13.2 General Inquiries

Email: info@zionstand.com
Phone: [Main Contact Number]
Address: [Business Address]

13.3 Complaints

If you have concerns about our privacy practices, you may file a complaint with:

  • Our Data Protection Officer (contact details above)
  • Nigerian Data Protection Commission (NDPC)
  • Relevant supervisory authority in your jurisdiction

Document Control:

  • Version: 1.0
  • Effective Date: January 22, 2025
  • Next Review Date: January 22, 2026
  • Owner: Legal and Compliance Department