Privacy Policy

1. Who We Are

LeoCrestLabs Limited ("LeoCrestLabs", "we", "us", or "our") is a technology company registered in Nigeria and operating from Abuja, Federal Capital Territory. Our primary address is Plot 47, Mohammed Mahmoud Cigari Street, Utako District, Abuja, FCT, Nigeria.

We are the data controller for the personal information collected through our website (leocrestlabs.com), communications channels, and in the course of providing our services.

For privacy-related enquiries, contact us at: info@leocrestlabs.com

2. Information We Collect

We collect the following categories of personal information:

• Contact information: Name, email address, phone number, organization name, and job title when you contact us via our website, WhatsApp, email, or phone.
• Communication data: The content of messages you send us through any channel, including WhatsApp conversations, emails, and form submissions.
• Usage data: Technical information about how you interact with our website, including IP address, browser type, pages visited, time spent, and referring URLs (collected via standard web analytics tools).
• Career application data: CV/resume information, employment history, and application-related communications when you apply for a position at LeoCrestLabs.
• Client engagement data: Project requirements, business context, technical specifications, and related information shared with us during service engagements.

3. How We Use Your Information

We use your personal information for the following purposes:

• To respond to your enquiries, project requests, and communications
• To provide, manage, and deliver our professional services to you
• To process and evaluate job applications
• To send you relevant updates about our services (where you have consented or have an existing relationship with us)
• To maintain records of our client and prospect relationships
• To improve our website, services, and communications
• To comply with legal obligations applicable to our operations in Nigeria
• To protect against fraud, unauthorized access, and other security threats

4. Legal Basis for Processing

We process your personal data on the following legal bases under the Nigeria Data Protection Act (NDPA) 2023:

• Contract: Processing necessary to enter into or perform a contract with you for our services
• Legitimate interests: For business communications, website analytics, and security — balanced against your privacy rights
• Consent: Where you have explicitly opted in to receive marketing communications
• Legal obligation: Where processing is required to comply with applicable Nigerian law

5. Information Sharing

We do not sell, rent, or trade your personal information. We may share your data only in the following limited circumstances:

• Service providers: Third-party tools and platforms we use to operate our business (e.g., cloud hosting providers, communication tools, analytics services), who are contractually bound to protect your data
• Legal compliance: Where required by Nigerian law, a court order, or regulatory requirement from competent Nigerian authorities
• Business transfers: In the event of a merger, acquisition, or sale of all or part of our business, where your data may be transferred to the successor entity
• With your consent: In any other circumstances, only with your explicit consent

6. Data Retention

We retain your personal information for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law:

• Client and project data: For the duration of the engagement plus 7 years (for accounting and legal purposes)
• Prospect and enquiry data: Up to 3 years from last contact
• Job application data: 12 months following the conclusion of the recruitment process (unless you request earlier deletion)
• Website analytics data: As configured in our analytics tools (typically 24 months)

7. Your Rights Under Nigerian Data Protection Law

Under the Nigeria Data Protection Act (NDPA) 2023, you have the following rights in relation to your personal data:

• Right of access: To request a copy of the personal data we hold about you
• Right to rectification: To request correction of inaccurate or incomplete personal data
• Right to erasure: To request deletion of your personal data in certain circumstances
• Right to restriction of processing: To request that we limit how we use your data in certain circumstances
• Right to data portability: To receive your data in a structured, commonly used format
• Right to object: To object to processing based on legitimate interests
• Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing

To exercise any of these rights, please contact us at info@leocrestlabs.com. We will respond within 30 days of receiving your request.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, loss, destruction, or alteration. These measures include:

• Encrypted transmission of data (HTTPS/TLS)
• Access controls and authentication requirements for internal systems
• Regular security assessments and vulnerability reviews
• Staff training on data protection and information security
• Data minimization — we only collect what we need

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. Third-Party Links

Our website may contain links to third-party websites and services (including WhatsApp, LinkedIn, and Twitter/X). This Privacy Policy applies only to LeoCrestLabs' own activities. We are not responsible for the privacy practices of third-party websites and encourage you to review their respective privacy policies.

10. Cookies and Tracking

Our website uses cookies and similar tracking technologies to improve user experience and analyze website performance. These include:

• Essential cookies: Required for the website to function correctly
• Analytics cookies: Used to understand how visitors interact with our site (may include Google Analytics or similar)

You can control cookie settings through your browser preferences. Disabling certain cookies may affect website functionality.

11. Children's Privacy

Our services are directed at businesses and professionals. We do not knowingly collect personal information from individuals under 18 years of age. If we become aware that we have inadvertently collected such data, we will delete it promptly.

12. International Data Transfers

If we transfer your personal data outside Nigeria (e.g., to cloud service providers with servers in other countries), we ensure appropriate safeguards are in place — including contractual obligations with data processors that meet NDPC standards — to protect your data to the same standard as within Nigeria.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. Material changes will be communicated via our website. The "Last updated" date at the top of this policy indicates when it was last revised. Continued use of our services after updates constitutes acceptance of the revised policy.

14. How to Contact Us

For questions, complaints, or requests relating to this Privacy Policy or your personal data, please contact us:

• Email: info@leocrestlabs.com
• Phone: +234 816 397 6252
• Post: LeoCrestLabs Limited, Plot 47, Mohammed Mahmoud Cigari Street, Utako District, Abuja, FCT, Nigeria

If you are unsatisfied with our response, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.