POLICIES

Privacy and Data Protection Policy

We respect your right to privacy, it is very important to us, and we take the protection of your privacy and ensuring the security of your Personal Data very seriously.

We are committed to the fair and transparent Processing of your Personal Data in line with the provisions of the Nigeria Data Protection Act (NDPA) and other applicable laws. This Privacy Notice describes how we Process your Personal Data, explain your rights in relation to the Personal Data we Process, and states our commitment when Processing your Personal Data in a compliant, ethical and secure manner.

When we use "we," "us," or "our" in this notice, it refers solely to Globacom Nigeria Limited (operating as Glo). We are the data controller responsible for how your personal information is collected, used, stored, and protected under the Nigeria Data Protection Act 2023 ("NDP Act") and any guidelines issued by the Nigeria Data Protection Commission (NDPC).

This notice explains how Glo handles your personal data when you:

  • Subscribe to or purchase any of our products or services;
  • Access or interact with our website, mobile applications, or customer support channels;
  • Communicate with us by phone, email, or in person, etc.

We may work with carefully selected third parties (e.g., Service Providers, Advertising Agencies, Logistics Partners, Consultants) to deliver or improve our services. In those cases, Glo shall ensure that your personal data is processed in compliance with the NDP Act, and we put in place binding agreements and safeguards to protect your information.

This notice applies to individuals that are:

  • Customers: Individuals or entities who enter into agreements with Glo to receive our products or services, or who purchase any of our offerings. This also covers prospective customers to the extent that Glo processes their personal data.
  • Users: Anyone who accesses or interacts with our website, mobile applications, or any Glo products and services.
  • Suppliers: All vendors, contractors, partners, and service providers engaged by Glo, including those under consideration, to the extent that Glo processes their personal data.
  • Resellers: Authorized Glo distributors, Agents, and Channel partners along with prospective resellers whenever Glo handles their personal data.
  • Premises Visitors: Persons whose information is recorded at any Glo facility via visitor logs, management systems, CCTV, or similar monitoring tools.

We currently collect and process the following information:

  • Identification: name, contact info, date of birth, Mobile number, and biometric data like images and voice recordings.
  • Digital footprint: browsing history, app usage, and device data, such as IP addresses and browser types.
  • Financial details: bank account info, credit history, and payment data.
  • Location tracking: physical location and geolocation data from cell towers, WiFi, and GPS.
  • Online activity: social media interactions, public profiles, and engagement with our content.
  • Performance metrics: network performance data, usage patterns, and device info.
  • Background information: demographic data, education, and financial status.
  • User feedback: views, opinions, and preferences shared through surveys or feedback channels.
  • Cookies and tracking: data collected through cookies and other tracking technologies to enhance user experience.
How We Collect Your Personal Data

We typically collect your personal data directly from you in the following situations:

  • When you purchase or use our products or services;
  • When you visit our websites;
  • When you visit our premises;
  • When you interact with our customer service team;
  • When you enter into a business relationship with us.

However, we may also collect your personal data indirectly from:

  • Credit check or vetting agencies;
  • Social media platforms;
  • Marketing agencies;
  • Third-party suppliers and resellers.
Why We Collect and Use Your Information

We may use the information that you have given us for the following reasons:

  • Identity verification: to confirm your identity when you interact with us or purchase products/services.
  • Credit assessment: to evaluate your creditworthiness when entering into contract with us or access some of our products/services.
  • Order processing: to complete transactions, update you on order progress, and provide products/services.
  • Billing and debt collection: to manage account billing and collect outstanding payments.
  • Service improvement: to analyze customer behaviour, monitor network performance, and enhance products/services.
  • Personalization: to understand your preferences, tailor our offerings, and develop new services.
  • Network management: to optimize network performance, capacity, and security.
  • Marketing: to promote our products/services, subject to your preferences and opt-out choices.
  • Fraud prevention: to detect and prevent fraudulent activities, safeguard our systems, and protect our assets.
  • Compliance: to meet legal obligations, respond to law enforcement directives, and fulfil reporting requirements.
  • Profiling and automated decision-making: with your explicit consent, we may use profiling for certain products/services.
  • Customer support: to respond to your inquiries, concerns, and complaints about our products/services.
Lawful Basis for Processing

Under the Nigeria Data Protection Act (NDP Act), the lawful bases we rely on for processing this information are:

  • Your consent: we process your personal data based on your consent, which you have given us for specific purposes.
  • We have a contractual obligation: to fulfil our contractual obligations to you, such as providing products or services.
  • We have a legal obligation: we process your personal data to comply with applicable laws, regulations, and court orders.
  • We have a vital interest: to protect your vital interests or those of others, such as in emergency situations.
  • We need it to perform a public task: we process your personal data to perform tasks that are in the interest of the public, i.e. collective welfare and well-being of society as a whole.
  • We have a legitimate interest: based on our legitimate interests, such as improving our products or services, network management, and marketing, while ensuring your rights and freedoms are protected.

Yes, Glo may disclose your personal information to select third parties when it's necessary for our legitimate business interests, to fulfil your requests, or as required or permitted by law.

The recipients may include:

  • Service providers: third-party partners who process personal data on our behalf, such as those offering IT, hosting, and consulting services. We only share the minimum personal data they need to perform their services, and they are prohibited from using it for any other purpose.
  • Business reasons / Corporate Transactions: we may disclose personal data in connection with a sale, merger, reorganization, or transfer of our business.
  • Legal and Regulatory Authorities: we may share data with courts, law enforcement agencies, or regulatory bodies to comply with laws, court orders, or government regulations.
  • Auditors: for financial, data privacy, or security audits or to investigate or address complaints or security incidents.
  • Insurance Partners: including brokers, insurers, reinsurers, and their advisors, when necessary for underwriting, claims handling, or regulatory compliance.
  • Advertising and Analytics Partners: we may provide anonymised or aggregated information to third parties that advertise via Glo's platforms or analyse usage trends, but no personally identifiable data is shared.

In every instance, Glo ensures appropriate contractual safeguards, assesses data processing standards, and applies technical and organisational measures to protect your data.

Globacom will transfer your Personal Data outside Nigeria only if such transfer is permitted by, and is in accordance with Local Regulatory Requirements such as the NDP Act and the NDP Act GAID, and for the purposes described in this Policy.

Globacom will only transfer personal data outside Nigeria where:

  • The NDPC has declared the foreign country as having adequate data protection laws and practices.
  • A Cross-Border Data Transfer Instrument (CBDTI), such as Binding Corporate Rules (BCRs), Standard Contractual Clauses (SCCs), Codes of Conduct or Certification, is in place and approved by the NDPC.
  • In a defence or establishment of a legal claim.
  • You have provided your consent for this purpose.
  • It is necessary for us to perform the contractual agreement established with you as an individual.

Additionally, Globacom will take all necessary steps to ensure that the Personal Data is handled and transmitted in a safe and secure manner. These measures include conducting data protection impact assessments (DPIA) to identify and mitigate the risks that such transfer could pose to the rights and freedoms of data subjects.

Glo only keeps your personal information for as long as it's needed to fulfil the purposes for which it was collected. After that, we erase or anonymise it promptly and securely unless one of the following applies:

  • Legal or Regulatory Requirements: If local laws or regulations mandate that we hold onto certain data for a specified time, we will comply.
  • Your Consent: Where you've explicitly agreed that we may retain your data beyond the original purpose, we will keep it in line with the terms of your consent.
  • Archival, Research or Statistical Use: When personal data is needed for legitimate historical, statistical or research objectives and only if we have robust safeguards in place to prevent it being used for other purposes, we may store it longer.

Once your personal data is no longer required and no exception applies, we will, as soon as reasonably practicable, either:

  • Anonymise/De-identify it so it can no longer be linked back to you; or,
  • Permanently delete it using secure methods designed to prevent any future recovery.

We have strict security measures to protect your personal information. We check your identity when you get in touch with us, and we follow our security procedures and apply suitable technical and logical measures, such as access control mechanism and encryption, to protect your information.

Under data protection law, you have rights including:

  • Your right of access: You have the right to ask us for copies of your personal information.
  • Your right to rectification: You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing: You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing: You have the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability: You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances. This right is only applicable when processing is based on contract or consent.
  • Your right to not be subject to automated decision-making: you have the right not to be subject to a decision based solely on automated processing of personal data, including profiling.

The request to exercise your rights will be acknowledged and addressed by the Company as swiftly as possible. Note that the request for right to data portability could require a fee, depending on the nature of such request.

Please contact us at [email protected] and 0805 557 0777; 0805 002 0121 if you wish to make a request.

If you have any concerns about our use of your personal information, you can make a complaint to us at:

You can also complain to the Nigeria Data Protection Commission (NDPC) if you are unhappy with how we have used your data.

The NDPC's office address is:

12 Dr. Clement Isong,
Asokoro, Street 900103,
Federal Capital Territory

Contact information for the NDPC:

  • Helpline number: +234 (0) 916 061 5551
  • NDPC website: https://ndpc.gov.ng/