Homepage Individual >
Home > ...

Privacy and Cookie Policy

About Coronation

The Coronation Group (“Coronation” “the Group”, “We” or “US”) is a leading African financial services provider. The Coronation group comprises several entities and aims to provide an array of products and services to its customers/ clients.

The privacy notice (“this Notice”) applies to the following companies/ entities within the Coronation Group:

Coronation Entity

Address

Coronation Asset Management

Coronation House 10 Amodu Ojikutu Street, Off Saka Tinubu St, Victoria Island, Lagos

Coronation Capital

19 Gerrard Road, Ikoyi 106104, Lagos

Coronation Insurance

119 Awolowo Rd, Ikoyi 106104, Lagos

Coronation Life Assurance

119 Awolowo Rd, Ikoyi 106104, Lagos

Coronation Registrars

9 Amodu Ojikutu St, Victoria Island 106104, Lagos

Coronation Securities

Coronation House 10 Amodu Ojikutu Street, Off Saka Tinubu St, Victoria Island, Lagos

Coronation Trustees

Coronation House 10 Amodu Ojikutu Street, Off Saka Tinubu St, Victoria Island, Lagos

Trium Network Limited

3rd Floor Rock tower, Rock Drive, Lekki Phase 1 Lagos

Coronation Insurance Ghana

35, Aviation Road, Airport Residential Area. PMB 163 KIA, Accra, Ghana

Coronation FD

119 Awolowo Rd, Ikoyi 106104, Lagos

Woven Finance

3rd Floor Rock tower, Rock Drive, Lekki Phase 1 Lagos

We Value Your Privacy

Coronation respects your privacy and is committed to protecting your personal data. This Privacy Notice describes our policies and procedures on the collection, use, and disclosure of your information. It also tells you about privacy rights. By “your information”, we mean any information provided to us directly by you or through a third party.

This Privacy Notice relates to all personal information-processing activities carried out by Coronation. Entities within the Coronation group are the data controllers of personal information collected and processed for various business purposes.

Information We Collect and Use

Personal data or personal information means any information about an individual from which that person can be identified. It does not include where the identity has been removed (anonymous data).

Coronation group adopts the following methods for the collection and storage of your personal information:

  • Physical and Online forms
  • Cookies
  • CCTV recordings

We collect information about you from a variety of sources, such as website visits, applications, identification documents, interactions with relationship managers, and other third parties (e.g., payment gateway), and other written or electronic communications reflecting information such as your name, address, passport details, identification numbers, telephone number, occupation, assets, income and any other information we deem necessary. We may also gather information from publicly available sources such as the press, public search engines, the press, etc.

We may also use your transactional account history including your payment records. We may also use the information received from third parties such as family, solicitors, friends, or employers, website/ social media pages made public by you, government agencies, regulators, supervisory or credit agencies.

HOW WE USE PERSONAL DATA

We may use the personal data we obtain to:

  • Provide and administer our services
  • Process and keep you informed on the status of your business relationship with us
  • Provide investor services
  • Communicate and administer our services and events (such as sending promotional materials, newsletters, and other marketing communications)
  • Provide customer support
  • Verify your identity and protect against and prevent fraud and other unlawful activity, unauthorized transactions, claims, and other liabilities.

Where applicable by law, we will obtain your consent for the processing of your personal data for direct marketing purposes.

Lawful Purposes for which we may use your personal data

In the table below we demonstrate why and how we use your personal data as well as provide the legal reasons on which we rely under the Data Protection Legislation.

Purpose/Activity

Lawful basis for the processing of personal data

Provision of services, including the administration and management of customer/ client records and information.

Performance of a contractual agreement with you

Establishing your identity and assessing applications for our service

Performance of a contractual agreement with you Consent from you

Updating and enhancing our records

Performance of a contractual agreement with you

Managing our relationship with you

Performance of a contract with you

Identifying and informing you about other services

Consent from you

Complying with our legal obligations and assisting government and law enforcement agencies or regulators

Compliance with a legal obligation

Processing in the public interest

Consent

We will provide you with our Privacy Notice whenever we are collecting your personal information irrespective of the medium used. For the electronic medium, your consent is obtained by asking you to click on a button to show acknowledgment of the Notice. On the other hand, for your personal information collected via a paper document, we will require you to sign off on the document showing your understanding of our Privacy Notice.

Information Sharing with Third Parties

The Group does not sell or otherwise disclose personal data about you except as described in this Privacy Notice or at the time of collection.

We will only disclose your personal information in accordance with applicable laws and regulations.

We may engage the services of third parties in order to process your personally identifiable information. The processing by such third parties shall be governed by a written contract to ensure adequate protection and security measures are put in place by the third party for the protection of Personal Data in accordance with the terms of this Notice and the NDPA”.

We share personal data with the following categories of third parties:

Who

Examples

Coronation Entities

Coronation Registrars

Coronation Insurance

Coronation Life Assurance

Coronation Securities

Coronation Trustees

Coronation Asset Management

Coronation Capital

Woven Finance

Coronation FD

Coronation Insurance Ghana

Trium Network Limited

Legal or Regulatory authority that may require disclosure on legal grounds or other relevant Government departments where reasonably necessary

Securities and Exchange Commission (SEC), Economic and Financial Crimes Commission (EFCC), or Nigerian Financial Intelligence Unit (NFIU)

Service Providers/ Strategic Partners engaged by us to help run our business and perform the services/our contract with you

Cloud storage providers engaged by us to provide electronic storage facilities for our business data and your information.

Relatives/ Power of attorney/ Next of Kin etc., acting on your behalf whenever you make such requests

Next of Kin making decisions for the data subject in an emergency.

External Auditors

Annual Financial Auditors

International Transfer

Where Personal Data is to be transferred to a country outside Nigeria, we shall put adequate measures in place to ensure the security of such Personal Data. We shall, among other things, conduct a detailed assessment of whether the said country is on the National Information Technology Development Agency (NITDA) Whitelist of Countries with adequate data protection laws”.

Transfer of Personal Data out of Nigeria would be in accordance with the provisions of the NDPA. We will therefore only transfer Personal Data out of Nigeria on one of the following conditions:

  • The consent of the Data Subject has been obtained.
  • The transfer is necessary for the performance of a contract between the entity and the Data Subject or the implementation of pre-contractual measures taken at the Data Subject’s request.
  • The transfer is necessary to conclude a contract between the entity and a third party in the interest of the Data Subject.
  • The transfer is necessary for reasons of public interest
  • The transfer is for the establishment, exercise or defense of legal claims
  • The transfer is necessary in order to protect the vital interests of the Data Subject or other persons, where the Data Subject is physically or legally incapable of giving consent.

Provided, in all circumstances, that the Data Subject has been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where the Data Subject is answerable in duly established legal action for any civil or criminal claim in a third country.

Coronation will take all necessary steps to ensure that the Personal Data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred outside Nigeria shall be provided to you upon request.

Information Retention and Storage

Your Personal data will be retained only for as long as is necessary for the purposes set out in this Privacy Notice. We will retain and use your personal data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. We will retain and use Your personal data to the extent necessary to fulfil our contractual obligations with You and only retain your information further in line with regulatory requirements.

All Personal Information you provide to us is stored on our secure servers as well as secure physical locations and cloud infrastructure (where applicable). The data that we collect from you may be transferred to and stored at a destination outside Nigeria or the European Economic Area (“EEA”). Whenever your information is transferred to another location, we will take all necessary steps to ensure that your data is handled securely and in accordance with this Privacy Notice.

Your Legal Rights

Subject to applicable laws, and other data protection regulations, you have the following rights to how we use your information:

  • To request a copy of the personal data processed in relation to you. Your right of access can be exercised by sending an email to infomationsecurity@coronationgroup.com
  • To request that we rectify your personal data where such data are inaccurate or incomplete
  • To request us to delete your personal data, for example, if we no longer have a valid reason to process it
  • To object to how we process your personal data
  • To restrict how your personal data is processed in certain cases, such as when the accuracy of your Personal data is contested
  • To request a copy of the personal data you have given to us in a machine-readable

Right to withdraw consent

We rely on consent for certain limited processing of your personal information. Where we do this, you have the right to withdraw your consent to further use of your personal information.

Right to lodge a complaint

You have the right to complain to the regulatory agency the Nigerian Data Protection Commission (NDPC) at any time if you object to the way in which we use your personal information.

Contact Email: info@ndpc.gov.ng

If you wish to exercise any of the rights set out above, please contact our Data Protection Officer at InformationSecurity@coronationgroup.com

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized manner, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

To ensure the security of Personal Data, the Group will, among other things, implement the following appropriate technical controls:

  • Industry accepted hardening standards, for workstations, servers, and databases.
  • Full disk software encryption on all corporate workstations/laptops operating systems drives storing Personal and Personal/Sensitive Data.
  • Encryption at rest including key management of key databases.
  • Restrict the use of removable media such as USB flash, and disk drives.
  • Anonymization techniques in testing environments
  • Physical access control where Personal Data is stored in hardcopy.
  • Enable Security Audit Logging across all systems managing Personal Data.
  • We use strict security measures and technologies to prevent fraud and intrusion.
  • Our security controls and processes are regularly updated to meet and exceed industry standards.
  • Our employees are trained to respect the confidentiality of any personal information held by us

Where we have provided you (or where you have chosen) with a password that grants you access to specific areas on our site, you are responsible for keeping this password confidential. We request that you do not share your password or other authentication details (e.g. token generated codes) with anyone.

Cookies Policy

Cookies are small text files containing information that your computer or mobile device downloads when you visit a website, return to websites – or visit websites that use the same cookies – they recognize these cookies and therefore your browsing device. We do not store confidential or sensitive personal information in cookies.

To find out more about how we use cookies and what benefits they bring, please take a few moments to read this Cookie Policy.

Usage Data collected when using the Service may include information such as Your Device's Internet Protocol address (e.g., IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Why and How We Use Cookies on Our Website

We use cookies to improve your online activity session by making navigation easier and providing important security features.

When you access the Service by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device’s unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data. We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device.

We use cookies to track the activity on our service and store certain information

We use Google Analytics to collect the following types of information from users who have JavaScript enabled on their browsers:

  • Web browser used – software manufacturer, and version number
  • Operating system
  • Screen colors
  • JavaScript support
  • Flash version
  • Screen resolution
  • Network location and IP address
  • Geographic data
  • Hostname
  • Connection bandwidth
  • Time of visit
  • Pages visited and dwell time on these pages
  • Referring site
    • The referring website URL
    • Search engine query used

Cookie Category

Some cookies are required to make our website work, but we need your consent to use others. The cookie categories are:

Category

Description

Strictly Necessary

These cookies are required to run our website, to keep it secure, and to obey regulations that apply to us. These cookies are essential even if the customer declines the collection of cookies.

Functional

These cookies remember your region or country, language, accessibility options and your settings.

Performance

These cookies tell us how customers use our website. We study and profile this data to help us improve our products and performance

Marketing

These cookies help us decide which products, services and offers may be relevant for you. We may use this data to tailor the ads you see on our own and other websites and apps.

We do not use third-party cookies on our website.

What are your choices regarding cookies?

You can choose to have your computer warn you each time a cookie is collected, or you can choose to turn off all cookies. Since browsers differ, we recommend that you access the Help Menu to learn the correct way to modify your cookies.

If you turn your cookies off, some of the features that make your site, experience more efficient may not function properly.

Security

We will always hold your information securely. To prevent unauthorized access to your information, we have implemented strong controls and security safeguards at the technical and operational levels. This site uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to ensure the secure transmission of your personal data. You should see the padlock symbol in your URL address bar once successfully logged into the platform. The URL address will also start with https:// depicting a secure webpage. SSL applies encryption between two points such as your PC and the connecting server. To ensure that data is unreadable during transmission, encrypted data transmits during a session and is decrypted at the receiving end.

Your information is confidential to any third party except under legal and/or regulatory conditions. You have the right to request sight of, and copies of all information we keep on you if such requests made comply with the Freedom of Information Act and other relevant enactments. While the Group is responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorized officers of the Agency.

Accuracy of Information

Keeping your account information accurate and up to date is very important. You have access to your account information, which includes your contact information, account balances, transactions and similar information through various means, such as self-service portals.

If you discover any inaccuracies in your personal information, please promptly notify us, via the Contact Us page, and provide the required documentary evidence, to enable us to implement the necessary updates or changes.

Social Media Platforms

Coronation may interact with registered users of various social media platforms, including FacebookTwitter, LinkedIn and Instagram. Please note that any content you post to such social media platforms (e.g., pictures, information or opinions), as well as any personal information that you otherwise make available to users (e.g. your profile), is subject to the applicable social media platform’s terms of use and privacy policies. We recommend that you review this information carefully in order to better understand your rights and obligations with regard to such content.

Privacy of Children

Coronation’s Notice contains the following disclosure statement for children:

“Coronation respects the privacy of children. We do not knowingly collect names, email addresses or any other personally identifiable information from children. We do not knowingly market to children, nor do we allow children under 18 to open online accounts.

Promotional Messages

Coronation may sometimes contact you with products or services that we think may be of interest to you. If you don’t want to receive such promotional materials from us, you can opt out at any time by sending an email to InformationSecurity@coronationgroup.com

Privacy Notice Changes

This Notice may be revised on an ad-hoc basis to reflect the legal, regulatory and operating environment and such revised versions will automatically become applicable to you. We will post any revisions we make to our Privacy Notice on this page and such revised notice becomes effective at the time it is posted. We will notify you when any changes to our Privacy Notice have been made. We also encourage you to check this page from time to time for updates to this Notice.

Governing Law

This Privacy Notice is made pursuant to the Nigeria Data Protection Act 2023 (NDPA) or any other relevant Nigerian laws, regulations or international conventions applicable to Nigeria. Where any provision of this Notice is inconsistent with a law, regulation or convention, such provision shall be subject to the overriding law, regulation or convention.

Contact

Questions, comments, and requests regarding this Privacy Notice are welcomed and should be addressed to:

Data Privacy Officer: InformationSecurity@coronationgroup.com

This Privacy Notice was last updated 28th of August, 2024.