Data Privacy Statement

Our Commitment to Data Privacy

Rotary District 9127 is committed to protecting the privacy and security of your personal data. This Data Privacy Statement explains how we handle your information in compliance with applicable data protection laws, including the Nigeria Data Protection Regulation (NDPR) and international standards.

1. Data Controller

Rotary District 9127 is the data controller for personal information collected through our website and activities. We are responsible for ensuring your data is processed lawfully, fairly, and transparently.

2. Legal Basis for Processing

We process your personal data based on:

• Consent: You have given clear consent for us to process your data
• Contract: Processing is necessary for membership or event registration
• Legal Obligation: We must comply with legal requirements
• Legitimate Interests: Processing is necessary for our legitimate interests in operating the district and promoting Rotary's mission

3. Types of Data We Collect

3.1 Membership Data

• Name, contact information, and demographic details
• Club affiliation and membership status
• Professional and vocational information
• Attendance and participation records

3.2 Financial Data

• Payment information for dues, donations, and event registrations
• Transaction history

3.3 Communications Data

• Email correspondence
• Newsletter subscriptions
• Event communications

3.4 Technical Data

• IP address and device information
• Browser type and settings
• Website usage data

4. How We Use Your Data

We use your personal data to:

• Administer memberships and club operations
• Organize and manage district events and programs
• Process donations and financial transactions
• Send newsletters and communications about district activities
• Maintain district records and directories
• Comply with Rotary International requirements
• Fulfill legal and regulatory obligations

5. Data Sharing

We may share your data with:

• Rotary International: For membership administration and reporting
• Other Rotary Districts: For inter-district activities and programs
• Club Officers: For club management and communications
• Service Providers: Third parties who provide services on our behalf (e.g., payment processors, email services)
• Legal Authorities: When required by law

We require all third parties to respect the security of your data and treat it in accordance with applicable laws.

6. International Data Transfers

Your data may be transferred to Rotary International in the United States and other countries. We ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by data protection authorities
• Privacy Shield certification (where applicable)
• Adequate data protection measures

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

• Membership records: Duration of membership plus 7 years
• Financial records: 7 years for tax and audit purposes
• Event registrations: 3 years after the event
• Marketing communications: Until you unsubscribe

8. Your Rights

Under data protection laws, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal requirements)
• Restriction: Request limitation of processing
• Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

To exercise these rights, please contact us using the details provided above.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit and at rest
• Access controls and authentication
• Regular security assessments
• Staff training on data protection
• Incident response procedures

10. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

• Notify the relevant data protection authority within 72 hours
• Inform affected individuals without undue delay
• Take immediate steps to mitigate the breach

11. Children's Data

For Interact and Rotaract members under 18, we obtain parental or guardian consent before collecting personal data. We take extra care to protect the privacy of young people.

12. Cookies and Tracking

Our website uses cookies and similar technologies. You can manage cookie preferences through your browser settings. For more information, see our Privacy Policy.

13. Updates to This Statement

We may update this Data Privacy Statement from time to time. We will notify you of significant changes through our website or direct communication.

14. Complaints

If you have concerns about how we handle your data, please contact us first. You also have the right to lodge a complaint with:

15. Contact Us

For questions about data privacy or to exercise your rights, contact: