HomePrivacy Policy

Privacy Policy

Last Updated: October 25, 2025

Introduction

The Esther Arokun Foundation (“TESAR”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard the data you share with us when visiting our website, subscribing to our newsletter, or engaging with our programs.

Definitions

Consent: any freely given, specific, and unambiguous indication, whether by a written or oral statement or an affirmative action, of an individual’s agreement to the processing of personal data relating to him or to another individual on whose behalf he has the permission to provide such consent

Law or Data Protection Legislation: means the Nigeria Data Protection Act 2023 and other applicable data protection laws and all other application legislation relating to privacy or data protection.

Data Subject: an individual to whom personal data relates.

Data Controller: an individual, private entity, public Commission, agency or any other body who, alone or jointly with others, determines the purposes and means of processing of personal data.

Data Processor: an ind jividual, private entity, public authority, or any other body, who processes personal data on behalf of or at the direction of a data controller or another data processor.

Personal Information: information relating to an individual, who can be identified or is identifiable, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, psychological, cultural, social, or economic identity of that individual.

Sensitive personal information refers to any data that reveals details about an individual’s identity or private life that could cause harm, discrimination, or distress if disclosed. This includes information such as health status, genetic or biometric data, financial information, or criminal history. It also covers any other category of data considered sensitive under applicable data protection laws, including the Nigeria Data Protection Act 2023 (NDPA) 

Processing: any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, combination, restriction, erasure or destruction and does not include the mere transit of data originating outside Nigeria.

Information We Collect

We may collect the following information:

  1. Personal details such as name, email address, phone number, or organization (when you fill out forms or subscribe).
  1. Non-personal information such as browser type, device, and pages visited (for website analytics). We collect information about how you use our website and services, technical data such as internet protocol (IP) address, domain name, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
  1. Employment Information regarding your employment history, professional and educational information submitted upon applying for employment with us or for volunteer roles.
  1. Other Data such as your interests, preferences, feedback and any survey response you give.
  1. Marketing and Communications Data such as your preferences in receiving marketing communications from us and our Affiliated Third Parties and your communication preferences.
  1. Except for employment purposes and verification, we do not collect or store any Sensitive Personal Data such as your full date of birth. Do not share any Sensitive Personal Data save where required for a specific purpose.

How We Use Your Information

We use your data to:

  1. Respond to your inquiries or requests.
  2. Send updates, newsletters, or information about TESAR’s work (only if you opt in).
  3. Improve our website, outreach, survey, feedback, and user experience.
  4. To analyze the traffic on our website, including determining the number of visitors to the website and analyze how they navigate the website.
  5. Manage volunteer, partnership, or donor relationships.
  6. At any time, you request information from us via a form or other electronic transmission we may use your Personal Data to fulfil that request and keep a record of such request and how it was handled, for quality assurance and service improvement purposes.
  7. To keep you updated on our activities, programmes and events where your explicit consent has been given.
  8. To notify you of changes to our websites or relevant processes.
  9. We may also use your information or allow Affiliated Third Parties such as our affiliate companies or partners use of this Personal Data, to offer you information about unrelated products or services you may be interested in. We or such Affiliated Third Parties can only communicate with you if you have expressly consented to such communication and data use.
  10. We may share your personal data with Affiliated Third Parties such as service providers who we have engaged to assist with providing certain services on our behalf, for which they require your personal data.
  11. Where we have any contracts with you which create a commitment, we may require contact or use of your information to perform the contract.
  12. To process or manage your appointments with any of our staff.
  13. To fulfil legal/ regulatory obligations or to report any criminal or unethical activity.
  14. To store either on our central computer system or a third-party Computer’s central computer system for archiving and back up purposes.

Consent Of Data Subjects

In order to process the data we obtain from you, your consent is required. It may be provided orally, in writing or via electronic means. You also have a right to withdraw the consent which you had earlier given at any point in time. However, the withdrawal of your consent shall not affect the lawfulness of the data processing that occurred before you withdrew your consent.

Children’s Data 

Anyone below the age of 18 lacks legal capacity. Consent of the parent or legal guardian of the child is required. We encourage parents and guardians to observe, participate in, and/or monitor and guide their wards online activities. We do not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, kindly contact us immediately to promptly remove such information from our records.

Cross-Border Data Transfer

Subject to your consent, we may also transfer your personal data cross-border where in your interest, in the interest of the public, or for legal claims. We may transfer your data only where the recipient of your personal data is subject to a law, binding corporate rules, contractual clauses, code of conduct, or mechanism that affords an adequate level of protection which is in accordance with the NDPA 2023.

Data Protection & Security

We implement reasonable administrative and technical safeguards to protect your personal information against loss, misuse, or unauthorized access.

Cookies

Our website may use cookies to improve user experience and track usage statistics. You can disable cookies in your browser settings at any time.

1. Our advertisers and organization may have the occasion to collect information in regard to your computer for our services. The information is gained in a statistical manner for our use or advertisers on our site.

2. Data gathered will not identify you personally. It is strictly aggregate statistical data about our visitors and how they used our resources on the site. No identifying Personal Data will be shared at any time via cookie.

3. Close to the above, data gathering can be about general online use through a cookie file. When used, cookie is automatically placed in your hard drive where information transferred to your computer can be found. These cookies are designed to help us correct and improve our site’s services for you.

4. You may elect to decline all cookie via your computer or set up alerts to prompt you when websites set or access cookie. Every computer has the ability to decline file downloads like cookie. Your browser has an option to enable the declining of cookie. If you do decline cookie downloads you may be limited to certain areas of our site, as there are parts of our site that require cookie.

5. Any of our advertisers may also have a use for cookie. We are not responsible, nor do we have control of the cookie downloaded from advertisements. They are downloaded only if you click on the advertisement.

Third-Party Services

We may use trusted third-party tools (such as email services or analytics platforms) to help us operate efficiently. These partners are obligated to protect your data and will never use it for unrelated purposes.

Your Rights

  1. Right to opt out of our communications at any time by clicking “unsubscribe” in our emails.
  1. Right to object to and challenge data processing either by us or third parties to whom we share your data to.
  1. Right to inform you of any personal data breach that is likely to result in a high risk to your rights and freedoms in plain and clear language, including advice about measures you can take to mitigate effectively the possible adverse effects of the data breach.
  1. Right to confirm as to whether we or a third-party data processor operating on your behalf, are storing or otherwise processing your personal data
  1. Right to request rectification or erasure of your personal data, or restriction of processing of your personal data or to object to such processing.
  1. Right to know the recipients or categories of recipient to whom your personal data have been or will be disclosed, particularly recipients in third countries or international organizations.
  1. Right to know the period for which your personal data will be stored, or, if not possible, the criteria used to determine that period.
  1. Right to have a copy of your personal data in a commonly used electronic format, except to the extent that providing such data would impose unreasonable costs on us, in which case we may require you to bear some or all of such costs.
  1. Right to the correction or, if correction is not feasible or suitable, deletion of your personal data that is inaccurate, out of date, incomplete, or misleading.
  1. Right to restrict data processing pending – the resolution of a request, or an objection by you under the NDPA 2023, or the establishment, exercise, or defense of legal claims.
  1. Where personal data is processed for direct marketing purposes, you shall have the right to object, at any time, to the processing of your personal data, which includes profiling to the extent that it is related to such direct marketing.

If you have any questions about our use of your personal data, you should contact us via privacy@tesarfoundation.org. In accordance with the applicable laws, you may have the right to request: (a) further details on the use we make of your information; (b) a copy of the information that we hold about you; (c) update to any inaccuracies in the personal data we hold; (d) delete any personal data that we no longer have a lawful ground to use; (e) to withdraw your consent at any given time so that we stop that particular processing; (f) object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and (g) restrict how we use your information whilst a complaint is being investigated.

  1. Data Subject Request Response Procedure
  2. Where you wish to exercise any of your data privacy rights you shall make a formal request by completing the Data Subject Request Form (DSR Form) and sending the completed form via email to us at privacy@tesarfoundation.org.
  1. We shall contact you within 10 working days of the receipt of the DSR Form to confirm receipt of the request and may request additional information to verify and confirm the identity of the individual making the request.
  1. On receiving any request from you, we shall record the request and carry out verification of the identity of the individual making the request using the details provided in the DSR Form and a valid means of real identification such as international passport, or any other acceptable means of real identification.
  1. Where the request is from a third party, we will verify data subject’s authority to act for you and may contact you to confirm their identity and request your consent to disclose the information.
  1. When your identity is verified, we shall coordinate the gathering of all information collected with respect to you in a concise, transparent, intelligible and easily accessible form, using clear and plain language with a view to responding to the specific request. The information may be provided in writing, or by other means, including, where appropriate, by electronic means or orally provided that your identity is proven by other means. We may also contact you to ask you for further information in relation to your request.
  1. Where the information requested relates directly or indirectly to another person, we will seek the consent of that person before processing the request. However, where disclosure would adversely affect the rights and freedoms of others and we are unable to disclose the information for any other legal or permitted reason, we will inform you promptly, with reasons for that decision.

Contact Us

If you have questions about this Privacy Policy or your data, please contact us at:

📩 privacy@tesarfoundation.org

This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of Personal Data, or changes in applicable law.