Privacy Policy

Introduction

This Privacy Policy (“Policy”) explains how the National Troupe of Nigeria (“NTN”, “we”, “us”) collects, processes, stores, and protects personal data in connection with our digital platforms, programmes, and services. It applies to all visitors, subscribers, performers, partners, and other stakeholders who interact with us online or offline. We are committed to upholding the highest standards of privacy and data protection under the Nigerian Data Protection Regulation and any other applicable legislation. By accessing our website, attending our events, or engaging in our activities, you acknowledge that you have read, understood, and agreed to the terms of this Policy.

Information We Collect

We collect personal data that you provide directly when you register for events, subscribe to newsletters, submit enquiries, or otherwise communicate with us. This includes identifiers such as your name, title, organisation, email address, telephone number, and postal address. We also automatically gather technical and usage information through cookies, log files, and analytics tools when you visit our website or use our online services. Such data may include your IP address, browser type, operating system, device identifiers, pages viewed, duration of session, and clickstream patterns. In limited circumstances, we may receive personal data from third-party service providers or public sources to support our operations and comply with legal obligations.

• Contact details (name, title, organisation, email, phone, postal address)
• Event and programme registration data
• Technical data (IP address, browser type/version, device identifiers)
• Usage data (pages visited, time spent, clickstream analytics)
• Third-party or public source information (where permitted by law)

How We Use Your Information

Your personal data is processed solely for legitimate purposes that align with our mission and legal obligations. We use contact information to respond to enquiries, process event registrations, and provide you with updates about our programmes and services. Technical and usage data help us monitor website performance, diagnose technical issues, and improve our user experience. With your consent, we may send newsletters, surveys, or promotional materials about upcoming performances, educational workshops, and other cultural initiatives. We also retain and process data as necessary to comply with statutory requirements and protect our legal interests.

• Responding to enquiries, feedback, and support requests
• Administering event registrations, ticketing, and membership
• Delivering newsletters and programme updates (subject to consent)
• Analyzing website and service performance to drive improvements
• Meeting legal and regulatory obligations, including record-keeping

Legal Basis for Processing

We rely on clearly defined legal grounds when handling your personal data, in accordance with applicable data protection laws. Where you provide personal information voluntarily, such as subscribing to our mailing list or registering for an event, we process that data on the basis of your consent. In many cases, data processing is necessary for performance of a contract or to take steps at your request prior to entering into a contract—for example, processing a booking. We also process personal data based on our legitimate interests, such as improving our website functionality and safeguarding our digital infrastructure. Finally, we may process data to fulfil legal obligations imposed by statutory or regulatory authorities.

• Consent: for newsletters, surveys, and marketing communications
• Contract performance: to manage event registrations and services
• Legitimate interests: to enhance site functionality and security
• Legal obligation: to retain records as required by law or regulation

Data Sharing & Disclosure

We do not sell or rent your personal data to third parties. We share information only with trusted service providers and partners who perform functions on our behalf, such as website hosting, email distribution, payment processing, and analytics. All third-party processors are contractually bound to maintain the confidentiality and security of your data and may process it only for the purposes we specify. We may also disclose personal information if required by law, regulation, or court order, or to protect the rights, property, or safety of NTN, our users, or others.

• Hosting and maintenance providers (website, databases, backup)
• Email and newsletter distribution services
• Analytics and performance monitoring platforms
• Payment gateways for donations or ticketing transactions
• Regulatory, government, or law enforcement authorities when mandated

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Policy or to comply with legal, regulatory, or contractual requirements. Different categories of data have specific retention periods, after which the data is securely deleted or anonymised. For instance, enquiry records may be kept for up to three years, while event registration details are retained until the conclusion of the relevant programme plus one year. Website analytics data may be aggregated and anonymised after twenty-four months to preserve user privacy.

• Contact enquiries and correspondence: up to 3 years
• Event registrations and ticketing records: programme duration + 1 year
• Newsletter subscriptions: until you unsubscribe
• Website analytics (anonymised): retained for 24 months
• Legal and financial records: as required by statutory obligations

Security Measures

NTN has implemented robust technical and organisational measures to safeguard your personal data against unauthorised access, disclosure, alteration, or destruction. These measures include SSL/TLS encryption for data in transit, firewalls and intrusion detection systems, and access controls enforced through user authentication and role-based permissions. We conduct regular security assessments and staff training to ensure continued compliance with best practices. In the event of a data breach, we have incident-response protocols to contain the breach, notify affected individuals and authorities where required, and prevent future occurrences.

• SSL/TLS encryption for website traffic and data transfers
• Firewalls, intrusion detection, and regular vulnerability scans
• Role-based access controls and multi-factor authentication
• Encrypted backups and secure data storage facilities
• Ongoing security audits, staff awareness training, and incident response

Your Rights

Under applicable data protection laws, you may have the right to access, rectify, erase, or restrict the processing of your personal information. You can also object to certain types of processing, request data portability, and withdraw any consent you have previously given. To exercise these rights, please contact our Data Protection Officer at the addresses below. We will respond to your request within a reasonable timeframe and in accordance with legal requirements. Some rights may be subject to exceptions or limitations under the law.

• Right to access: obtain a copy of your personal data
• Right to rectification: correct inaccurate or incomplete data
• Right to erasure: request deletion of data where applicable
• Right to restrict processing or object to certain uses
• Right to data portability and withdrawal of consent

Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance functionality, measure performance, and provide you with relevant content. We employ essential cookies necessary for core site operations, analytics cookies to understand user behaviour, and optional marketing cookies to tailor promotional messages. You can configure your browser settings to block or delete cookies, though this may impact certain features of our website. We maintain a cookie consent banner that allows you to manage your preferences at any time.

• Essential cookies for session management and security
• Analytics cookies for traffic analysis and site optimisation
• Marketing cookies for targeted content and advertising
• Cookie consent banner to manage preferences or withdraw consent

Policy Updates & Governing Law

We may update this Policy periodically to reflect changes in our practices, technology, or legal requirements. We will publish any revised Policy on our website with an updated ‘Last Updated’ date. Your continued use of our platforms after such changes constitutes acceptance of the new terms. This Policy is governed by the Nigerian Data Protection Regulation and any other applicable laws of the Federal Republic of Nigeria.

• Effective date: August 6, 2025
• Last updated: August 6, 2025
• Policy changes will be announced via our website
• Governing law: Nigerian Data Protection Regulation