Privacy notice

We respect and protect your privacy. This privacy policy tells you how we collect and use information you have provided.

Privacy Policy

The Allison and Oluremi Ayida Foundation (“Foundation”, “AOA”, “we”, “us”, or “our”) is an NGO that transforms individuals, communities and societies on the foundation of Love, Service and Excellence. We do so through community outreach, financial partnerships with individuals and organisations focused on stewarding spiritual growth, advancing the education sector and creating scalable solutions that transform economies.

We are committed to protecting the privacy and security of your personal data and ensuring transparency, accountability, and confidentiality. This Privacy Policy outlines how we collect, use, store, share, and protect the personal data of individuals (“Data Subjects”) who engage with our website, forms, services, and events (collectively referred to as “Services”).

This Privacy Policy applies to all personal data processing activities conducted within our environment and is designed to ensure compliance with the Nigeria Data Protection Act (NDP Act), 2023 and the NDP Act General Application Implementation Directive (GAID), 2025. 

Through this Privacy Policy, we will describe how, when and why we, at the AOA Foundation, may use your information, as well as your rights relating to that information.

1. The Information We Collect

1.1 Personal Data You Provide Directly  

We may collect the following personal data you provide:  

  • Contact Information: Name, email address, phone number, and physical address  
  • Identity Verification Information: Copy of passport, birth certificate and any other information to confirm your identity when needed to participate in certain events (e.g. annual AOA Foundation Tennis Tournament) 
  • Communications and other Personal Data: Information shared when contacting us via email, registration forms, or other communication channels  

1.2 Personal Data We Collect Automatically  

  • Device Information: Internet Protocol (IP) address, browser type, operating system, and unique device identifiers  
  • Usage Information: Details of your interactions with our Services, including page views, session times, and links clicked  

1.3 Personal Data We Receive from Third Parties  

  • Partners: Information from external service providers, collaborators, partners etc. (e.g. Tennis coaches or schools) 
  • Public Sources: Information from publicly available databases  
  • Inferences: Additional data inferred from your activities or information provided  

2. How We Use Personal Data  

We use personal data to:  

  • Deliver our charitable Services  
  • Communicate with you regarding inquiries  
  • Prevent fraud and ensure security of our website and services  
  • Comply with legal and regulatory obligations
  • Provide updates, marketing content, and newsletters with your explicit consent 
  • Share communications regarding and/or when registering you for charitable events, fundraisers, annual Tennis Tournament etc.

3. How We Share Personal Data  

We do not sell personal data. We may share your data in the following cases:  

  • Service Providers: With vendors or agents performing tasks on our behalf (e.g. event planners)  
  • Legal and Regulatory Compliance: To comply with legal obligations or respond to lawful requests 

4. Cookies  

We use cookies and similar technologies on our website (https://ayidafoundation.org/) to help collect information and operate the site. We use three necessary cookies to remember users and make your user experience easier; mitigate risk and prevent fraud; and to promote trust and safety on our website. These cookies are GDPR-compliant and do not send your data to countries categorised as “inadequate” (lacking data protection legislation).

Cookies are small text files placed by a website and stored by your browser on your device. Most web browsers are set to accept cookies by default. You can go to your browser settings to learn how to delete or reject cookies. If you choose to delete or reject cookies, this may impact your experience using our website.

5. How We Protect Your Information  

We implement technical and organisational measures to secure personal data against unauthorised access, alteration, and destruction. Examples include data encryption, strict access controls, and two factor authentication.  

5.1 Personal Data Breach

We take the security of personal data seriously and have implemented measures to prevent data breaches from occurring. However, in the event of a data breach, we have established procedures for reporting and managing incidents. You may contact our Data Protection Officer (DPO) if you become aware of any breach of personal data.

When we become aware of a data breach that affects personal data, we will notify the affected individuals and the Nigeria Data Protection Commission (NDPC) in accordance with the provision of the NDP Act, 2023 and other subsidiary data protection legislation. The notification will include the following information:

  • A description of the nature of the data breach, including the categories of personal data involved  
  • The likely consequences of the data breach  
  • The measures taken or proposed to address the data breach, including any measures to mitigate its possible adverse effects  

We will immediately notify affected individuals in high risk instances. We encourage all individuals to take appropriate steps to protect their data, such as using strong passwords, and reporting any suspicious activity to us immediately.

We will report any breaches that may compromise your rights and freedoms to the NDPC within 72 hours of discovery.  

6. Data Retention  

We retain personal data for as long as necessary to:  

  • Provide Services to you, including contact and updates
  • Comply with legal and regulatory obligations, where necessary
  • Resolve disputes 
  • Adhere to our internal retention policies 

Once the retention period expires, personal data will be securely deleted.

This Privacy Policy also applies when we retain your personal data after our relationship ends. We may also retain your personal data for the duration of any period necessary to establish, exercise or defend any legal rights. We may keep personal data indefinitely in a de-identified format for statistical purposes.

For more information regarding our retention practices, please contact our DPO at DPO@TAAS-ltd.com.

7. Data Transfers  

Personal data is stored on Google LLC servers in Delaware, the United States. As your data is transferred to jurisdictions outside Nigeria, we ensure appropriate safeguards are in place to protect the data in accordance with applicable laws.  

8. Lawful Basis for Processing Personal Data  

Processing of personal data will be lawful if one of the following applies:  

  • The data subject has given consent to the processing of their personal information for one or more specific purposes. You may revoke your consent by contacting us 
  • The processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract  
  • The processing is necessary for compliance with a legal obligation to which we are subject  
  • The processing is necessary for legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require the protection of personal data  
  • The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us 
  • The processing is necessary to protect the vital interest of a data subject or another person 

 9. Your Rights  

At the AOA Foundation, we respect the rights of our users, and we allow you to exercise them under the NDP Act. Individuals who have personal data held by us can reach out to exercise the following rights:

  • Right to request for and access any personal data collected and stored by the Foundation. This right allows you to request a copy of your personal information in our custody; 
  • Right to be informed regarding the use of your personal data;
  • Right to be informed about appropriate safeguards in place whenever your personal information is transferred abroad;
  • Right to object to automated decision-making and processing. You have the right to object to the processing of your personal information and to exercise this right you can submit a request to the DPO;
  • Right to rectification/modification of personal information;
  • Right to request the deletion of personal information;
  • Right to request the movement of your personal information from Us to a third party – this is the right to the portability of data; 
  • Right to revoke consent; 
  • Right to object to direct marketing; and
  • Right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) in line with the Standard Notice to Address Grievance (SNAG) procedure.

To exercise these rights, you may submit a request to the Data Protection Officer (DPO) at DPO@TAAS-ltd.com. Your request will be reviewed and answered by the AOA Data Protection Officer without undue delay. 

9. Children’s Privacy  

While our Services are not typically directed at individuals under 18, we collect children’s data during the annual AOA Foundation Tennis Tournament. 

​​As a charitable foundation committed to safeguarding the rights of children, we recognise the importance of protecting the personal data of all participants under the age of 18. When collecting and processing children’s data during the Tennis Tournament, we are committed to:

  • Obtaining Parental Consent: We will seek verifiable parental or guardian consent before collecting any personal information from children.
  • Transparency: We will provide age-appropriate information about how their data will be used, ensuring children understand in a way suitable for their age.
  • Data Minimisation: We will only collect data that is strictly necessary for the purpose of organising and supporting the event.
  • Right to Access and Delete: Children and their guardians have the right to access their data and request its deletion at any time.
  • Protection and Security: We will implement appropriate technical and organisational measures to protect children’s data from unauthorised access, loss, or misuse.
  • Respecting Privacy Throughout: We will ensure that children’s privacy rights are respected at every stage of data collection, processing, and storage.

Our goal is to create a safe environment where children can participate fully while their personal data is protected with the utmost care and respect.

10. Changes to This Privacy Policy  

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. Updates will be communicated via our website and this Privacy Policy will apply from the effective date provided on our website.

11. Contact Us  

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact our Data Protection Officer (DPO):  

DPO@TAAS-ltd.com .