xxiv. “Relevant
Authorities”
means
The
National
Information
Technology
Development Agency (NITDA) or any other statutory body or establishment
having government’s mandate to deal solely or partly with matters relating to
Personal Data;
xxv.
“Sensitive Personal Data” means data relating to religious or other beliefs,
sexual orientation, health, race, ethnicity, political views, trades union
membership, criminal records or any other sensitive personal information;
xxvi. “The Agency” means the National Information Technology Development
Agency;
xxvii.
“Third Party” means any natural or legal person, public authority,
establishment or any other body other than the Data Subject, the Data
Controller, the Data Administrator and the persons who are engaged by the
Data Controller or the Data Administrator to process Personal Data.
PART TWO
2.1
GOVERNING PRINCIPLES OF DATA PROCESSING
(1) In addition to the procedures laid down in this Regulation or any other instrument
for the time being in force, Personal Data shall be:
a) collected and processed in accordance with specific, legitimate and lawful
purpose consented to by the Data Subject; provided that:
i. a further processing may be done only for archiving, scientific research,
historical research or statistical purposes for public interest;
ii. any person or entity carrying out or purporting to carry out data
processing under the provision of this paragraph shall not transfer any
Personal Data to any person;
b) adequate, accurate and without prejudice to the dignity of human person;
c) stored only for the period within which it is reasonably needed, and
d) secured against all foreseeable hazards and breaches such as theft,
cyberattack, viral attack, dissemination, manipulations of any kind, damage by
rain, fire or exposure to other natural elements.
7
NIGERIA DATA PROTECTION REGULATION