Privacy Policy – MAG Tech Systems Ltd

Last Updated: February 19, 2026

1. Introduction

MAG Tech Systems Ltd (“MAG Tech,” “we,” “us,” or “our”) is a Nigerian cybersecurity company committed to protecting the privacy and personal data of our clients, website visitors, and event participants.

MAG Tech Systems Ltd is a data controller within the meaning of the Nigeria Data Protection Act 2023 (“NDPA”) in respect of personal data processed for its own business operations.

Where MAG Tech processes personal data on behalf of clients in the course of delivering cybersecurity or related services, it does so as a data processor pursuant to a written data processing agreement compliant with the NDPA.

2. Scope of This Policy

This Privacy Policy applies to:

• Visitors to our website (magtechs.com)
• Individuals who register for or attend our webinars and events
• Clients and prospective clients who contact or engage with us
• Any person whose data we may process in the course of delivering our services

Where MAG Tech processes personal data strictly for its own business administration, marketing, website operations, and event management, it acts as a data controller.

Where MAG Tech provides cybersecurity or related services that involve handling client controlled personal data, it acts as a data processor under documented instructions from the relevant client.

3. Information We Collect

3.1 Registration and Contact Information

When you register for a webinar, event, or enquire about our services, we may collect:

• Full name
• Professional email address
• Company name and job title
• Phone number (where provided voluntarily)
• Industry sector
• Country or location

3.2 Technical Information

When you use our website, we may automatically collect certain technical data, including:

• IP address and approximate geographic location
• Browser type and version
• Device type and operating system
• Pages visited, navigation patterns, and session duration
• Referral source

This information is collected through standard web technologies including cookies and we collect only personal data that is relevant and limited to what is necessary in relation to the purposes for which it is processed.

3.3 Communication Data

If you contact us or respond to our communications, we may retain:

• Email correspondence
• Survey or feedback responses
• Customer support enquiries

4. How We Use Your Information

We use personal data only for the following purposes:

• To process registrations for webinars and events and send access details, confirmations, and reminders
• To send you relevant cybersecurity updates, newsletters, or information about our services where you have consented or we have a legitimate interest in doing so
• To respond to your enquiries and provide customer support
• To analyse website traffic and improve our website and service offerings
• To comply with our legal and regulatory obligations under the NDPA 2023 and other applicable laws
• To protect against fraud, security threats, or other unlawful activity

We will not use your personal data for any purpose incompatible with the purposes listed above without first informing you.

5. Legal Basis for Processing

In accordance with the Nigeria Data Protection Act 2023 (NDPA), we process personal data based on one or more of the following lawful grounds:

• Consent: Where you have given clear and specific consent for a processing activity, such as receiving marketing communications.
• Contract: Where processing is necessary to fulfil a contractual obligation or to take steps at your request before entering a contract.
• Legitimate Interests: Where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms.
• Legal Obligation: Where processing is necessary to comply with a legal requirement under Nigerian or applicable international law.

Where provision of personal data is necessary for contractual or legal purposes, failure to provide such data may prevent us from fulfilling your request or providing services.

You may withdraw consent at any time where consent is the basis for processing. Withdrawal will not affect the lawfulness of processing carried out prior to withdrawal nor processing based on another lawful basis.

6. Data Sharing and Third Parties

6.1 Service Providers

We may share limited personal data with trusted third-party service providers who assist us in operating our business, including:

• Email and communication platforms (for webinar invitations and event communications)
• Video conferencing platforms (for hosting webinars)
• Website analytics providers (e.g. Google Analytics)

All such providers are required to handle personal data in accordance with applicable data protection law and are only permitted to process data on our instructions.

6.2 Legal Disclosures

We may disclose personal data where required to do so by Nigerian law, court order, government authority, or regulatory body, or where necessary to protect the legal rights, property, or safety of MAG Tech, our clients, or the public.

We may share personal data with trusted service providers under written agreements incorporating data protection obligations consistent with the NDPA.

6.3 No Sale of Personal Data

We do not sell, rent, trade, or otherwise commercially transfer your personal data to third parties.

7. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, loss, or destruction. These measures include:

• Encryption of data in transit and at rest
• Access controls limiting data access to authorised personnel only
• Regular security assessments and vulnerability testing
• Staff training on data privacy and security responsibilities

While we implement industry-standard safeguards, no method of electronic transmission or storage is completely secure. We encourage you to take appropriate precautions when sharing personal information online.

In the event of a personal data breach likely to result in risk to individuals, we will notify the NDPC and affected data subjects in accordance with the NDPA.

8. International Data Transfers

Where we engage service providers or partners outside Nigeria, your data may be transferred internationally. All such transfers are subject to appropriate safeguards in line with the requirements of the NDPA 2023, including the use of adequate contractual protections or transfer to jurisdictions with equivalent data protection standards.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our standard retention periods are:

• Webinar and event registration data: Up to 3 years from the date of the last event attended
• Marketing data: Until you unsubscribe or withdraw consent
• Business and financial records: Up to 7 years in accordance with applicable Nigerian law
• Legal compliance records: As required by applicable legislation

Following the expiry of retention periods or your withdrawal of consent, or where the data is no longer required, we will securely and irreversibly delete or anonymise it.

10. Your Rights Under the NDPA 2023

As a data subject under the Nigeria Data Protection Act 2023, you have the following rights:

• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request correction of inaccurate or incomplete data.
• Right to Erasure: You may request deletion of your personal data where it is no longer necessary, or where you withdraw consent (subject to any overriding legal obligation to retain it).
• Right to Restriction: You may request that we restrict processing of your data in certain circumstances.
• Right to Object: You may object to processing based on legitimate interests, including processing for direct marketing purposes.
• Right to Data Portability: Where technically feasible, you may request your data in a structured, commonly used, and machine-readable format.

To exercise any of these rights, please contact us using the details in Section 13. We may need to verify your identity before processing your request and will respond to all verified requests within 30 days. We may decline manifestly unfounded or excessive requests as permitted under law.

11. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve your browsing experience and help us understand how visitors use our site. The types of cookies we use include:

• Essential Cookies: Necessary for core website functionality and cannot be disabled.
• Analytics Cookies: Used to understand how visitors interact with our site (e.g. Google Analytics). Data collected is aggregated and anonymised where possible.
• Marketing Cookies: Used to serve relevant advertisements on platforms such as LinkedIn and Google Ads.

Non-essential cookies, including analytics and marketing cookies, are deployed only with prior explicit consent obtained through our cookie management tool in your browser settings. By continuing to use our website, you consent to the use of cookies in accordance with this policy. You may withdraw consent at any time.

12. Children’s Privacy

Our services are intended for business professionals and are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have inadvertently collected data from a person under 18, we will promptly delete it.

13. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or regulatory guidance. Any updates will be:

• Posted on our website at magtechs.com with a revised effective date
• Communicated to you by email where the changes materially affect your rights, and we shall obtain your renewed consent where required..

14. Contact Us and Complaints

For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

MAG Tech Systems Ltd

Email: dpo@magtechs.com

Website: magtechs.com

Address: Plot 707, Adeola Hopewell, Victoria Island, Lagos, Nigeria

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC).  Please visit their website for more details in this regard.

Nigeria Data Protection Commission (NDPC)

Website: https://ndpc.gov.ng

---

This Privacy Policy was last updated on February 19, 2026, and is effective immediately.