Data Retention Policy

 

 

1. Introduction

Lovinas Concept Limited (“Lovinas,” “we,” “us,” or “our”) is committed to protecting the privacy of our customers and ensuring responsible data management. This Data Retention Policy outlines our procedures for the collection, storage, and secure disposal of personal and operational data. The purpose of this policy is to ensure that we retain data for legitimate business needs, comply with relevant legal and regulatory obligations in Nigeria, and uphold the highest standards of data security.

By establishing clear retention periods, we aim to minimize the amount of data we hold, thereby reducing the risk of a data breach and protecting the privacy of our community.

 

2. Scope and Guiding Principles

This policy applies to all personal information, transactional records, and other data collected by Lovinas Concept Limited, whether through our website, social media channels, or direct communications.

Our data retention practices are guided by the following principles:

  • Legal Compliance: We retain data for as long as is necessary to comply with legal, accounting, tax, and regulatory requirements.
  • Business Necessity: We retain data only for as long as it serves a legitimate business purpose, such as providing customer support, fulfilling orders, and improving our services.
  • Data Minimization: We will not store data for longer than is necessary to fulfill the purpose for which it was collected.
  • Data Security: All data, regardless of its retention period, is handled and stored securely to prevent unauthorized access, disclosure, or misuse.

 

3. Data Retention Periods

The following table outlines the retention periods for different categories of data. These periods are based on legal requirements and our business needs.

Data Category Data Type Retention Period
Customer Account Information – Name, email address, password, phone number, shipping and billing addresses. Retained as long as the customer account is active.
Order & Transactional Data – Order history, product purchases, payment records (excluding full card details), and order communication logs. Retained for 7 years from the date of the last transaction to comply with tax and financial record-keeping obligations.
Marketing Data – Email subscription status, communication preferences, and data used for promotional campaigns. Retained as long as the user is subscribed. Data for unsubscribed users will be securely deleted within 180 days of unsubscribing.
Website Usage & Analytics – IP addresses, cookies, session data, and website usage statistics. Retained for a maximum of 2 years for performance analysis, security monitoring, and to improve user experience.
Customer Service Records – Email correspondence, chat logs, and other support inquiries. Retained for 2 years from the date the inquiry is resolved to maintain a record of past support and improve our service.
Internal Records – Staff information, system logs, and administrative records. Retained for a period defined by internal operational and legal requirements, typically 7 years for financial and employment records.

4. Data Disposal Procedures

Once the retention period for a specific data category has expired, the data will be securely disposed of in a manner that prevents its retrieval and reconstruction.

  • Electronic Data: All electronic data will be securely deleted from our databases and servers. This includes using methods like data overwriting, de-identification, or permanent deletion to ensure the data is irrecoverable.
  • Physical Records: Any physical records containing personal or sensitive information will be securely shredded or incinerated.

We will conduct a periodic review of our data stores to identify and dispose of data that has exceeded its retention period.

 

5. Responsibilities

The System Administrator or a designated Data Protection Officer is responsible for:

  • Implementing and enforcing this Data Retention Policy.
  • Maintaining records of data retention and disposal activities.
  • Conducting periodic reviews of data to ensure compliance.
  • Responding to requests from customers regarding their personal data.

All employees and contractors are responsible for adhering to the principles and procedures outlined in this policy.

 

6. Policy Review

This Data Retention Policy will be reviewed annually, or whenever there are significant changes to our business operations or relevant laws and regulations, to ensure it remains relevant, effective, and compliant.

 

7. Contact Information

For any questions about this Data Retention Policy or our data management practices, please contact us at:

Lovinas Concept Limited

Email: lovinasconcept@gmail.com

Phone: ‪0816941422908103539177

Address: Road 1 Ikota Shopping Complex, VGC Ajah, Lekki Lagos