News – Commissioning Digital Industrial Park (DIP) in Kano Kano Digital Hubs Accreditation (KDH)

Start Learning
Start Learning

Privacy Policy

Kano State Information Technology Development Agency (KASITDA)

Last Updated: July 16th, 2025

1. Introduction  

The Kano State Information Technology Development Agency (KASITDA) operates with a firm commitment to protecting the privacy and security of all individuals who access and use our official website (www.kasitda.ng). This comprehensive Privacy Policy has been formulated to transparently outline the procedures through which we collect, process, utilize, disclose, and protect your personal data. Our practices strictly adhere to:  

  • The provisions of the Nigeria Data Protection Regulation (NDPR 2019)  
  • The Kano State Data Protection Policy as enshrined within Pillar 7 (Cybersecurity and Data Governance) of KASITDA’s Strategic Roadmap  
  • International standards for digital governance and data protection  

By visiting, registering on, or utilizing any services available through the KASITDA website, you explicitly acknowledge and consent to the data handling practices described in this policy.  

2. Categories of Data Collected 

In the course of providing digital services and maintaining our online platforms, KASITDA may acquire various types of information from website users:  

A. Personal Identification Information

We collect identifiable personal data when users voluntarily provide such information through our digital platforms. This includes but is not limited to complete names, valid email addresses, telephone contact details, and Internet Protocol (IP) addresses.  

B. Professional and Organizational Data

For partners, stakeholders, and institutional collaborators, we may request and store professional information including organizational affiliations, official designations, and departmental responsibilities to facilitate appropriate service delivery.  

C. Service-Related Information  

When users submit inquiries, applications, or requests through our online forms or service portals, we collect and retain the content of these communications along with any supporting documentation provided.  

D. Technical and Usage Data  

Our systems automatically gather non-personal technical information including but not limited to browser specifications, device characteristics, visited pages, session durations, and navigation patterns through the implementation of cookies and similar tracking technologies.  

E. Aggregated Demographic Data

We analyze and store anonymized statistical data regarding user demographics and website traffic patterns to enhance service delivery and digital infrastructure planning.  

F. Exclusion of Sensitive Data  

In strict accordance with our data minimization principles, KASITDA does not collect or process sensitive personal data such as biometric records, financial account details, or health information unless such collection is absolutely necessary and accompanied by explicit, informed consent from the data subject.  

3. Purposes and Legal Bases for Data Processing  

KASITDA processes collected data exclusively for legitimate, specified purposes as authorized under relevant legislation and in alignment with our strategic mandates:  

A. Service Provision and Improvement

We utilize personal data to deliver and continuously enhance our e-government services as mandated under DTA Objective 1 (Digital Governance) and KASITDA Pillar 5 (E-Government and Digital Public Services). This includes processing applications, responding to citizen inquiries, and maintaining user accounts for digital services.  

B. Official Communications

Contact information provided by users enables us to disseminate important agency updates, service notifications, and responses to submitted queries through appropriate digital channels.  

C. Website Optimization  

Technical and usage data informs our continuous efforts to improve website functionality, user experience, and content relevance through data-driven analytics and performance metrics.  

D. Legal and Regulatory Compliance  

We process data when necessary to fulfill our statutory obligations under Nigerian law, including but not limited to compliance with the NDPR, court orders, or lawful government requests.  

E. Security and Fraud Prevention  

In alignment with Pillar 7 (Cybersecurity and Data Governance) of our Strategic Roadmap, we analyze usage patterns and access logs to identify and mitigate potential security threats, unauthorized access attempts, or fraudulent activities targeting our digital infrastructure.  

4. Data Sharing and Third-Party Disclosures

KASITDA maintains stringent protocols regarding the disclosure of user data to external parties:  

A. Government Ministries, Departments and Agencies (MDAs)  

We may share necessary information with other government entities strictly for the purpose of coordinated service delivery and in accordance with our statutory mandate as defined in the Kano State ICT Development Agency Law (2023).  

B. Authorized Service Providers 

Selected third-party vendors and technical partners may receive limited data access under binding contractual agreements that enforce equivalent data protection standards. These arrangements are exclusively for services such as website hosting, analytics, or specialized digital solutions.  

C. Legal and Regulatory Authorities  

Disclosure to law enforcement agencies, judicial bodies, or regulatory institutions will only occur when mandated by applicable laws or when necessary to protect vital public interests.  

D. Explicit Prohibitions  

KASITDA categorically does not engage in the sale, lease, or commercial exploitation of user data to marketing firms, data brokers, or any third parties for promotional purposes.  

5. Data Security Measures  

In fulfillment of DTA Objective 5 (Data Governance and Cybersecurity) and our institutional commitment to data protection, KASITDA implements a multi-layered security framework:  

A. Encryption Protocols

All data transmissions to and from our website are secured through industry-standard Transport Layer Security (TLS) encryption, ensuring protection against interception during electronic transfer.  

B. Access Management Systems  

We enforce strict role-based access controls, requiring multi-factor authentication for personnel handling sensitive data, with access privileges regularly reviewed and updated.  

C. Infrastructure Security  

Our technical systems incorporate advanced network security measures including firewalls, intrusion detection systems, and routine vulnerability assessments managed by the Kano State Computer Emergency Response Team (CERT).  

D. Data Retention and Disposal 

Personal data is retained only for the duration necessary to fulfill its collection purposes, after which it is securely erased or anonymized in accordance with our Records Management Policy.  

6. Data Subject Rights and Recourse  

Consistent with NDPR provisions, all individuals whose data we process retain specific rights which may be exercised through formal requests:  

A. Right to Access  

You may submit a written request to obtain confirmation about whether your personal data is being processed and receive a copy of such data in a structured, commonly used format.  

B. Right to Rectification

Where any personal data we maintain is inaccurate or incomplete, you have the right to request prompt correction or supplementation of the relevant information.  

C. Right to Erasure  

Under specific circumstances defined by law, you may request the deletion of your personal data from our active systems, subject to any overriding legal or operational requirements.  

D. Right to Restriction of Processing

You may request a temporary suspension of data processing activities while accuracy disputes are resolved or when processing legality is under review.  

E. Right to Lodge Complaints  

Should you have concerns regarding our data practices, you may contact our designated Data Protection Officer or escalate matters to the National Information Technology Development Agency (NITDA) as the regulatory authority.  

Contact Information for Data Rights Requests:  

KASITDA Data Protection Office 

Email: dpo@kasitda.ng

7. Cookies and Automated Technologies  

Our website employs cookies and similar tracking mechanisms to enhance functionality and user experience:  

A. Essential Cookies

Strictly necessary cookies enable core website functions such as page navigation and access to secure areas. These cannot be disabled without impairing service delivery.  

B. Analytical Cookies  

We utilize tools such as Google Analytics to collect aggregated data about website traffic and user interactions, which informs our continuous improvement efforts.  

C. Preference Management  

Users may configure browser settings to block or delete cookies, though this may degrade certain website features. Detailed instructions for cookie management are available in our Cookie Policy.  

8. External Website Links

The KASITDA website may contain hyperlinks to third-party digital platforms operated by partner organizations or government entities. We explicitly disclaim responsibility for the privacy practices or content of these external sites and strongly advise users to review their respective privacy policies before engaging with them.  

9. Policy Review and Updates  

This Privacy Policy remains subject to periodic review and revision to reflect evolving legal requirements, technological advancements, or operational changes. Substantive modifications will be communicated through prominent website notices, with the “Last Updated” date clearly indicated. Continued use of our services following such updates constitutes acceptance of the revised terms.  

10. Contact Information 

For all privacy-related inquiries, requests, or concerns, please utilize the following official channels:  

Kano State Information Technology Development Agency 

Attn: Data Protection Office 

Email: dpo@kasitda.ng

Authorized Approval

This Privacy Policy is formally endorsed under the authority of:  

Bashir Abdu Muzakkari, PhD  

Director-General/Chief Executive Officer  

Kano State Information Technology Development Agency  

Strategic Alignment Documentation

This policy directly operationalizes provisions from:  

1. Pillar 7 (Cybersecurity and Data Governance) of the KASITDA Strategic Roadmap (2025-2030)  

2. Objective 5 (Data Governance and Cybersecurity) of the Kano State Digital Transformation Agenda  

3. The institutional Core Value of Integrity as defined in KASITDA’s foundational documents  

All definitions, processing purposes, and data subject rights articulated herein derive their legal basis from the Nigeria Data Protection Regulation (NDPR 2019) and supplementary state-level data governance frameworks.