Privacy Policy
Last Updated: January 2026
1. Introduction
ANOC Professional Services ("ANOC", "we", "us", or "our") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website anoc.ng or engage our professional services.
We comply with the Nigeria Data Protection Act (NDPA) 2023, the Nigeria Data Protection Regulation (NDPR) 2019, and all applicable data protection laws and professional standards governing chartered accountants.
Your Privacy Rights
By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, please do not use our website or services.
2. Information We Collect
2.1 Personal Information You Provide
We collect information that you voluntarily provide to us when you:
Contact Information
Name, email address, phone number, business address, job title, and company name when you contact us or request our services.
Financial & Business Information
Financial statements, tax records, business documents, banking information, and other data necessary to provide our professional services.
Communication Data
Information contained in emails, messages, or other communications you send to us.
Identity Verification
Government-issued IDs, Tax Identification Numbers (TIN), BVN, CAC documents, and other information required for regulatory compliance and KYC procedures.
2.2 Information Automatically Collected
When you visit our website, we automatically collect certain information:
- •Device Information: IP address, browser type, operating system, device identifiers
- •Usage Data: Pages viewed, time spent on pages, links clicked, referral sources
- •Cookies & Tracking: Information collected through cookies and similar technologies (see our Cookie Policy)
2.3 Information from Third Parties
We may receive information about you from:
- •Government agencies, regulatory bodies, and public registries (CAC, NRS, etc.)
- •Credit bureaus and financial institutions
- •Professional referrals and business partners
- •Publicly available sources
3. How We Use Your Information
We use the information we collect for the following purposes:
Service Delivery
- •Provide audit, accounting, tax, and advisory services
- •Process transactions and manage engagements
- •Prepare reports and deliverables
Communication
- •Respond to inquiries and support requests
- •Send service updates and important notices
- •Provide industry insights and thought leadership
Compliance & Legal
- •Comply with legal and regulatory obligations
- •Perform KYC/AML checks
- •Maintain professional standards
Security & Improvement
- •Protect against fraud and security threats
- •Improve our website and services
- •Analyze usage and performance
4. Legal Basis for Processing (NDPA 2023)
Under the NDPA 2023, we process your personal data based on the following legal grounds:
Contractual Necessity
Processing is necessary to perform our engagement agreement and provide the services you requested.
Legal Obligation
Processing is required to comply with Nigerian laws, regulations, and professional standards (ICAN, FRCN, NRS, etc.).
Legitimate Interests
Processing is necessary for our legitimate business interests, such as fraud prevention, network security, and improving our services.
Consent
Where required, we obtain your explicit consent for specific processing activities, such as marketing communications.
5. How We Share Your Information
We may share your information with the following parties:
Professional Service Providers
We engage third-party service providers who perform services on our behalf:
- •IT service providers and cloud storage providers
- •Specialized consultants and expert advisors
- •Payment processors and financial institutions
All third parties are bound by confidentiality agreements and data processing agreements.
Regulatory & Government Authorities
We may disclose information to regulatory bodies, tax authorities, law enforcement, and courts when required by law or to comply with legal process (NRS, EFCC, NITDA, FRCN, etc.).
Professional Advisors
We may share information with our legal counsel, auditors, and insurance providers as necessary for professional advice and risk management.
Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity, subject to the same privacy protections.
We Will Never:
- ✗Sell your personal information to third parties
- ✗Share your information for marketing purposes without your consent
- ✗Disclose confidential client information except as required by law or with your permission
6. Data Security
We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
Technical Safeguards
- SSL/TLS encryption for data transmission
- Encrypted data storage and backups
- Firewalls and intrusion detection systems
- Regular security audits and vulnerability assessments
Organizational Safeguards
- Role-based access controls
- Staff training on data protection and confidentiality
- Confidentiality agreements with all personnel
- Incident response and breach notification procedures
While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your information using industry best practices.
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy and to comply with legal, regulatory, and professional obligations.
Retention Periods
- Client Records:Minimum 6 years after engagement completion (as required by Nigerian law and professional standards)
- Audit Files:Minimum 7 years (FRCN and ICAN requirements)
- Tax Records:6 years (NRS requirement)
- Marketing Data:Until you withdraw consent or request deletion
- Website Data:Up to 2 years for analytics purposes
After the retention period expires, we securely delete or anonymize your personal data unless we are required to retain it for legal reasons.
8. Your Data Protection Rights
Under the NDPA 2023 and NDPR 2019, you have the following rights regarding your personal data:
Right to Access
Request a copy of the personal data we hold about you and information about how we process it.
Right to Rectification
Request correction of inaccurate or incomplete personal data we hold about you.
Right to Erasure
Request deletion of your personal data, subject to legal and professional retention obligations.
Right to Restrict Processing
Request that we limit how we use your personal data in certain circumstances.
Right to Data Portability
Receive your personal data in a structured, commonly used format and transmit it to another organization.
Right to Object
Object to processing of your personal data based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent
Withdraw your consent at any time where processing is based on consent.
How to Exercise Your Rights
To exercise any of these rights, please contact our Data Protection Officer at info@anoc.ng. We will respond to your request within 30 days as required by the NDPA 2023.
Note: Some rights may be limited by professional obligations (e.g., we cannot delete audit files required by law to be retained for 7 years).
9. International Data Transfers
Your personal data is primarily stored and processed in Nigeria. In some cases, we may transfer data to service providers located outside Nigeria (e.g., cloud storage providers).
When we transfer personal data internationally, we ensure that appropriate safeguards are in place as required by the NDPA 2023, including:
- •Transferring only to countries with adequate data protection laws as determined by NITDA
- •Using Standard Contractual Clauses approved by Nigerian regulators
- •Obtaining your explicit consent where required
- •Ensuring service providers implement appropriate technical and organizational measures
10. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children.
If you are a parent or guardian and believe we have collected information about a child, please contact us immediately at info@anoc.ng, and we will take steps to delete such information.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. For significant changes, we may also notify you via email.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
12. Contact Information & Complaints
If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:
ANOC Professional Services
Data Protection Officer
Address: No 1, Oyediran Street off Bode Thomas Street, Surulere, Lagos Nigeria
Phone: +234 803 304 3363 | +234 803 403 0156
Email: info@anoc.ng
Website: anoc.ng
Right to Lodge a Complaint
If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC):
NDPC Website: ndpc.gov.ng
Email: info@ndpc.gov.ng
Acknowledgment
By using our website or engaging our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.