Become a Member

Privacy Notice

Effective Date: March 1, 2025

 

  1. Introduction

Welcome to the Virtual Asset Service Providers Association (VASPA) (“we,” “our,” or “us”). As Africa’s network for virtual asset innovators, regulators, and service providers, we are committed to protecting your privacy and ensuring that your personal data is handled in a safe, transparent, and compliant manner.

 

This Privacy Notice explains how we collect, use, disclose, and safeguard your information when you visit our website (www.vaspa.org), subscribe to our newsletter, apply for membership, participate in our initiatives (such as Project Green-White-Green), or otherwise interact with us. This Notice is designed to strictly comply with the Nigeria Data Protection Act (NDPA) 2023 and the Nigeria Data Protection Regulation (NDPR) 2019.

 

  1. The Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

 

  • Identity Data: First name, last name, username or similar identifier, title, and organization affiliation.
  • Contact Data: Billing address, operational address, email address, and telephone numbers.
  • Professional Data: Information related to your role in the virtual asset, blockchain, or fintech ecosystem, regulatory registrations, and company details required for membership vetting.
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
  • Usage Data: Information about how you use our website, programs, and services.
  • Marketing and Communications Data: Your preferences in receiving newsletters, industry updates, and marketing from us, as well as your communication preferences.

 

  1. How We Collect Your Data

We use different methods to collect data from and about you, including through:

 

  • Direct Interactions: You may give us your Identity, Contact, and Professional Data by filling in forms (such as membership applications, surveys, or the “Contact Us” form) or by corresponding with us by post, phone, email, or otherwise.
  • Automated Technologies: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns by using cookies, server logs, and other similar technologies.

 

  1. Lawful Basis for Processing

Under the NDPA 2023 and NDPR 2019, we will only use your personal data when the law allows us to. We rely on the following lawful bases:

 

  • Consent: Where you have provided clear consent for us to process your personal data for a specific purpose (e.g., subscribing to the VASPA newsletter).
  • Performance of a Contract: Where processing is necessary for the performance of a contract to which you are a party (e.g., executing and managing your VASPA membership).
  • Legal Obligation: Where we need to comply with a legal or regulatory obligation.
  • Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) to operate our association and advocate for the virtual asset industry, provided your interests and fundamental rights do not override those interests.

 

  1. How We Use Your Data

We use your personal data for the following purposes:

  • To process and manage your membership application and ongoing membership with VASPA.
  • To send you newsletters, updates on policy roadmaps, industry insights, and invitations to events and masterminds.
  • To respond to your inquiries, support requests, or “Contact Us” submissions.
  • To improve our website, services, advocacy efforts, and member experiences.
  • To maintain the security and integrity of our platform.

 

  1. Data Sharing and Third Parties

We do not sell, trade, or otherwise transfer your personal data to outside parties without your consent, except in the following circumstances:

 

  • Service Providers: We may share data with trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties are bound by Data Processing Agreements (DPAs) requiring them to keep this information confidential and secure in accordance with the NDPA.
  • Legal and Regulatory Authorities: We may disclose your data where required by law, subpoena, or other legal processes, or to protect the rights, property, or safety of VASPA, our members, or others.

 

  1. Data Security

We have implemented appropriate technical and organizational security measures designed to protect your personal data from accidental loss, unauthorized access, alteration, or disclosure. Access to your personal data is strictly limited to those employees, agents, contractors, and other third parties who have a legitimate business need to know.

 

  1. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

 

  1. Your Legal Rights

Under the NDPA and NDPR, you have the following rights regarding your personal data:

 

  • Right to Access: Request access to the personal data we hold about you.
  • Right to Rectification: Request correction of any inaccurate or incomplete data we hold about you.
  • Right to Erasure: Request the deletion of your personal data where there is no good reason for us continuing to process it.
  • Right to Object: Object to the processing of your personal data where we are relying on a legitimate interest.
  • Right to Restriction: Request the restriction of processing of your personal data under certain conditions.
  • Right to Data Portability: Request the transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format.
  • Right to Withdraw Consent: Withdraw consent at any time where we are relying on consent to process your personal data.

 

To exercise any of these rights, please contact us using the details below.

 

  1. International Data Transfers

If we need to transfer your personal data to a country outside Nigeria, we will ensure that such transfer is carried out in compliance with the NDPA and NDPR. We will ensure that the recipient country has adequate data protection laws as determined by the Nigeria Data Protection Commission (NDPC) or that appropriate safeguards (such as Standard Contractual Clauses) are firmly in place.

 

  1. Changes to this Privacy Notice

We may update this Privacy Notice from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new Privacy Notice on this page and updating the “Effective Date.”

 

  1. Contact Us

If you have any questions about this Privacy Notice, our data protection practices, or if you wish to exercise your legal rights, please contact our Data Protection Officer (DPO) at:

 

Virtual Asset Service Providers Association (VASPA)

Address: Ventures Park, 5 Kwaji Close, Maitama, Abuja FCT, Nigeria

Email: info@vaspa.org

Phone: +234 916 4618 395

 

Be part of a vibrant community revolutionizing the virtual asset industry. Register now and unlock exclusive opportunities to grow, learn, and lead in Africa’s digital economy.

Join VASPA Today
  • +2349164618395
  • info@vaspa.org

Founded in 2024, the Virtual Asset Service Providers Association (VASPA) is a Pan-African industry body registered as an Incorporated Trustee with the Corporate Affairs Commission in Nigeria (CAC IT: 79069970), comprising individual, corporate, and institutional members from across Africa. Join us to shape the future of virtual asset in Africa.

Newsletter

© Copyright 2025 Davytun - All Rights Reserved.