Honoredge Legal Practice Logo
← Back to All Policies

Our Data Protection, Privacy & Confidentiality Policy (Privacy notice.

Last updated: November 7, 2025

Our Data Protection, Privacy & Confidentiality Policy (Privacy notice.

  1. Preamble
    Amas & Rhod Law is committed to protecting the privacy and confidentiality of all clients. As a legal practice handling sensitive information, we operate under strict ethical and legal obligations.

    This policy explains how we collect, use, store, protect, and disclose client information in compliance with:
    ● Nigeria Data Protection Act (NDPA) 2023
    ● Nigeria Data Protection Regulation (NDPR) 2019
    ● UK/EU General Data Protection Regulation (GDPR) — applicable only to clients who are based in the United Kingdom, European Union or who hold EU/EEA nationality.
    ● All other international Data protection laws and regulations relevant to clients’ jurisdictions.
  2. Scope and Applicability
    This policy applies to all clients who engage our services.
    ● If you are based in Nigeria or your data is processed within Nigeria, the Nigeria Data Protection Act and NDPR apply to you.
    ● If you are based in the United Kingdom, European Union (EU/EEA) or hold citizenship of an EU member country, the GDPR also applies to the processing of your data, in addition to the NDPA and NDPR.
    ● If you are based in any other country different from the ones mentioned above, data protection laws or regulations of your country of residence/origin will apply, in addition to the NDPA and NDPR.
  3. Legal Basis for Processing
    AMAS & RHOD LAW Under NDPA (Section 24) and GDPR (Article 6),
    we process your data based on one or more of the following:
    ● Your consent, where voluntarily given.
    ● Performance of a contract, where data is necessary to provide legal services.
    ● Compliance with legal obligations, including anti-money laundering and regulatory laws.
    ● Legitimate interests, such as conflict of interest checks and internal record keeping.
  4. Information We Collect
    Depending on your case or inquiry, we may collect:
    ● Identification details such as name, address, nationality, NIN, or passport information.
    ● Contact details such as residential or office address, phone number and email.
    ● Legal case information, financial records, asset details, family records, criminal records or company information.
    ● Health or sensitive information, only where relevant to your case and with explicit consent.
  5. How We Use Client Data
    We use your information strictly for lawful and professional purposes, including:
    ● Providing legal advice, case preparation, and representation.
    ● Conducting conflict-of-interest checks.
    ● Complying with Anti-Money Laundering laws, such as the Money Laundering (Prevention and Prohibition) Act 2022.
    ● Administrative communication, billing, third parties correspondence and record management. ● Meeting obligations imposed by courts, regulators, or enforcement agencies.
  6. Confidentiality
    All client communications and documents are treated as confidential and privileged, in accordance with:
    ● Rule 19 of the Rules of Professional Conduct for Legal Practitioners (Nigeria).
    ● General principles of attorney-client privilege. We do not disclose client information except:
    ● Where you give express permission.
    ● Where required by law, court order, or regulatory authority.
    ● Where necessary to prevent serious harm, fraud, or criminal conduct.
  7. Data Retention
    AMAS & RHOD LAW Case files and client records are retained for a minimum of six (6) years after the conclusion of a matter, or longer where legal or regulatory rules require it. You may request deletion or restriction of your data where applicable, but certain records must be kept for legal compliance.
  8. Your Rights
    You have the right to:
    ● Request access to your data.
    ● Request correction of inaccurate information.
    ● Withdraw consent where processing is based on consent.
    ● Request deletion of data in appropriate circumstances.
    ● Object to processing or request restriction where permitted by law. EU-based clients additionally have the right to data portability under GDPR.
  9. Data Transfers Outside Nigeria or the EU
    If your data is transferred across borders, we ensure that adequate protection safeguards are in place, as required under Section 41 of the NDPA and Chapter V of the GDPR.
  10. Complaints and Enquiries
    If you have any concerns about how your data or confidential information is being handled, you are required to raise the complaint directly with the Firm in the first instance through the following channel:
    Email : amasattorneys@gmail.com
    Subject: Data Protection and Privacy Complaints We will acknowledge and investigate your complaint promptly and aim to resolve it fairly and internally.

    If you are not satisfied with our resolution:
    ● Nigerian clients may escalate the matter to the Nigeria Data Protection Commission (NDPC).
    ● Clients based in the EU/EEA, UK or other countries may escalate to their local Data Protection Authority (DPA) in accordance with GDPR procedures.
  11. Statement of Acceptance
    By engaging our services or submitting your information, you acknowledge and accept this Privacy and Confidentiality Policy, subject to your legal rights.