Olaniwun Ajayi LP

Privacy Policy

starpolicystar

Privacy Policy

Last Updated: 25 September 2025

1. Introduction

Olaniwun Ajayi LP (the Firm or We) is committed to safeguarding your privacy and protecting your Personal Data. This Privacy Policy outlines how we collect, use, store, and disclose Personal Data in the course of providing our legal services (our Services) and the measures we have in place to ensure the confidentiality, integrity and security of your Personal Data.

This Privacy Policy applies to information collected through our Website, subdomains, platforms, and other channels related to our Services. By accessing our Website, You confirm that You have read, understood, and agree to the collection, use, Processing, and disclosure of your Personal Data as described in this Privacy Policy.

By accessing our Website, using our Services or contacting us directly, You acknowledge that You have read and understood this Privacy Policy and agree to its terms. If You do not agree to this Privacy Policy, You should not engage with our Website or use our Services. We may update this Privacy Policy from time to time, and your continued use of the Website or our Services after we post the changes that do not significantly affect the use or disclosure of your Personal Data will constitute acceptance of those changes. If we make material changes that do affect how your Personal Data is used or disclosed, we will notify you via a notice on our website to ensure you are informed before such changes take effect.

2. Definitions

To help You understand this Privacy Policy clearly, the following defined terms are used throughout:

  • Automated Decision Making:Means the making of a decision, about an individual, based solely on automated means without any human involvement.
  • Client:Refers to any company, organisation, or individual who engages the Firm in respect of its Services.
  • Cookies:A small piece of data stored on your web browser by a website. Cookies help us recognise your browser, collect analytics, and remember your preferences (like language or login information) to enhance your experience on our Website.
  • Contact Data:Includes information such as your address (billing and operational), email address, and telephone numbers provided to us when engaging our Services or making inquiries.
  • Country:Refers to the Federal Republic of Nigeria, where Olaniwun Ajayi LP is incorporated and primarily conducts its Services.
  • Data Controller:Means an individual, private entity, public commission, agency or any other body who, alone or jointly with others, determines the purposes and means of Processing of Personal Data.
  • Data Protection Laws:Means the Nigeria Data Protection Act, 2023 (NDPA), the Nigeria Data Protection Act General Application and Implementation Directive, 2025 (the GAID), and any other ancillary laws regulating the use of Personal Data in the Country.
  • Firm:When this Privacy Policy mentions “Firm” “OALP” “we”, “us” or “our”, it refers to Olaniwun Ajayi LP, which is responsible for your Personal Data under this Privacy Policy.
  • Identity Data:Includes personal identifiers such as your full name, gender, date of birth, identification number, and other similar information.
  • IP address:Means a unique string of numbers assigned to your device when it connects to the internet. It may indicate the geographic location of the device accessing our Website.
  • NDPC:Refers to the Nigeria Data Protection Commission, the regulatory body overseeing data protection and privacy compliance in the Country.
  • Personnel:Refers to individuals employed by the Firm or contracted to provide services on the Firm’s behalf.
  • Personal Data:Any information relating to an identified or identifiable natural person.
  • Processing, Process, or Processed:Means any activity that involves the use of Personal Data or as the Data Protection Laws may otherwise define processing, processes or process. It includes any operation or set of operations which are performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Processing also includes transferring Personal Data to third parties but does not include the mere transit of Personal Data originating outside the Country.
  • Profiling or Profile:Refers to any form of automated processing of Personal Data to evaluate certain things about an individual.
  • Services:Refers to the legal and related professional services provided by the Firm.
  • Technical Data:Includes information such as your IP address, login data, browser type and version, time zone setting, device model, platform, and technology used to access our Website.
  • Usage Data:Refers to information automatically collected whenever You access or interact with our Services, which may include details such as your device identifiers, log-in information, location data, browser type, pages visited, links clicked, time spent on pages, and other technical information about your device and usage patterns.
  • Website:The Firm’s website, which can be accessed via this URL:https://olaniwunajayi.net
  • You:Refers to the individual or entity who interacts with the Firm or uses its Services and whose Personal Data may be collected or Processed by us.
3. Who We are and How to Contact Us

The Firm, with its principal place of business at The Adunola, Plot L2, 401 Close, Banana Island, Ikoyi, Lagos State, Nigeria, is committed to protecting your privacy. The Firm has branch offices in Nigeria (collectively referred to as “OALP Offices”). These branch offices are part of the same legal entity, and this Privacy Policy is issued on behalf of all OALP Offices. Accordingly, when we use the terms “Firm,” “OALP” “we,” “us,” or “our” in this Privacy Policy, we are referring to the Firm and OALP Offices, each of which is responsible for processing your Personal Data as relevant.

The Firm is the Data Controller and is responsible for your Personal Data.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If You have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the information set out below:

Email address:[email protected]
Postal address: The Adunola, Plot L2, 401 Close, Banana Island, Ikoyi, Lagos, Nigeria.

4. What Personal Data We Collect?

We collect Personal Data from You when You interact with us, such as when You visit our Website, complete an inquiry form, request our Services, subscribe to our communications, or participate in a survey. In the course of delivering our Services, we may also collect additional information necessary for Service delivery.

The Personal Data we collect and use may include, amongst other things:

  • Identity Data: Information such as your full name, your government-issued identity number, and your date of birth. This data is to enable us to verify your identity in order to offer our Services to You;
  • Contact Data: This is data that we use to contact You, such as your residential address, email address, and telephone number;
  • Usage Data: When You access the Services, our servers automatically collect Technical Data or record information about how You access our Services, including links You have clicked on, the length of visit on certain pages, unique device identifier, log-in information, location and other device details;
  • Biographicalinformation such as job title, employer, photograph and video or audio content including You;
  • Marketing, communication preferences and related information such as feedback and survey responses;
  • Billing and financial information such as billing address, bank account and payment information;
  • Servicesinformation such as details of services that we have purchased from You as a vendor;
  • Recordsof your discussions with us if we contact You and if You contact us; and
  • Other information:Some personally non-identifiable data may be collected when You interact with us through the Website. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify You. We may store such information itself or such information may be included in databases owned and maintained by us. We may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Website, and the domain names of our visitors’ internet service providers.
5. How We Collect Your Personal Data and Why We Have It

The Personal Data we have about You is directly made available to us when You:

  • Register to attend one of our events;
  • Use any of our Services;
  • Contact our customer support team;
  • Fill our online forms;
  • use our Website;
  • Contact us; and
  • Apply for a job with us.
6. Our Legal Basis for Processing your Personal Data

We only use your Personal Data for a specific purpose; and before we do so, we must have a legal reason. The lawful basis we rely on for processing your Personal Data by using our Services include:

  • Consent: Where You agree to us collecting your Personal Data by using our Services.
  • We have a contractual obligation: Where processing your Personal Data is necessary for us to provide our Services to You and to fulfil our contractual commitments.
  • We have a legal obligation: To ensure we are fully compliant with all applicable Data Protection Laws and other legislative, regulatory and legal requirements and obligations.
  • Legitimate Interests: We (or a third party) may process your Personal Data where it is necessary for our legitimate interests such as improving our Services or ensuring our IT security, provided that such interests are not overridden by your rights and freedoms.
  • To protect your vital interest.
  • For public interest.
7. How We May Use Your Personal Data

We may use your Personal Data that we collect:

  • To provide news and information services including email briefings and newsletters;
  • To give access to online tools and to invite You to events that we and our partners organise;
  • To maintain Client records;
  • To conduct Client due diligence and conflict checks when on-boarding a new Client;
  • To provide our Services and related relevant services; to manage and administer our business relationships, including to communicate with our Clients, and to manage billing and payments and to keep records;
  • To use data analytics to improve our Services, user experiences and to optimise service delivery;
  • For other purposes for which we provide specific notice at the time of collection; and
  • To comply with Data Protection Laws and any other applicable laws.


We will only use Your Personal Data for the stated purposes for which we collected it, unless we reasonably consider that we need to use it for another purpose and that purpose is compatible with the original purpose. If You wish to get an explanation as to how the Processing for the new purpose is compatible with the original purpose, please contact us at[email protected].

If we need to use your Personal Data for an unrelated purpose, we will notify You and we will explain the legal basis which allows us to do so.

Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

8. Do We Share the Information We Collect with Third Parties?

We may engage trusted third-party service providers to support the delivery of our Services, including but not limited to website hosting, server maintenance, data storage and management, email communication, analytics, and customer support. Where necessary, we may share your Personal Data and, in some cases, non-Personal Data with these service providers to enable them to perform such tasks on our behalf.

For analytics and Service improvement, we may share anonymised or aggregated Usage Data, such as IP addresses or browser types, with third-party analytics partners. This information may be used to help us understand user behaviour, optimise our digital platforms, and evaluate Service performance. These analytics partners may use such Usage Data to assess trends such as location, connection speed, device type, and usage patterns.

In addition to sharing your Personal Data or non-Personal Data with third-party service providers as stated above, we may disclose your Personal Data or non-Personal Data where we believe it is necessary or appropriate to:

  • comply with applicable laws, regulations, or legal processes (such as court orders or subpoenas);
  • respond to lawful requests from government or law enforcement agencies;
  • protect the rights, property, or safety of the Firm, our users, our Personnel, or others; or
  • detect, investigate, and help prevent fraud or other illegal activity.


We require all third parties with whom we share your Personal Data to respect its confidentiality and to Process it in accordance with applicable Data Protection Laws. They are not permitted to use your Personal Data for their own purposes and are only authorised to Process it as instructed by the Firm and solely for specified and legitimate purposes.

9. Is the Information Collected through the Firm’s Service or Website Secure?

We take appropriate technical, organisational and security measures to protect your Personal Data. These measures include physical safeguards, secure electronic systems, access controls, and managerial procedures designed to prevent unauthorised access, modification, or disclosure. Our information security framework is supported by policies, standards, and processes, and we require our staff, partners, and third-party providers with access to confidential information to comply with strict confidentiality and security obligations.

10. How Long Do We Keep Your Information?

We keep your information only so long as we need it to provide our Services to You and fulfill the purposes described in this Privacy Policy. This is also the case for anyone that we share your information with and who carries out Services on our behalf. When we no longer need to use your information and there is no need for us to keep it to comply with our legal or regulatory obligations, we either remove it from our systems or depersonalise it so that we can’t identify You.

11. What are Your Legal Rights

Under certain circumstances, you have rights under the Data Protection Laws in relation to your Personal Data. You have the right to:

  • Request accessto your Personal Data (commonly known as a “Data Subject Access Request”). This enables You to receive a copy of the Personal Data we hold about You and to check that we are lawfully Processing it.
  • Request correctionof the Personal Data that we hold about You. This enables You to have any incomplete or inaccurate Personal Data we hold about You corrected, though we may need to verify the accuracy of the new Personal Data You provide to us.
  • Request erasureof your Personal Data. This enables You to ask us to delete or remove Personal Data where there is no good reason for us continuing to Process it. You also have the right to ask us to delete or remove your Personal Data where You have successfully exercised your right to object to processing (see below) or where we may have Processed your information unlawfully or where we are required to erase your Personal Data to comply with applicable laws. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to You, if applicable, at the time of your request.

You should be aware that it is not technologically possible to remove each and every record of the information You have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a non-erasable form that will be difficult or impossible for us to locate.

  • Object to Processing of your Personal Data where:
    • You do not want us to process your Personal Data;
    • Your data is processed for direct marketing purposes. You shall have the right to object, at any time, to such processing, to the extent that it is related to such direct marketing.

You have the right to be expressly and manifestly offered the mechanism for objection to any form of Processing free of charge. Additionally, You may reach out to us at[email protected]to object to the Processing of your Personal Data.

We may, however, continue to process your Personal Data in instances where we demonstrate that we have a compelling legitimate basis to Process your information which overrides your rights and freedoms.

  • Request restriction of Processingof your Personal Data. This enables You to ask us to suspend the Processing of your Personal Data in the following scenarios:
    • If You want us to establish the accuracy of your Personal Data;
    • Where the extent of our use of your Personal Data is unlawful but You do not want us to erase it;
    • Where You need us to hold the Personal Data even if we no longer require it as You need it to establish, exercise or defend legal claims;
    • You have objected to our use of your Personal Data, but we need to verify whether we have an overriding legitimate basis to use it.
  • Request the transferof your Personal Data to You or to a third party. We will provide to You, or a third party You have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which You initially provided consent for us to use or where we used the information to perform a contract with You.
  • Withdraw consentat any time where we are relying on consent to Process your Personal Data. However, this will not affect the lawfulness of any processing carried out before You withdraw your consent. If You withdraw your consent, we may not be able to provide certain products or Services to You. We will advise You if this is the case at the time You withdraw your consent.
    • Lodge compliant with the NDPC.You have the right to lodge a complaint at any time with the NDPC if you believe that we have not handled your Personal Data in a lawful, fair, or transparent manner, or that your data protection rights have otherwise been infringed.
12. Automated Decision Making and Profiling

We do not Profile or carry out any Automated Decision Making with your Personal Data. Where the Firm intends to make automated decisions, we will update our Privacy Policy accordingly, obtain your consent and Process your Personal Data in compliance with all data protection principles.

13. Use of Artificial intelligence

We are committed to delivering innovative, client-focused legal services. As part of this commitment, we may responsibly leverage artificial intelligence (AI) technologies to enhance our capabilities, improve efficiency, and create value for our Clients. While AI may assist in our processes, all decisions concerning clients remain subject to human oversight and professional judgment.

Our principles and practices for the responsible and ethical use of AI across the Firm are to:

  • Uphold client confidentiality and data protection at all times.
  • Comply with all applicable legal, regulatory, and professional obligations.
  • Adopt only AI tools that are reliable, secure, and fit for purpose.
  • Ensure human oversight, professional judgment, and accountability for all AI-assisted work.
  • Provide training and guidance to our people to enable responsible AI use.
  • Strive to use AI fairly, inclusively, and in ways that respect privacy, human rights, and diversity.

We regularly review our use of AI to reflect evolving laws, and ethical standards. Our goal is to use AI safely and responsibly to support our clients and foster innovation in legal practice.

14. How Can You Exercise Your Data Privacy Rights?

If You wish to exercise any of the rights set out above, please contact us via our DPO in the following ways:

Email address: [email protected]

Postal address:  The Adunola, Plot L2, 401 Close, Banana Island, Ikoyi, Lagos, Nigeria.

Data Subject Request Form: Visit this link

You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances:

  • for performance of a public duty unless You have a compelling legitimate interest or right that may be abridged by reason of our non-compliance with your request.
  • for compliance with a legal ruling or obligation.
  • for performance of a task that is being carried out in the public’s interest or official authority.
  • for the establishment of a legal defence or in the exercise of other legal claims.

We may need to request specific information from You to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact You to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within a reasonable timeframe (usually within one month. Occasionally it could take us longer than one month if your request is particularly complex or You have made a number of requests. In this case, we will notify You and keep You updated.

15. What Are Your Available Remedies in the Case of a Breach?

In the case of a breach of any of the obligations with respect to your Personal Data, a data breach procedure is established and maintained in order to deal with incidents concerning Personal Data or privacy practices leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed. On notification of such breach, the Firm will investigate to determine if an actual breach has occurred, and the Firm will take the actions required to manage such breach.

In the event You believe we have breached any applicable law or this Privacy Policy, we would appreciate the chance to deal with your concerns before you approach the NDPC, so please contact us in the first instance.

16. How Do We Protect Your Information?

We implement a variety of security measures to maintain the safety of your Personal Data when You enter, submit, or access your Personal Data. We offer the use of a secure server. All supplied Personal Data is transmitted and encrypted into our database only to be accessible by those authorised with special access rights to such systems, and are required to keep the information confidential.

In addition, we limit access to your Personal Data to our Personnel who have a business need to know. They will only Process your Personal Data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected Personal Data breach and will notify You and the NDPC of the occurrence of a Personal Data breach where we are legally required to do so.

We cannot, however, ensure or warrant the absolute security of any information You transmit to the Firm or guarantee that your information in relation to our Service may not be accessed, disclosed, altered, or destroyed by a breach of any of our physical, technical, or managerial safeguards.

17. Could my Information be Transferred to Other Countries?

Personal Data may be stored and processed in any country where our data is stored by our third-party service providers. Information collected via our Website, through direct interactions with You, or from accessing our Services may be transferred from time to time to OALP Offices or Personnel or to third parties located throughout the world.  By submitting Your Personal Data to us, You agree to this transfer, storing and Processing.

Whenever we transfer your Personal Data out of the Country, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by NDPC; or
  • We will only transfer to an affiliate entity where we have an executed Binding Corporate Rules or Standard Contracting Clause applicable to all entities within the group or affiliate; or
  • We have obtained your consent, or this is in the interest of a legal obligation.

Please contact us if You want further information on the specific mechanism used by us when transferring your Personal Data outside Nigeria.

18. How Can You Exercise Your Data Privacy Rights?

If you wish to exercise any of the rights set out above, please contact us via our DPO.

19. Governing Law

This Privacy Policy is governed by the Data Protection Laws. You consent to the exclusive jurisdiction of the Nigerian courts in connection with any action or dispute arising between the parties under or in connection with this Privacy Policy.

The laws of the Country, excluding its conflicts of law rules, shall govern this Agreement and your use of the Website. Your use of the Website may also be subject to other local, state, national, or international laws.

20. Links to Other Website

This Privacy Policy applies only to this Website. We may display, include or make available third-party content (including data, information and other services) or provide on this Website links to other websites not operated or controlled by the Firm. We are not responsible for the content, accuracy, or opinions expressed in such websites, and such websites are not investigated, monitored, or checked for accuracy or completeness by us. Please remember that when You use a link to go from this Website to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our Website, is subject to that website, its rules, and policies. Such third parties may use their own cookies or other methods to collect information about You.

21. Cookies

The Firm uses Cookies to identify the areas of our Website that You have visited. We use Cookies to enhance the performance and functionality of our Website but are non-essential to the use of our Website.

In all cases in which we use Cookies, we will not collect Personal Data or use information gathered for tracking purposes except with your permission. Most web browsers can be set to disable the use of Cookies. However, if You disable Cookies, You may not be able to access functionality on our Website correctly or at all. We never store Personal Data in Cookies.

Different browsers make different controls available to you. Disabling a cookie or category of Cookies does not delete the cookie from your browser; You will need to do this yourself from within your browser. You should visit your browser’s help menu for more information.

For more information about the Cookies we use and how to change your cookie preferences, please see our Cookie Policy.

22. Changes To Our Privacy Policy

We may make changes to this Privacy Policy from time to time to reflect changes in law, our practices, or our Services. In the event of a change to this Privacy Policy, the ‘Last Updated’ date of this Privacy Policy shall be indicative of any update. Any modifications shall be effective immediately upon posting the updated Privacy Policy on the Website. We will attempt to notify You of any modifications to this Privacy Policy, but we generally advise You to regularly visit this page to keep track of changes, if any.

23. Contact Us

Do not hesitate to contact us if you have any questions via[email protected]