Last updated: June 2025
Privacy Policy for CybrX IT
1. Introduction
At CybrX IT, we value the privacy rights of our users and are committed to protecting the information collected through our services, applications, and websites accessed through internet-enabled hardware devices including personal computers, desktop computers, mobile devices, or via media channels and third-party hosts (collectively the "Services"). The CybrX IT.com and the associated mobile application (the "Site") is provided by CybrX IT Limited ("CybrX IT" or the "Company") and throughout the Site, the terms "we", "us" and "our" refer to CybrX IT.
This Privacy Policy (the "Policy") explains what information we may collect about you when you use or access the Services and how we collect, store, disclose, transfer, protect, and otherwise process that information for the purposes of operating and providing the Services. It also sets out your rights and who you may contact for further information.
All personal data you provide to us will be collected and processed in accordance with the Nigeria Data Protection Regulation (NDPR), the General Data Protection Regulation (GDPR), and all applicable data protection laws. We are committed to safeguarding your information and ensuring it is kept confidential. Your data will only be accessed by authorised personnel, affiliates, and service providers where necessary, and solely for the purpose of delivering and supporting our services.
Certain products, services, or materials available on our Site may interact with, be incorporated into, or be offered alongside third-party services and content. These may include, but are not limited to, advertising networks, payment processors, analytics providers, and other third-party data providers. We do not own, control, or assume responsibility for these third-party services or their content, and neither our Terms of Use nor this Privacy Policy apply to them. We are not liable for the practices of any third-party websites or services linked to or from our Site or Applications, including the collection, use, or handling of your information, and you should review the terms of use and privacy policies governing any third-party services you engage with.
By using our Site and Services, you acknowledge and agree that we have no control over third-party services and content that you choose to interact with or authorize to access your information. If you grant a third-party website or service access to your personal information, you do so at your own risk.
Our Site and services are not intended for your use if we are prohibited by the laws of any jurisdiction from making the information on our Site available to you. The use of our Site and services is also not permitted where it would be contrary to any local law or regulation.
BY USING THE SITE, YOU CONSENT TO THE PROCESSING OF ALL PERSONAL DATA PROVIDED TO US IN THE MANNER AND FOR THE PURPOSES DESCRIBED BELOW.
2. Definitions
"Consent" means the consent of the Data Subject which must be a freely given, specific, informed, and unambiguous indication of the Data Subject's wishes by which they (by a statement or by a clear affirmative action) signify their agreement to the processing of personal data relating to them;
"Data Controller" means the natural or legal person or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data. For the purposes of this Policy, CybrX IT is the data controller of all personal data relating to Data Subjects;
"Data Processor" means a person or organisation which processes personal data on behalf of a Data Controller. This includes CybrX IT, its employees and third-party service providers;
"Data Protection Legislation" means all relevant data protection and privacy laws and regulations, including but not limited to the Nigeria Data Protection Act (NDPA) 2024, the Nigeria Data Protection Regulation (NDPR) 2019, the General Data Protection Regulation (GDPR), and any other applicable laws or regulations governing the processing, protection, and privacy of personal data;
"Data Subject" means a living, identified, or identifiable individual whose Personal Data is held by CybrX IT;
"Personal Data" means any information relating to a Data Subject who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that Data Subject;
"Personal Data Breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed;
"Processing" means any operation or set of operations performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3. Consent
3.1. Where the processing of your personal data is based on consent, we shall obtain the requisite consent at the time of collection of the personal information. In this regard, you consent to the processing of your personal information upon accessing our platforms or using our services, content, features, technologies, or functions offered on our Site, digital platforms or visit any of our offices for official or non-official purposes. You can withdraw your consent at any time by contacting [email protected] , but such withdrawal will not affect the lawfulness of the processing of your data based on consent given before its withdrawal.
3.2. Where your personal data is to be processed for a different purpose that is incompatible with the purpose or purposes for which that personal data was originally collected that was not disclosed to you when you first provided your consent, we will obtain your consent to the new purpose or purposes.
4. Age Restriction
You affirm that you are over 18 years old and have the right to contract in your own name, and that you have read this Policy, including the above authorisation and fully understand its contents.
5. Data Protection Principles
The Data Protection Legislation sets out the following principles with which anyone handling personal data must comply. We, including our employees, agents, contractors and third-party service providers comply with the following principles when collecting, processing or storing your personal data. All Personal Data must be:
5.1. processed lawfully, fairly, and transparently with clear information provided to the Data Subject about why and how we process the Personal Data;
5.2. collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
5.3. adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed;
5.4. accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased, or rectified without delay;
5.5. kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the personal data is processed. Personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to implementation of the appropriate technical and organisational measures required by the Data Protection Legislation in order to safeguard the rights and freedoms of the Data Subject;
5.6. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
6. Information We Collect
In providing our services to you, we collect certain personal and non-personal information about you. Our policy is to keep this information confidential and strictly safeguarded, and to use or disclose it only as needed to provide services to you, or as permitted or required by law.
We collect a variety of information from users and visitors to our Site. As described below, some information is automatically collected when you visit our website, some you provide to us when responding to a request, filling out a form, or communicating with us.
6.1 Types of Information. The type of information we collect varies depending on the activity and may include personally and non-personally identifiable information.
6.1.1. Personally Identifiable Information
This refers to information that lets us know the specifics of who you are. When you engage in certain activities on the Site, such as register for an account, enter a tournament, post content in the user forums, sign up for our newsletters or email lists, or send us feedback, we, or our third-party payment processor may ask you to provide certain information about yourself, including:
- Basic account information (name, email address, password, date of birth, social media handles, username and password);
- Profile information (including avatar images you upload);
- Location Information (for example, your IP address, country, state, or city of residence);
6.1.2 Non-Personally Identifiable Information
CybrX IT may collect non-personally identifiable information that does not specifically identify or is not directly associated with a specific user. Examples of non-personally identifiable information that we may collect about you include:
- Electronic Network Activity Information (for example, your device hardware model, operating system, browser type, and interaction with our Site and games);
- Communications (for example, e-mails and chat messages with you for customer support, feedback, and interaction related to your use of our services) or
- Inferences that we have derived from the information we've collected (for example information collected through cookies and similar technologies, which help us understand how you use our Site and services, and to enhance your overall experience.
6.2. Information Collected Automatically. Whenever you use our services or visit our Site, we may, as permitted by law, collect certain information automatically from your browser or device. Specifically, the information we collect automatically may include:
6.2.1 Your device's IP address;
6.2.2 Device Information e.g. your device type, hardware model, operating system, and unique device identifiers;
6.2.3 Browser Information e.g. your browser type, and version;
6.2.4 Geographic Location e.g. country, state, or city
6.2.5 Device Usage Data e.g. Information about how your device interacts with our Site, including page access, links clicked, and other browsing activities.
We may assign a unique identification number to your set of interactions. This information helps us understand our visitors better, including where they come from and which content is of interest. We use this data for internal analytics purposes and to improve the quality and relevance of our services.
Some of this information may be collected using cookies and similar tracking technologies. We provide information on how to adjust your preferences and opt out of tracking at any time.
6.3. Information You Provide Us. We collect personal information that you provide voluntarily through our web pages and our Site. Depending on the services you use, this may include information provided when you:
6.3.1 Access and use our Site (for example, when you post in or comment in our message board, forums, news blogs, chatrooms, or other Online Services;
6.3.2 Register for Online Services, products, and special events;
6.3.3 Subscribe to newsletters or alerts;
6.3.4 Purchase downloadable content, virtual items or Online Services;
6.3.5 Request technical support;
6.3.6 Participate in polls, surveys, and questionnaires, or
6.4. The Type of Information we Collect: When you use an application on a Social Networking Site ("SNS"), you allow us to access certain information from your profile from that SNS. The information you allow us to access is affected by the privacy settings you establish at the SNS. For example, our Facebook applications may access and store some or all of the following information, as allowed by you, the SNS and your preferences:
- your "basic information" you have shared with everyone on the SNS (which may include your profile picture or its URL);
- your friends list, your user ID number, which is linked to publicly available information such as name and profile photo; or
- other information indicated as part of the "Request for Permission" prompt from the SNS.
6.4.1 Your agreement to share this information takes place when you "accept" (or similar terms) one of our applications on an SNS. Once your information is received from an SNS, that information is stored and used by us in accordance with this Privacy Policy. The Company is not responsible for the terms, policies, disclosures or actions of any SNS.
6.4.2 If we ask you to provide any other personal information not described above, the information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point that you are asked to provide your information.
6.5. Information provided by your device usage: When you use the Site on internet-enabled hardware, the Company may receive information regarding your activities without any additional notice to you or actions taken by you. The Company will not receive personal data such as your name and address but may receive other information such as your IP address, MAC address or other device ID, other device use information, or other information and statistics regarding your usage of our services.
Information about your activities may be collected while you are offline and transmitted to the Company when you next connect to the Internet, whether or not you are currently logged into your internet connection from your mobile device, computer, or other gaming platform.
The Company may combine the information with your personal data and use such information as set forth in this Privacy Policy, whether or not you register for or use the Online Services. The Company may also monitor information by automated means to ensure that software and services are used in accordance with applicable policies, including the Terms of Service. The Company reserves the right to terminate your access to use the services if you violate these policies.
7. How we Process your Personal Information
7.1. We may process data about your use of our Site and services ("usage data"). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the Site and services. The legal basis for this processing is to provide our services and to monitor and improve our services, web and mobile applications.
7.2. We may process the information you provide us when opening an account on our platform ("profile data"). The profile data may include your name, address, telephone number, email address, social media handles, and date of birth. The profile data may be processed for the purpose of providing you with our gaming content and services, processing tournament entry payments, funding your wallet, handling payments, and communicating with you about our products, services and promotional orders. The legal basis for this processing is your consent and the performance of a contract between you and us.
7.3. We may process your billing information for the purpose of providing you with our services, processing tournament entry payments, funding your wallet and to prevent and detect fraud and abuse in order to protect the security of our customers, and our payment partners.
7.4. We may process information contained in any enquiry you submit to us regarding our services ("enquiry data"). The enquiry data may be processed for the purposes of offering, marketing and providing you with detailed information on our services. The legal basis for this processing is your consent to access our services.
7.5. We may process information contained in or relating to any communication that you send to us ("correspondence data"). The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is for the proper administration of our Site and business and communications with our users.
7.6. We may process any of your personal data identified in this Policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this process is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
7.7. In addition to the specific purposes for which we may process your personal data set out in this section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Please do not supply any other person's personal data to us unless you have obtained such person's consent to do so.
8. Legal basis for using your Personal Data
8.1. We collect your personal data primarily to provide you with efficient services, enhance our Site, and for other legitimate interests. Your information will be used and disclosed for the following purposes:
8.1.1. to verify your identity;
8.1.2. to fulfil our contractual obligations ensuing from any contracts entered into between you and us;
8.1.3. to provide your requested products, services and information;
8.1.4. to assist you with enquiries and improve our customer service;
8.1.5. to conduct marketing analysis and customer profiling (including analysing transactional data, conducting research, creating statistical and testing information to serve you better and personalise content you receive form us;
8.1.6. to communicate with you using methods such as e-mail, telephone, text, or multimedia messages to stay in touch;
8.1.7. for billing and account management;
8.1.8. for our internal administrative purposes
8.1.9. to prevent and detect fraud or loss by implementing proactive measures;
8.1.10. to update our records, keeping your information current and accurate;
8.1.11. to provide recommendations and suggestions to you about services offered by us unless you have previously asked us not to do so;
8.1.12. to send you service or support messages, such as updates, security alerts, email notifications and /or newsletters;
8.1.13. to conduct investigations and risk assessments; and
8.1.14. to comply with legal and regulatory obligations.
8.2. Employees, agents, contractors, or other parties working on behalf of CybrX IT shall collect your personal data only to the extent required for the performance of their job duties and only in accordance with this Policy. Excessive Personal Data must not be collected.
8.3. Employees, agents, contractors, or other parties working on behalf of CybrX IT shall process your Personal Data only when the performance of their job duties requires it. Your Personal Data held by CybrX IT cannot be processed for any unrelated reasons.
9. Data Accuracy
Your Personal Data must be accurate and kept up to date. In this regard, CybrX IT shall ensure that any data it collects and/or processes is accurate and not misleading in a way that could be harmful to you; make efforts to keep your Personal Data updated where reasonable and applicable; and make timely efforts to correct or erase your Personal Data when inaccuracies are discovered.
10. Data Confidentiality
Your information is regarded as confidential and will not be disclosed to any third parties, except under legal and/or regulatory conditions. You have the right to request copies of any and all of your information in our possession if such requests are made in compliance with applicable laws. While we are responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes but is not limited to, adopting, and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorised officers of CybrX IT.
11. Data Retention
11.1. We will retain your personal information for as long as your account remains active, as necessary to provide you with our services, or to comply with legal, regulatory and statutory obligations. We may also retain your data to verify your identity or fulfil other legitimate business purposes.
11.2. CybrX IT is statutorily obligated to retain the data you provide to process transactions, ensure settlements, manage account activities, prevent fraud, and comply with applicable laws and regulatory guidelines. Therefore, even after you close your account with CybrX IT, we may retain certain data to meet these obligations.
11.3. CybrX IT will not retain personal data longer than necessary for the purpose for which it was originally collected, held, and processed. For example, we retain your gameplay data, account information, and other relevant user data to provide you with our services. Unless we are legally required to retain it for a longer period or we receive a valid request to erase your data, personal data will be retained even after you cease actively using our services or products.
12. Other Information We Collect from Other Sources
We may receive your information from third-party sources, such as identity verification services, affiliate marketing partners, third-party advertisers, and other service providers. For example, third-party platforms or partners may provide us with your full name, address, and phone number to support your registration or participation in our tournaments, games and services. Service providers may return verification results derived from biometric data for security purposes, and affiliate marketing partners may share personal information to confirm your use of our services.
13. Disclosures
13.1. We will not sell, publish, or disclose to third parties your personal data collected on our Site, through our servers or otherwise obtained by us, other than to provide our services and as set forth in this Policy. We may share generic aggregated demographic information not linked to any personally identifiable information regarding visitors and users with our business partners, trusted affiliates, professional advisers and advertisers for the purposes outlined above. We may share your information with these third parties for those limited purposes if you have given us your permission and in compliance with the Data Protection Legislation.
13.2. We may request and provide personal data about you from and to third parties to provide our services. We may share personal data with service providers, affiliates, partners, and other third parties where it is necessary to provide the products and services, or for any other purposes described in this Privacy Policy.
13.3. Your personal data may be provided as necessary to the following categories of recipients: security services, professional advisory services (including legal, accounting, and auditing advice), payment processors, fraud detection services, data storage and information processing providers, marketing and online communications technology services, and other trusted third parties with whom we have agreements for the protection of your information. Additionally, we may disclose data to government, regulatory, or law enforcement agencies in response to legally binding orders.
13.4. We will notify you as soon as we become aware of a harmful data breach which may result in a risk of your rights and freedom.
13.5. You have the right to request an erasure of your data at any time.
13.6. We will notify you if we are transferring your data.
13.7. You may request at any time that we halt further dissemination of your data or cease to use your data.
13.8. If you submit content in a public forum or a social media post, or use a similar feature on our Site, that content is publicly visible.
13.9. We may disclose Personally Identifiable Information if required to do so by law or in the good faith belief that such action is necessary to (a) conform with the requirements of the law or comply with legal process served on us, or (b) act in urgent circumstances to protect the personal safety of users of our service or members of the public.
13.10. To the extent practicable and legally permitted, we will attempt to advise you prior to any such disclosure, so that you may seek a protective order or other relief limiting such disclosure.
14. Transfer of Personal Data
14.1. Third Party Processor
We may engage the services of third parties in order to process your personal data. The processing by such third parties shall be governed by a written contract with CybrX IT to ensure adequate protection and security measures are put in place by the third party for the protection of your personal data in accordance with the terms of this policy and the Data Protection Regulation.
14.2. International Transfers
We have offices and facilities in the Federal Republic of Nigeria, United Kingdom and the United States of America (USA). To operate our business and provide you with our services, we may send your personal information to our other offices which may be outside your country of origin or residence. Your personal information may be subject to the laws of the countries where we send it. When we send your information outside of your country of origin or residence, we shall ensure your personal information is protected, and only send your information to countries that have strong data protection laws.
14.3. Transfer of Personal Data to a Foreign Country
14.3.1. Where your personal data is to be transferred to a country other than the one from where you access our Site, we shall put adequate measures in place to ensure the security of such data. In particular, we shall, among other things, conduct a detailed assessment of whether the said country uses adequate data protection laws.
14.3.2. Transfer of your personal data to a foreign country would be in accordance with the provisions of applicable laws. We will therefore only transfer your personal data on one of the following conditions:
a. your explicit consent has been obtained;
b. the transfer is necessary for the performance of a contract between you and CybrX IT;
c. the transfer is necessary to conclude a contract between CybrX IT and a third party in your interest;
d. the transfer is necessary for reason of public interest;
e. the transfer is for the establishment, exercise or defense of legal claims;
f. the transfer is necessary in order to protect your vital interests or the interests of other persons, where you are physically or legally incapable of giving consent.
14.4. Provided in all circumstances, that you have been manifestly made to understand through clear warnings of the specific principle(s) of data protection that are likely to be violated in the event of transfer to a third country, this provision shall not apply to any instance where you are answerable in duly established legal action for any civil or criminal claim in another country.
14.4.1. We will take all necessary steps to ensure that your personal data is transmitted in a safe and secure manner. Details of the protection given to your information when it is transferred shall be provided to you upon request.
15. Your Rights
Subject to certain limitations and exceptions, you are entitled to the following principal rights under the Data Protection Legislation:
15.1. you have the right to be notified if we are transferring your personal information;
15.2. you have the right to object to the processing of your personal data;
15.3. you have the right to file a complaint against a Data Processor with the relevant authority;
15.4. you have the right to request an erasure of your personal data at any time;
15.5. you have the right to request that we rectify inaccurate personal information;
15.6. you may request at any time that we halt further dissemination of your data or cease to use your personal information; and
15.7. you have the right to request for copies of your personal information.
16. Website Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We use encryption tools when accepting and transmitting delicate visitor information through our Site. We implement access control measures, ensuring that only authorised personnel have access to critical user data with multi-factor authentication (MFA) in place. We conduct routine security audits and assessments to address and identify vulnerabilities Some of the other safeguards we use are firewalls and physical access controls to our data centres, and information access authorization controls.
17. Training
We shall ensure that employees who collect, access and process your personal data receive adequate data privacy and protection training in order to develop the necessary knowledge, skills and competence required to effectively manage the compliance framework under this policy and the Data Protection Legislation with regard to the protection of personal data. On an annual basis, we shall develop a capacity building plan for our employees on data privacy and protection in accordance with the Data Protection Legislation.
18. Use of Cookies
We use cookies to identify you as a user and make your user experience easier, customise our services, content and advertising; help you ensure that your account security is not compromised, mitigate risk and prevent fraud; and to promote trust and safety on our Site. Cookies allow our servers to remember your account log-in information when you visit our Site, IP addresses, date and time of visits, monitor web traffic and prevent fraudulent activities. If your browser or browser add-on permits, you have the choice to disable cookies on our Site; however, this may limit your ability to use our Site.
19. Security of Personal Data
To protect your personal data, CybrX IT follows industry-standard practices and implements reasonable safeguards to ensure the security, integrity, and confidentiality of the information you provide. We have security measures in place designed to guard against loss, misuse, and unauthorised alteration of the information under our control. Personal data collected by CybrX IT is stored in secure operating environments that are not accessible to the public. We employ access control and encryption techniques to prevent unauthorised electronic access, with information collected online stored behind firewall-protected servers. We also enable user privacy controls which allows users to manage their privacy settings, request data deletion or opt out of marketing communications.
However, no system can be 100% secure, and to the fullest extent permitted by applicable law, we assume no liability for unauthorised access to your information. It is also your responsibility to maintain the confidentiality and strength of your login credentials.
In the event of a Personal Data breach that could affect your rights and freedoms, we will notify you as soon as reasonably practicable.
20. Data Breach Management Procedure
20.1. In the event where there is any accidental or unlawful destruction, processing, loss, alteration, unauthorized disclosure of, or access to your personal data, we shall:
20.1.1. notify you within 24 hours of the occurrence of the data breach;
20.1.2. properly investigate the breach and take the necessary steps to mitigate such breach;
20.1.3. identify remediation requirements and track the resolution of such breach; and
20.1.4. notify the Information Commissioner's Office or any other regulatory authority, where necessary.
21. Links to Third Party Websites
21.1. Our Site may contain links to third-party websites or services that are not owned or controlled by us.
21.2. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party websites or services. You further acknowledge and agree that we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods or services available on or through any such websites or services.
21.3. We strongly advise you to read the terms and conditions and privacy policies of any third-party websites or services that you visit.
22. Limitation of Liability
We exercise reasonable efforts to safeguard the security and confidentiality of your personal data; however, we will not be liable for unauthorised disclosure of personal data that occurs through no fault of ours.
23. Changes to this Privacy Policy
We reserve the right to make changes to this Privacy Policy in order to reflect any changes in data protection laws or our internal policies. We will endeavour to notify you of such changes but, in accepting these terms, you hereby undertake to regularly check for an updated version of this document at CybrX IT.com/privacy for as long as you use the Online Services. If necessary, we will give you additional choices regarding such changes. As far as permitted by applicable law, your continued use of the Online Services will signify your acceptance of these changes, and the Privacy Policy as amended from time to time.
24. Contact Us
If you would like more information or you have any comments or questions on our Privacy Policy, please contact us at [email protected]
This policy is effective as of June 12, 2025.
