+234 (1) 453 9639 | 0802 701 2454 | customerservice@globalviewng.com

Data Breach Policy

  1. Introduction

    1. GlobalView Capital Limited collects, holds, processes, and shares personal data, a valuable asset that needs to be suitably protected.

    1. Every care is taken to protect personal data from incidents (either accidentally or deliberately) to avoid a data protection breach that could compromise security.

    1. Compromise of information, confidentiality, integrity, or availability may result in harm to individual(s), reputational damage, detrimental effect on service provision, legislative non-compliance, and/or financial costs.

  1. Purpose and Scope

    1. GlobalView Capital Limited is obliged under Data Protection legislation to have in place an institutional framework designed to ensure the security of all personal data during its life cycle, including clear lines of responsibility.

    1. This policy sets out the procedure to be followed to ensure a consistent and effective approach is in place for managing data breach and information security incidents across GlobalView Capital Limited.

    1. This policy relates to all personal and special categories (sensitive) data held by GlobalView Capital Limited regardless of format.

    1. This policy applies to all employee of GlobalView Capital Limited. This includes temporary, out-source or agency staff and contractors, consultants, suppliers and data processors working for, or on behalf of the GlobalView Capital Limited.

    1. The objective of this policy is to contain any breaches, to minimise the risk associated with the breach and consider what action is necessary to secure personal data and prevent further breaches.

  1. Definitions / Types of breach

    1. For the purpose of this policy, data security breaches include both confirmed and suspected incidents.

    1. An incident in the context of this policy is an event or action which may compromise the confidentiality, integrity or availability of systems or data, either accidentally or deliberately, and has caused or has the potential to cause damage to the GlobalView Capital Limited information assets and / or reputation.

    1. An incident includes but is not restricted to, the following:

      1. loss or theft of confidential or sensitive data or equipment on which such data is stored (e.g. loss of laptop, USB stick, iPad / tablet device, or paper record);

      2. equipment theft or failure;

      3. system failure;

      4. unauthorised use of, access to or modification of data or information systems;

      5. attempts (failed or successful) to gain unauthorised access to information or IT system(s);

      6. unauthorised disclosure of sensitive / confidential data;

      7. website defacement;

      8. hacking attack;

      9. unforeseen circumstances such as a fire or flood;

      10. human error;

      11. blagging’ offences where information is obtained by deceiving the organisation who holds it.

  1. Reporting an incident

Any individual who accesses, uses or manages GlobalView Capital Limited information is responsible for reporting data breach and information security incidents immediately to the Data Protection Officer via dpo@globalviewng.com

    1. If the breach occurs or is discovered outside normal working hours, it must be reported as soon as is practicable.

    1. The report must include full and accurate details of the incident, when the breach occurred (dates and times), who is reporting it, if the data relates to people, the nature of the information, and how many individuals are involved. An Incident Report Form should be completed as part of the reporting process (refer to [The data Breach report form]).

  1. Containment and recovery

    1. The Data Protection Officer (DPO) will first determine if the breach is still occurring. If so, the appropriate steps will be taken immediately to minimise the effect of the breach.

    1. An initial assessment will be made by the DPO in liaison with relevant officer(s) to establish the severity of the breach and who will take the lead investigating the breach, as the Lead Investigation Officer (this will depend on the nature of the breach; in some cases it could be the DPO).

    1. The Data Protection Officer will establish whether there is anything that can be done to recover any losses and limit the damage the breach could cause.

    1. The Data Protection Officer will establish who may need to be notified as part of the initial containment and will inform the police, where appropriate.

    1. The Data Protection Officer, in liaison with the relevant officer(s) will determine the suitable course of action to be taken to ensure a resolution to the incident.

  1. Investigation and risk assessment

    1. An investigation will be undertaken by the DPO With the Head of Information Technology / Head Internal Control department immediately and wherever possible, within 24 hours of the breach being discovered / reported.

    1. The DPO With the Head of Information Technology / Head of Internal Control department will investigate the breach and assess the risks associated with it, for example, the potential adverse consequences for individuals, how serious or substantial those are and how likely they are to occur.

    1. The investigation will need to take into account the following:

      1. the type of data involved;

      2. its sensitivity;

      3. the protections in place (e.g. encryptions);

      4. what has happened to the data (e.g. has it been lost or stolen;

      5. whether the data could be put to any illegal or inappropriate use;

      6. data subject(s) affected by the breach, number of individuals involved and the potential effects on those data subject(s);

      7. whether there are wider consequences to the breach.

  1. Notification

    1. The DPO with the Head of Information Technology / Head of Internal Control department, in consultation with relevant colleagues will establish whether the Authority will need to be notified of the breach, and if so, notify them within 72 hours of becoming aware of the breach, where feasible.

    2. Every incident will be assessed on a case by case basis; however, the following will need to be considered:

      1. whether the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms under Data Protection legislation;

      2. whether notification would assist the individual(s) affected (e.g. could they act on the information to mitigate risks?);

      3. whether notification would help prevent the unauthorised or unlawful use of personal data;

      4. whether there are any legal / contractual notification requirements;

      5. the dangers of over notifying. Not every incident warrants notification and over notification may cause disproportionate enquiries and work.

    1. Individuals whose personal data has been affected by the incident, and where it has been considered likely to result in a high risk of adversely affecting that individual’s rights and freedoms, will be informed without undue delay. Notification will include a description of how and when the breach occurred and the data involved. Specific and clear advice will be given on what they can do to protect themselves, and include what action has already been taken to mitigate the risks. Individuals will also be provided with a way in which they can contact GlobalView Capital Limited for further information or to ask questions on what has occurred.

    1. The Data Protection Officer must consider notifying third parties such as the police, insurers, banks or credit card companies. This would be appropriate where illegal activity is known or is believed to have occurred, or where there is a risk that illegal activity might occur in the future.

    1. A record will be kept of any personal data breach, regardless of whether notification was required.

  1. Evaluation and response

    1. Once the initial incident is contained, the DPO will carry out a full review of the causes of the breach; the effectiveness of the response(s) and whether any changes to systems, policies and procedures should be undertaken.

    2. Existing controls will be reviewed to determine their adequacy, and whether any corrective action should be taken to minimise the risk of similar incidents occurring.

    1. The review will consider:

      1. where and how personal data is held and where and how it is stored;

      2. where the biggest risks lie including identifying potential weak points within existing security measures;

      3. whether methods of transmission are secure; sharing minimum amount of data necessary;

      4. staff awareness;

      5. implementing a data breach plan and identifying a group of individuals responsible for reacting to reported breaches of security.

    1. If deemed necessary, a report recommending any changes to systems, policies and procedures will be considered by GlobalView Capital Limited.

  1. Policy Review

    1. This policy will be updated as necessary to reflect best practice and to ensure compliance with any changes or amendments to relevant legislation.

    1. This policy was last reviewed in February 2022.

fake richard mille
There are not many functions of richard mille replica, except for the basic time display, there is only a very powerful tourbillon function. Its time display function has only two hands, hour and minute hands. Although it cannot display the time accurately to the second, it has a good effect on the overall style of the watch. The diameter of the tourbillon is 10.90 mm, and its position is just in the mouth of the skull. It can be said that the position is very classic. When the watch is working, the tourbillon is spinning fast in the skull's mouth, faintly visible through the gaps of the cage-shaped teeth made of rose gold, giving people not only a mechanical beauty but also an indescribable feeling. It can be said that it is a kind of awe of death, or it is a shock of immortal imagery. In short, let go of your thinking, on this fast-moving tourbillon, your thoughts have no end. This watch also uses a back-through design. The movement of the movement and the operation of the tourbillon can also be seen through the back of the watch. This watch is also known as a fine product in terms of machinery.
The latest and best quality materials in today's watch field are used in conjunction with precious metals to make it surrounded by a luxurious and noble aura when it is born. The detailed processing of each screw and each plane is a manifestation of its high quality. It perfectly combines the unconventional skull design with the tourbillon technology that Richard Mille is famous for. It gives people visual enjoyment and brings us thinking about the ultimate problem of life, which is evocative. endless. Coupled with a movement that has applied many advanced technologies to show the beauty of machinery in front of people, its performance is beyond doubt!