DATA PRIVACY STATEMENT
Last Updated: March 6, 2026
Our Commitment to Data Protection
Levarcon Consulting (“Levarcon,” “we,” “us,” or “our”) is committed to protecting personal
data entrusted to us in the course of providing digital transformation and cybersecurity
consulting services. This Data Privacy Statement describes the principles, controls, and
governance measures we apply to support lawful, responsible, and secure data processing.
This statement is intended to complement our Privacy Policy and applies across our
operations in the United States, Nigeria, and other jurisdictions where we operate or may
operate in the future.
- Data Protection Principles
Levarcon processes personal data in accordance with the following principles:
Lawfulness, Fairness, and Transparency
We process personal data only where a lawful basis exists and provide clear information
about how and why data is processed.
Purpose Limitation
Personal data is collected for specific, legitimate business purposes and is not used in a
manner incompatible with those purposes.
Data Minimization
We limit data collection to what is relevant and necessary for identified purposes.
Accuracy
We take reasonable steps to ensure personal data is accurate and kept up to date.
Storage Limitation
Personal data is retained only for as long as necessary and is securely deleted or
anonymized thereafter.
Integrity and Confidentiality We apply appropriate technical and organizational safeguards to protect personal data
against unauthorized or unlawful processing.
Accountability
We maintain internal policies, documentation, and oversight mechanisms to demonstrate
compliance with applicable data protection laws.
- Data Protection Measures
Levarcon maintains a risk-based information security and privacy program that includes:
* Encryption of data in transit and at rest where appropriate
* Role-based access controls and least privilege principles
* Multi-factor authentication for critical systems
* Network and endpoint security controls
* Secure development and change management practices
* Monitoring, logging, and incident response procedures
Specific technical implementations may vary based on operational needs and risk assessments.
- Individual Rights
Subject to applicable law, individuals may have rights to:
* Access personal data held about them
* Request correction of inaccurate or incomplete data
* Request deletion of personal data
* Object to or restrict certain processing
* Request data portability
* Withdraw consent where processing is based on consent
Requests may be submitted to Contact@levarcon.com. We may require identity verification
and will respond within legally required timeframes.
- Data Breach Management
Levarcon maintains procedures to identify, assess, and respond to data security incidents.
Where required by law, we will notify relevant supervisory authorities and affected
individuals without undue delay.
- Third-Party Processing and Transfers
Where we engage third parties to process data on our behalf, we require contractual
commitments to confidentiality, security, and lawful processing.Personal data may be transferred across borders where necessary. When required,
appropriate safeguards are implemented to support lawful international transfers.
- Privacy by Design and Governance
Privacy considerations are incorporated into business processes and system design where
relevant. We periodically review our data protection practices and provide training to
personnel with data handling responsibilities.
- Contact Information
For data privacy questions or to exercise your rights, please contact:
Levarcon Consulting
Email: Contact@levarcon.com