• An official website of the FCT-LRO

Contact FCT-LRO   |   Staff Email  

Twitter Facebook Ovaicon-instagram

PRIVACY POLICY

Data Privacy and Protection Policy

1. Institutional Framework
The Commission’s Privacy Policy is anchored on the provisions of the Nigeria Data Protection Act (NDPA) and the Nigeria Data Protection Regulation (NDPR) issued by the National Information Technology Development Agency (NITDA). We also align with international data ethics frameworks such as the General Data Protection Regulation (GDPR) and relevant FATF guidelines for information security in financial and gaming transactions.
Through this policy, the FCT-LRO ensures that:
All personal and corporate data collected by gaming operators are processed lawfully, fairly, and transparently.
Data is used solely for its intended regulatory and operational purposes.
Consent mechanisms, retention limits, and user rights are respected and documented.
Security controls and encryption protocols are maintained to prevent unauthorized access, misuse, or breach.
Our regulatory mission extends beyond compliance enforcement. It includes creating a secure digital infrastructure that safeguards stakeholders while enabling innovation.
A strong privacy framework:
Protects players and operators from cyber fraud and identity theft.
Builds consumer confidence in the legitimacy of gaming operations.
Reinforces Nigeria’s reputation as a responsible and secure digital investment destination.
Supports national cybersecurity goals and complements AML/CFT (Anti-Money Laundering and Countering the Financing of Terrorism) initiatives.
Without robust data governance, the integrity of gaming transactions, financial reporting, and tax remittance could be compromised. Thus, privacy protection is inseparable from economic growth, technological integrity, and social accountability in our industry.
All licensed gaming operators and affiliates are required to:
Maintain updated and transparent privacy policies in accordance with FCT-LRO directives.
Notify the Commission promptly in the event of any data incident or breach.
Conduct periodic internal audits and staff training on data management and cybersecurity.
Integrate player self-exclusion, data anonymization, and privacy-by-design principles into their digital platforms.
Failure to comply will attract regulatory penalties in accordance with the existing FCT gaming laws, data protection statutes, and other applicable federal enactments.
As we continue to digitize regulatory operations and modernize our platforms, the Commission reaffirms its role as both a protector and enabler — protecting citizens’ rights while enabling sustainable industry advancement. We will work closely with NITDA, the NDPC (Nigeria Data Protection Commission), and other cybersecurity agencies to ensure full alignment with national standards.
Our overarching goal is to make the FCT gaming environment a benchmark of digital responsibility in Nigeria and across Africa — where innovation thrives hand-in-hand with ethical governance.
In safeguarding data, we safeguard trust. And in safeguarding trust, we strengthen the very foundation of this industry.