tiktok˰

Book a demo

Consent Personal Information Form Template for Nigeria

Generate a bespoke document

  • England and Wales
  • Scotland
  • Northern Ireland
  • Ireland
  • United States
  • Alabama (USA)
  • Alaska (USA)
  • Arizona (USA)
  • Arkansas (USA)
  • California (USA)
  • Colorado (USA)
  • Connecticut (USA)
  • Delaware (USA)
  • Florida (USA)
  • Georgia (USA)
  • Hawaii (USA)
  • Idaho (USA)
  • Illinois (USA)
  • Indiana (USA)
  • Iowa (USA)
  • Kansas (USA)
  • Kentucky (USA)
  • Louisiana (USA)
  • Maine (USA)
  • Maryland (USA)
  • Massachusetts (USA)
  • Michigan (USA)
  • Minnesota (USA)
  • Mississippi (USA)
  • Missouri (USA)
  • Montana (USA)
  • Nebraska (USA)
  • Nevada (USA)
  • New Hampshire (USA)
  • New Jersey (USA)
  • New Mexico (USA)
  • New York (USA)
  • North Carolina (USA)
  • North Dakota (USA)
  • Ohio (USA)
  • Oklahoma (USA)
  • Oregon (USA)
  • Pennsylvania (USA)
  • Rhode Island (USA)
  • South Carolina (USA)
  • South Dakota (USA)
  • Tennessee (USA)
  • Texas (USA)
  • Utah (USA)
  • Vermont (USA)
  • Virginia (USA)
  • Washington (USA)
  • West Virginia (USA)
  • Wisconsin (USA)
  • Wyoming (USA)
  • Austria
  • Denmark
  • France
  • Germany
  • Lithuania
  • Luxembourg
  • Malta
  • Netherlands
  • Poland
  • Portugal
  • Romania
  • Slovakia
  • Slovenia
  • Spain
  • Sweden
  • Switzerland
  • Australia
  • New Zealand
  • Singapore
  • Hong Kong
  • India
  • Malaysia
  • Pakistan
  • United Arab Emirates
  • Qatar
  • Saudi Arabia
  • South Africa
  • Nigeria
  • Canada
  • Brasil
  • Monaco
  • Bermuda
  • Cayman Islands
  • Gibraltar
  • Isle of Man
  • Mauritius

What is a Consent Personal Information Form?

The Consent Personal Information Form is a crucial document required under Nigerian law for organizations that collect and process personal data. It has become particularly important following the implementation of the Nigeria Data Protection Regulation (NDPR) 2019, which mandates explicit consent for data processing activities. This document should be used whenever an organization intends to collect personal information from individuals in Nigeria, whether for business, service provision, or other purposes. The form serves multiple purposes: it ensures legal compliance, provides transparency about data processing activities, and protects both the data controller and data subject by clearly documenting the scope and nature of consent given. It must include specific disclosures required by the NDPR, such as the purpose of processing, types of data collected, retention periods, and data subject rights. The document is essential for establishing a lawful basis for data processing and maintaining proper documentation of consent as required by Nigerian privacy laws.

Frequently Asked Questions

Is a Consent Personal Information Form legally binding in Nigeria?

Yes, a properly executed Consent Personal Information Form is legally binding in Nigeria under the Nigeria Data Protection Regulation (NDPR) 2019. Once signed, it creates enforceable obligations for both the data controller and the data subject, and failure to comply can result in penalties up to 10 million Naira or 2% of annual gross revenue.

Can I collect personal data in Nigeria without a signed consent form?

No, under the NDPR 2019, you cannot collect personal data without explicit consent except in very limited circumstances like legal obligations or vital interests. Missing or incomplete consent forms can result in enforcement actions, fines, and potential suspension of data processing activities by NITDA.

How long does consent remain valid under Nigerian data protection law?

Under the NDPR 2019, consent does not have a fixed expiry date but must be reviewed regularly to ensure it remains valid for the original purpose. Data subjects can withdraw consent at any time, and consent becomes invalid if processing purposes change significantly from what was originally agreed.

How is a Consent Personal Information Form different from a privacy policy in Nigeria?

A Consent Personal Information Form is a specific document that captures individual consent for data processing, while a privacy policy is a general statement of data handling practices. The NDPR 2019 requires both - the consent form for legal basis and the privacy policy for transparency obligations to data subjects.

How long does it take to prepare a compliant Consent Personal Information Form for Nigeria?

Creating a NDPR-compliant Consent Personal Information Form typically takes 2-5 business days with legal review. This includes drafting appropriate consent language, ensuring all mandatory disclosures are included, and reviewing against NITDA guidelines for valid consent under Nigerian law.

Can foreign companies use Nigerian consent forms for data collected from Nigerians?

Yes, foreign companies processing personal data of Nigerian residents must comply with the NDPR 2019 regardless of where they are based. They must use compliant consent forms and may need to appoint a local representative in Nigeria if they don't have an establishment in the country.

Do children's consent forms require different language under Nigerian law?

Yes, under the NDPR 2019, processing children's personal data requires additional safeguards and parental consent for children under 18. The consent form must use age-appropriate language and clearly explain data processing in terms children can understand, with verifiable parental authorization required.

Reviewed by

Legal Engineer, GenieAI

A lawyer, legal researcher and legal tech founder, Swetha has built AI products deployed inside Tier 1 firms and enterprises. She ensures GenieAI's alignment with the latest regulation and executes testing on the legal robustness of Genie output.

Reviewed by

Legal Engineer, GenieAI

A Skadden-trained M&A lawyer, Imad advised on cross-border transactions and contractual risk before moving into legal AI. He reviews GenieAI's output for compliance and enforceability across our 150+ supported jurisdictions, as well as facilitating external benchmarking.

Jurisdiction

Nigeria

Reviewed by

&

Publisher

GenieAI

Category

Consent Form

Sector

Business

Cost

Free to use

Last updated

About the Consent Personal Information Form

A Consent Personal Information Form is your essential legal safeguard when collecting personal data in Nigeria. Under the Nigeria Data Protection Regulation (NDPR) 2019, you must obtain explicit, informed consent before processing any individual's personal information. This document serves as both your compliance tool and protection against potential privacy violations.

When do you need this document?

You need this form whenever you collect personal data from Nigerian residents or within Nigerian territory. This includes situations like customer registration, employee onboarding, marketing campaigns, research studies, or service applications. E-commerce businesses, healthcare providers, financial institutions, and tech companies particularly rely on these forms. Even if you're a foreign entity operating in Nigeria or targeting Nigerian customers, you must comply with NDPR requirements. The form is also crucial for organizations processing sensitive personal data such as health records, biometric information, or financial details, where stricter consent requirements apply.

Key legal considerations

Your consent form must clearly identify the data controller, specify the exact purpose of data collection, and list all types of personal information you'll process. You must explain your legal basis for processing, detail retention periods, and outline data subject rights including access, rectification, and erasure. The consent must be freely given, specific, informed, and unambiguous. You cannot bundle consent with other terms and conditions, and you must make withdrawal of consent as easy as giving it. For children under 18, you need parental or guardian consent. The form should also address data transfers to third parties or outside Nigeria, security measures you've implemented, and your data protection officer's contact details where applicable.

Legal requirements in Nigeria

The NDPR 2019 mandates that your consent mechanism meets specific standards. Section 2.2 requires that consent be documented and verifiable, while Section 2.3 outlines requirements for processing sensitive personal data. Your form must comply with Section 37 of the Nigerian Constitution, which guarantees privacy rights. You must also consider the Consumer Code of Practice Regulations 2007 for telecommunications-related data and the Cybercrimes Act 2015 for cybersecurity obligations. The Nigeria Data Protection Commission enforces these requirements and can impose penalties up to 10 million Naira or 2% of annual gross revenue for non-compliance. Your organization must also register with the NDPC if you process significant amounts of personal data, and maintain records of all processing activities as required by the regulation.

GOVERNING LAW

Applicable law

This Consent Personal Information Form is drafted to comply with Nigeria law. Key legislation includes:






Explore 208,390+ legal templates

Explore 208,390+ legal templates

Genie's Security Promise

Genie is the safest place to draft. Here's how we prioritise your privacy and security.

Your data is private:

We do not train on your data; Genie's AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

We are ISO27001 certified, so your data is secure

Organizational security:

You retain IP ownership of your documents and their information

You have full control over your data and who gets to see it