Don Climax Ventures Limited (“Don Climax”, “we”, “us”, “our”) is a full-service bonded terminal providing services including off-dock terminal operations, empty container operations, bonded container clearing and delivery, trucking and haulage services, warehousing, and related logistics services.
In providing these services, we collect and process personal data of individuals including customers, consignees, shippers, drivers, visitors, employees, contractors, agents, and other persons whose information may be required for regulatory, operational, security, and service delivery purposes.
This Data Privacy Policy explains how we collect, use, store, share, and protect personal data, and the rights available to data subjects under applicable Nigerian law, including the Nigeria Data Protection Act, 2023 (NDPA) and regulations issued by the Nigeria Data Protection Commission (NDPC).
This Policy applies to:
- Customers and client representatives
- Consignees, shippers, importers, exporters
- Drivers and transport operators
- Visitors to our terminals and warehouses
- Vendors, contractors, and agents
- Employees and job applicants
- Any other individuals whose personal data we process in the course of our business
This Policy covers processing done through:
- Physical forms and documents
- Emails and telephone communications
- CCTV systems and access control
- Our websites, portals, and digital platforms
- Third-party systems used in clearing and logistics operations
- Personal Data: Any information that identifies or can identify a person (e.g., name, phone number, NIN, driver’s licence, passport, email, address).
- Processing: Any operation performed on personal data (collection, storage, use, disclosure, deletion, etc.).
- Data Subject: The individual to whom the personal data relates.
- Controller: A person or company that determines why and how personal data is processed.
- Processor: A person or company that processes personal data on behalf of a controller.
- Third-Party Management Policy
Depending on the service, we may collect the following categories of personal data:
4.1 Customer and Client Data
- Full name
- Company name and position
- Phone number and email address
- Business address
- Identification documents (where required)
- Billing and payment details
- Correspondence and instructions
4.2 Clearing and Regulatory Documentation
- Consignee details
- Importer/exporter representative details
- Customs documentation and references
- Identification information included in clearing documents
- Delivery orders and release information
4.3 Driver and Transport Data
- Driver’s full name and phone number
- Driver’s licence details
- Vehicle registration number
- Driver ID card / union ID (where applicable)
- Entry and exit logs
- Proof of delivery details and acknowledgements
4.4 Terminal, Warehouse, and Visitor Data
- Visitor names, phone numbers, and organisations
- Visitor logs and access records
- CCTV footage and security recordings
- Vehicle and container movement logs
4.5 Employment and Vendor Data
- CVs and employment records
- Guarantor information (where applicable)
- Bank account details (for payroll/vendor payments)
- Next of kin details
- Tax and pension details
- Health and safety incident reports (where applicable)
We collect personal data through:
- Direct submission by customers and representatives
- Physical documents and regulatory filings
- Instructions received by email, WhatsApp, telephone, or in person
- Forms completed at our terminal, warehouse, or office
- Security access points, visitor logs, and CCTV
- Third parties such as clearing agents, shipping lines, or regulatory bodies (where lawful)
We process personal data only where lawful under the NDPA, including where processing is necessary for:
6.1 Performance of a Contract
To provide terminal operations, clearing, haulage, warehousing, delivery, and logistics services.
6.2 Compliance with Legal Obligations
To comply with laws and regulatory requirements, including Customs, port security, tax, employment, and safety obligations.
6.3 Legitimate Interests
For security, fraud prevention, service improvement, operational planning, and dispute resolution, provided such interests do not override your rights.
6.4 Consent
Where we request consent, for example for optional marketing communications.
6.5 Protection of Vital Interests
In rare cases where necessary to protect life or safety, such as emergency incidents within the terminal.
We process personal data for purposes including:
- Providing bonded terminal and off-dock terminal services
- Receiving, storing, and releasing containers
- Empty container handling and documentation
- Clearing and delivery coordination
- Trucking, haulage, and dispatch management
- Warehouse inventory and goods movement management
- Customer service and communication
- Issuing invoices, receipts, and managing payments
- Regulatory reporting and compliance, including Customs requirements
- Security, access control, and incident management
- Preventing theft, fraud, and unauthorized access
- Recruitment, HR management, and payroll
- Dispute resolution and enforcement of legal rights
We may share personal data with:
- Government and regulatory authorities (e.g., Nigeria Customs Service, NDLEA, NPA, SON, and other competent authorities)
- Shipping lines, freight forwarders, and clearing agents
- Banks, auditors, and professional advisers
- IT service providers and cloud service providers
- Security service providers
- Insurance providers
- Logistics partners and subcontractors
- Courts, law enforcement agencies, or other parties where required by law
We only share personal data where it is necessary and lawful, and we take appropriate steps to ensure that
third parties handle personal data in a
secure and
confidential manner.
Where personal data is transferred outside Nigeria (for example, where our IT or cloud service providers host systems abroad), we ensure that:
- Appropriate safeguards are in place
- Transfers comply with NDPA requirements and NDPC guidance
We apply appropriate technical and organisational measures to protect personal data, including:
- Access controls and role-based permissions
- Password and authentication controls
- Secure storage of physical documents
- CCTV and security monitoring
- Staff confidentiality obligations
- Vendor due diligence and data protection clauses
- Incident detection and response procedures
- Regular review of security measures
While we take strong precautions, no system is 100% secure. Users are encouraged to protect their information and report any suspected data breach.
We retain personal data only for as long as necessary for:
- Service delivery
- Regulatory compliance
- Accounting and audit purposes
- Security and incident investigation
- Dispute resolution
Retention periods may vary depending on the type of record. When personal data is no longer required, we securely delete or destroy it in line with applicable laws and internal procedures.
Under the NDPA, you may have the right to:
- Request access to your personal data
- Request correction of inaccurate or incomplete data
- Object to processing in certain circumstances
- Request deletion of personal data (where applicable)
- Request restriction of processing
- Request data portability (where applicable)
- Withdraw consent (where processing is based on consent)
- Lodge a complaint with the Nigeria Data Protection Commission (NDPC)
These rights are not absolute and may be limited where we must retain data for legal, regulatory, or contractual reasons.
Our terminal, warehouse, and office premises may be monitored by CCTV and other security systems for:
- Protection of persons, containers, goods, and assets
- Access control and incident investigation
- Regulatory and safety compliance
CCTV footage may be accessed only by authorized personnel and may be shared with law enforcement agencies where required.
Where we operate a website or online portal, we may use cookies and similar technologies to:
- Improve user experience
- Maintain session security
- Track website performance and usage trends
Users may control cookies through their browser settings. Where required, we will request consent for non-essential cookies.
In the event of a personal data breach, we will:
- Investigate and contain the breach promptly
- Assess risks to affected individuals
- Notify the Nigeria Data Protection Commission (NDPC) where required
- Notify affected individuals where there is a high risk to their rights and freedoms
- Take remedial measures to prevent recurrence
Our services are not intended for children. We do not knowingly collect personal data from children unless required by law or under exceptional circumstances. Where we become aware that we have collected children’s data unlawfully, we will take steps to delete it.
We may update this Policy periodically to reflect:
- Legal or regulatory changes
- Operational changes
- Improvements in security and data governance
Updates will be published through our
official channels. Continued use of our services after updates constitutes
acceptance of the revised Policy.
This Policy has been reviewed and approved by the Management of Don Climax Ventures Limited. It shall be reviewed periodically or upon significant changes in applicable laws or operational processes
