Privacy policy

PRIVACY POLICY

CITY DISTRIBUTION TECHNOLOGY AND SOLUTIONS COMPANY LIMITED

City Distribution Technology and Solutions Company Limited ("we"/ "us"/ "our"/ "City Distro") is committed to protecting the privacy and personal data of our customers, partners, and users (collectively, "you"/ "your") of our services and website. This Privacy Policy (the "Policy") outlines how we collect, use, disclose, and safeguard your personal data in accordance with the Nigerian Data Protection Act 2023 (NDPA) and other applicable data protection laws.

2. THE INFORMATION WE COLLECT

2.1 We may collect and process the following categories of personal data:

2.1.1 Identity Data: This includes your full name, date of birth, and National Identification Number (NIN)
2.1.2 Contact Data: This includes your phone number, residential or business address, state or country of residence, and email address.
2.1.3 Location Data: This includes general geographic location based on your IP address or device settings, used to improve service delivery and enhance user experience
2.1.4 Financial Data: This includes debit or credit card details, bank account numbers, and transaction details such as amount and receipt of payment.
2.1.5 Behavioural and Predictive Data: This includes data generated or inferred through analytics tools or Artificial Intelligence (AI), such as usage patterns or preferences.
2.1.6 Marketing and Communications Data: This includes records of your communication preferences (e.g., opting in or out of marketing communications), as well as communications you have with us via phone calls (including call recordings), online chats, emails, or other channels

2.2 We ensure that all personal data collected is limited to what is necessary for the purpose for which it is processed and in line with the NDPA. If any of the personal data we hold about you is inaccurate, outdated, or incomplete, you have the right to request that it be corrected or updated. We will take reasonable steps to verify your identity before making any changes. To exercise this right, please contact us using the details provided in the "Contact Information" section of this Policy.

3. HOW WE COLLECT YOUR PERSONAL DATA

3.1 We collect personal data in the following ways:

3.1.1 Directly from You: When you register on our platform, fill out forms, communicate with us via email or phone, subscribe to our services, or interact with our Platform features.
3.1.2 Automatically: When you use our website or services, we may collect certain information automatically through cookies, server logs, and similar technologies (e.g., IP address, device information, and usage data).
3.1.3 From Third Parties: We may receive personal data about you from third parties such as payment processors, logistics providers, publicly available sources, social media platforms (if you connect your account), or marketing partners.
3.1.4 Through Analytics and AI Tools: We may analyse behavioural data from your interaction with our services to improve user experience, detect fraud, and personalize services.

4. HOW WE USE YOUR PERSONAL DATA

4.1 We use your data for the following purposes:

4.1.1 To comply with legal obligations and respond to regulatory requests;
4.1.2 To process and fulfil your orders, including payments and deliveries
4.1.3 To create, maintain, and manage your account on our Platform
4.1.4 To send you marketing communications (unless you opt out of receiving our marketing mailings);
4.1.5 To improve our services, website functionality, and overall customer experience
4.1.6 To communicate with you regarding our services, support requests, and promotional offers
4.1.7 To develop, upgrade, enhance, or expand our services;
4.1.8 To conduct customer surveys, collect feedback, or carry out research and analytics
4.1.9 To detect, prevent, and address fraud, security breaches, or other unlawful activity
4.1.10 For any other lawful purpose for which we obtain your prior consent

4.2 Lawful bases for processing include consent, performance of a contract, compliance with legal obligations, and our legitimate interests.

5. SHARING YOUR PERSONAL DATA

5.1 We may share your personal data with trusted third parties under the circumstances outlined below. All disclosures are limited to what is necessary for the relevant purpose, and such third parties are required to maintain the confidentiality and security of your data:

5.1.1 Service Providers: We may share your data with third-party service providers who support our operations, such as payment processors, logistics partners, IT service providers, and customer support providers. These parties are contractually bound to use your information only for the services they provide to us and to protect your data.
5.1.2 Legal and Regulatory Disclosures: We may disclose your data if required to do so by law, regulation, legal process, or governmental request, including in response to court orders or investigations.
5.1.3 Professional Advisers: We may share your data with our legal advisers, auditors, insurers, and other professional consultants, provided they are subject to confidentiality obligations.
5.1.4 Governmental or Financial Authorities: We may share information with regulatory bodies, tax authorities, financial institutions, and other agencies when required for lawful business operations or compliance.
5.1.5 With Your Consent: In any other situation not expressly covered above, we will request your explicit consent before sharing your personal data for a specific purpose. You will be informed of the nature of the disclosure and have the right to withhold or withdraw your consent.
5.1.6 Business Transfers: If City Distro undergoes a merger, acquisition, restructuring, or asset sale, your data may be transferred as part of that transaction, provided the receiving entity agrees to respect your data rights in a manner consistent with this Policy.

5.2 All third-party recipients are notified of the confidential nature of your information and are required to keep it secure and use it only for the authorised purpose.

6. INTERNATIONAL DATA TRANSFERS

6.1 The personal data we collect may be stored, processed, and transferred to countries outside Nigeria where data protection laws may differ. Where such international transfers occur, City Distro will ensure they are made in compliance with the Nigerian Data Protection Act (NDPA) and that adequate safeguards are in place to protect your personal data.

6.2 By using our services or providing your personal data, you acknowledge and consent to the possibility of such transfers, subject to the protections described in this Policy.

7. CHILDREN

7.1 The services and applications offered by City Distro are not intended for users under the age of eighteen (18) without obtaining parental consent. We do not knowingly or directly collect any personal data from users in this age group.

7.2 If we discover that have unintentionally or inadvertently collected personal information from a minor, we will take prompt steps to investigate the matter and delete the personal data from our records.

7.3 Please note that in some instances, legal or regulatory requirements may prevent the complete deletion of such data. Accordingly, while we will take all reasonable steps to remove the information, we cannot guarantee that all traces of it will be permanently deleted from our systems or the internet.

8. DATA SECURITY

8.1 We use industry-standard encryption protocols to protect the transmission of personal information between your browser and our servers. We take reasonable steps to ensure that the personal information we collect is accurate, complete, and up-to-date. Upon receiving your information, we employ stringent procedures and security features to mitigate the risk of unauthorized access.

8.2 However, in the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal information, City Distro shall, within 72 (seventy-two) hours of having knowledge of such breach, report the details of the breach to NDPC. Furthermore, City Distro shall, having knowledge of the occurrence of such breach, take steps to inform you of the breach incident, the risk to your rights and freedoms resulting from such breach, and any course of action to remedy said breach.

9. DATA RETENTION

9.1 We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet any legal, regulatory, contractual, operational, or audit obligations.
9.2 Where personal data is processed based on your consent (such as for marketing communications), we will retain it until you withdraw your consent or request its deletion, unless we are required by law to keep it for a longer period.
9.3 We may retain anonymized or aggregated data, including behavioural and predictive insights generated through analytics and AI, for as long as necessary to support research, statistical analysis, system improvement, and business development, provided such data can no longer be used to identify you.
9.4 We will take appropriate steps to safely erase, anonymize, or archive personal data at the end of the relevant retention period in a way that prevents unauthorized access or additional processing.
9.5 To request the deletion of your personal data or to learn more about our data retention terms, please contact us using the details in the "Contact Information" section of this Policy.

10. COOKIES AND TRACKING TECHNOLOGIES

10.1 To enhance your experience on our Website, City Distro employs cookies and similar tracking technologies. These technologies aid us in collecting information related to your preferences, settings, and other analytical data. Our use of cookies and similar technologies includes:

10.1.1 Web Beacons: These are electronic images used to understand how you interact with our Website and emails.
10.1.2 Flash Cookies: Also known as Local Shared Objects, these are used to store data for various purposes, such as remembering your settings.
10.1.3 Persistent or Session Cookies: These types of cookies store information for varying periods. Persistent cookies remain on your device for a set period, while session cookies are temporary and are deleted once you close your browser.

10.2 By accessing or using our Website, you provide your consent for cookies to be placed on your device in accordance with this Policy. If you wish to manage the receipt of cookies through our Website, you have the ability to control how your web browser responds to cookies. This can be done by adjusting your browser's privacy and security settings.

10.3 Please note that unless you configure your browser settings to reject all cookies, our system may issue cookies when you access or use our Website. If you choose to decline all cookies, it is important to be aware that certain features of our Website may experience limited functionality or may not work at all.

11. YOUR LEGAL RIGHTS

11.1 You have the following rights in respect of City Distro's use of your personal information:

These rights include:

11.1.1 Right to access: You have a right to a copy of their personal information as maintained by us.
11.1.2 Right to rectify: City Distro takes due care to ensure that the personal information we maintain about data subjects is accurate and complete. However, if you believe the information is inaccurate or incomplete, you have the right to request rectification.
11.1.3 Right to erase: Under certain circumstances, you may ask that we erase your personal information. For instance, where the personal information collected is no longer necessary for the original purpose or where consent is withdrawn. However, this will need to be balanced against other factors, such as the type of personal information obtained, the original reason for collection, archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, and our continuous assessment of risk relating to the data.
11.1.4 Right to restriction of processing: Under certain circumstances, but subject to regulatory requirements, you may be entitled to instruct us to stop using your personal data. This is applicable where you contest the accuracy of personal information held by us.
11.1.5 Right to data portability: Under certain circumstances, you have the right to ask City Distro to transfer any personal information that you have provided to City Distro to another third party. Once transferred, the other party will be responsible for safeguarding such personal information.
11.1.6 Right to object to marketing: You can object to the processing of your personal data for third-party marketing.
11.1.7 Right to lodge a complaint: You have the right to lodge complaints in the event that there is an objection to the manner in which City Distro is using your personal information. Such complaints can be communicated using the contact details provided in this Policy. In certain cases, City Distro may be unable to comply with your requests for reasons such as our obligations to comply with other legal or regulatory requirements.

12. CHANGES TO THIS POLICY

We may update this Policy from time to time to reflect changes in our practices and to ensure compliance with any changes or amendments to relevant legislation. We will notify you of any changes by posting the updated Policy on this page. We will let you know via email and/or a prominent notice on our Website, prior to the change becoming effective and update the "effective date" in this Policy. We encourage you to review this page periodically for the latest information on our privacy practices. Changes to this Policy are effective when they are posted on our Website or provided to you.

13. CONTACT INFORMATION

If you have any questions, concerns, or requests regarding this Policy, the handling of your data, or if you wish to exercise your rights as described herein, please contact us at sales@citydistro.africa. Our dedicated team will address your inquiries and requests promptly. Please provide sufficient information to help us identify you in our records and respond effectively.