Shipping Privacy Policy
1. Overview
We at Sunbeth Shipping and Logistics (“SSL,” “we,” “us,” or “our”) are deeply committed to protecting the personal data of every individual and organization that interacts with us. This Privacy Policy explains how we collect, use, store, share, and protect your personal information whenever you use our services or engage with our digital platforms. This Policy applies to all individuals and organizations whose personal data we process.
This Policy is governed by the Nigeria Data Protection Act (NDPA), 2023, General Application and Implementation Directive 2025 and its implementing regulations. Where we process personal data of individuals in other jurisdictions, we also align with internationally recognized data protection principles, including those of the EU General Data Protection Regulation (GDPR), to the extent applicable.
2. Types of Data We Collect
We only collect personal data that is adequate, relevant, and limited to what is necessary for the purposes described in this Policy. When you use the website, SSL may collect Personal Data such as your name, email address, phone number, postal address, and demographic information. This information is collected to provide services, improve user experience, and meet legal obligations.
Sensitive personal data (e.g., racial or ethnic origin, religious beliefs, political opinions, health information, or criminal records) will only be collected with your explicit consent and only when necessary for a lawful purpose.
We will also collect information about your use of our website and services such as browsing history, search queries, comments, feedback and any other information which you share on the website. We may use cookies, web beacons and other technology to collect this information.
You can verify and confirm the accuracy of your data before submission, and you may rectify or update your data at any time via your account settings or by contacting our support team.
Log Data
When you access the Platform via a mobile device, we may automatically collect technical information such as your device type, unique device ID, IP address, operating system, browser type, and usage statistics. We may use third-party analytics tools (e.g., Google Analytics) to monitor and analyze this data to improve Platform functionality. These third parties are required to process data in compliance with applicable laws.
Location Information
With your permission, we may collect and use location data to provide location-based features and improve your experience. You can enable or disable location services at any time via your device settings.
We do not directly store full payment card details. All card-based transactions are processed by PCI-DSS compliant third-party payment processors who are contractually bound to protect your financial data.
2.1 Customs & Regulatory Compliance Data
- Import and export declarations and supporting documentation
- Harmonized System (HS) tariff codes for goods classification
- Tax Identification Numbers (TIN) and customs registration or agent numbers
- Certificates of origin, import/export permits, and other statutory documentation
- Any information required by the Nigeria Customs Service (NCS) or relevant foreign customs authorities
2.2 Platform & Technical Data
- IP address and device identifiers when you access our website or tracking platform
- Login credentials and system access logs
- Browser type, operating system, and referral URL
- Cookies and usage analytics data (see Section 11 for full details)
- Location data, where you grant permission in connection with tracking-related features
3. How We Collect Your Personal Data
We collect personal data through several lawful and transparent means:
3.1 Directly from You
When you engage our services — whether by creating an account, submitting a shipping booking, requesting a quotation, contacting our customer service team, completing a form on our website, or providing documentation — you supply us with personal data directly.
3.2 Through Shipping & Trade Documentation
Personal data is embedded in the shipping and customs documents we are legally required to process, including waybills, bills of lading, airway bills, commercial invoices, packing lists, and certificates of origin. This data is provided to us by our clients as part of the shipping instruction.
3.3 Via Our Website & Digital Platforms
When you visit our website or use our shipment tracking portal, we automatically collect certain technical data including cookies and usage analytics to improve your user experience and secure our systems against unauthorized access.
3.4 From Third-Party Partners
We may receive personal data from our logistics partners when they refer shipments to us, from customs authorities during cargo clearance, or from corporate clients who provide employees’ or customer details as part of a shipping instruction. When third parties share data with us, they are responsible for ensuring that sharing is lawful and that individuals have been appropriately informed.
4. How We Use Your Personal Data
We process your personal data only for specified, explicit, and legitimate purposes. The table below sets out our key processing activities and their purpose:
| Purpose | Description |
|---|---|
| Shipment Processing & Delivery | Booking, routing, scheduling, tracking, and delivering your shipments across domestic and international routes. |
| Customs Clearance & Compliance | Filing import/export declarations, obtaining regulatory permits, and meeting all obligations under Nigerian and international trade law. |
| Customer Communication & Support | Providing shipment status updates, responding to enquiries, resolving complaints, and sending service notifications. |
| Platform Tracking Services | Enabling real-time shipment visibility through our in-house digital tracking portal. |
| Billing & Payment Processing | Generating invoices, processing payments, and maintaining accurate financial records. |
| Fraud Prevention & Security | Detecting, investigating, and preventing fraudulent, criminal, or unauthorised activities. |
| Legal & Regulatory Obligations | Fulfilling our obligations under the NDPA, Customs and Excise Management Act, NRS regulations, and other applicable laws. |
| Service Improvement & Analytics | Analysing service usage patterns and customer feedback to continuously improve our operations and platform. |
| Marketing & Service Updates | Where consent has been given, sending newsletters, promotional materials, and information about new SSL services. |
| Legal Claims Management | Establishing, exercising, or defending SSL’s legal rights in any dispute or proceeding. |
5. Legal Basis for Processing Your Data
In compliance with the Nigeria Data Protection Act 2023, we only process personal data where we have a valid, documented lawful basis to do so.
5.1 Performance of a Contract
The majority of our data processing activities are directly necessary to fulfil the freight and logistics contracts we enter into with you or your organization. Without this processing, we would be unable to deliver goods, clear cargo through customs, or provide the services you have requested.
5.2 Legal Obligation
We are legally required to process certain personal data to comply with mandatory obligations under Nigerian law including customs law, tax legislation, anti-money laundering regulations, export controls, and aviation and maritime regulations. We cannot opt out of these obligations.
5.3 Legitimate Interests
Where it is in our legitimate business interests and where those interests are not overridden by your rights and freedoms, we may process your data. Examples include fraud prevention, maintaining the security of our systems, improving our service offering, and managing our business relationships responsibly.
5.4 Consent
Where we cannot rely on any of the bases above — for instance, for direct marketing communications — we will ask for your explicit consent in a clear and separate manner. You have the absolute right to withdraw your consent at any time, without penalty, by contacting us at the details in Section 14. Withdrawal of consent does not affect the lawfulness of any processing carried out prior to that withdrawal.
6. Sharing Your Personal Data With Third Parties
We do not sell, rent, or trade your personal data to any third party. We share your data only where it is necessary to deliver our services or to comply with the law, and only under appropriate contractual safeguards.
6.1 Logistics & Delivery Partners
We share shipment and contact data with co-loading agents, airline carriers, port and terminal handling agents, and last-mile delivery partners. These parties may act as data processors under SSL’s instruction or as independent data controllers. We use contractual agreements to govern all such sharing.
6.2 Customs Authorities & Regulators
SSL is legally required to share relevant personal and cargo data with the Nigeria Customs Service (NCS), FAAN, relevant port authorities, the Standards Organisation of Nigeria (SON), and equivalent foreign customs authorities in destination or transit countries.
6.3 Payment Processors
Financial data is shared with our PCI-DSS compliant payment processing partners solely for the purpose of executing transactions. These processors are prohibited from using your financial data for any other purpose.
6.4 Technology & IT Vendors
We use carefully selected technology vendors to host our website, operate our tracking platform, manage our databases, and support our IT infrastructure. All such vendors are contractually bound to apply equivalent data protection safeguards.
6.5 Legal, Audit & Professional Advisers
We may share data with external legal counsel, auditors, insurers, and compliance advisers where necessary in connection with legal proceedings, regulatory investigations, or professional advisory services. All such parties are subject to confidentiality obligations.
6.6 Sunbeth Global Concept Ltd. (Parent Company)
As a wholly owned subsidiary of Sunbeth Global Concept Ltd., we may share operational, financial, and compliance data with our parent company for group-wide reporting, consolidated governance, and risk management purposes.
7. International Data Transfers
Given the nature of our operations, personal data — including sender and recipient information, customs declarations, and shipment details — will necessarily be transferred to and processed in countries outside Nigeria as part of completing your shipment. This is an inherent feature of cross-border logistics.
All cross-border transfers are conducted in accordance with the Nigeria Data Protection Act and any NDPC-issued guidance on international data transfers.
8. How Long We Keep Your Data
We retain personal data only for as long as is necessary to fulfil the purpose for which it was collected, to meet our legal and regulatory obligations, to resolve disputes, and to enforce our agreements.
Upon expiry of the applicable retention period, personal data is securely deleted, destroyed, or anonymised in accordance with SSL’s internal Data Retention and Disposal Policy. Anonymised data may be retained for statistical or analytical purposes without restriction.
9. How We Protect Your Data
We implement robust technical and organisational security measures to protect your personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. The security of your data is a priority at every stage of our operations.
10. Your Rights Under the NDPA
The Nigeria Data Protection Act 2023 grants you specific rights in relation to your personal data. We are committed to respecting and facilitating the exercise of these rights promptly and without placing undue burdens on you.
You have the right to:
- Access your data
- Correct inaccurate or incomplete data
- Erase data where applicable
- Object to processing based on legitimate interest or for marketing
- Restrict processing in certain circumstances
- Data portability for automated information
- Withdraw consent at any time
- Report to the Nigeria Data Protection Agency if your rights have been violated
To exercise any of the rights listed above, please submit a written request to our Data Protection Officer using the contact details in Section 14. We will acknowledge your request within 5 working days and provide a substantive response within 30 calendar days.
11. Cookies & Tracking Technologies
Our website and other platforms use cookies and similar tracking technologies to enhance your experience, maintain session security, and improve our services. A cookie is a small text file placed on your device when you visit our website.
| Cookie Type | Purpose & Legal Basis |
|---|---|
| Strictly Necessary | Essential for the basic functionality of our website and tracking platform (e.g., login sessions, security tokens). These cannot be disabled. Legal basis: Contract performance / Legitimate interests. |
| Performance & Analytics | Help us understand how users interact with our platform. We use anonymised, aggregated data only. Legal basis: Legitimate interests. |
| Functional | Remember your preferences such as language settings and previously entered shipment details. Legal basis: Legitimate interests or Consent. |
| Marketing & Targeting | Used only where you have provided explicit consent, to deliver relevant information about SSL’s services. You may opt out at any time. Legal basis: Consent. |
You can manage your cookie preferences at any time through our Cookie Preference Centre, accessible via a banner upon your first visit to our website, or through the settings menu at the bottom of each page.
12. Children’s Data
Our services are intended for adults (18 years and above) and for legally constituted business organisations. We do not knowingly collect, store, or process personal data belonging to individuals under the age of 18 for our own purposes.
In circumstances where a person under 18 is named as a consignee or beneficiary of a shipment, such data is collected solely for the purpose of completing delivery, on the legal basis of the shipping contract entered into by the adult shipper.
If you believe we have inadvertently collected the personal data of a child, please contact our Data Protection Officer immediately and we will take prompt steps to verify and, where appropriate, delete that data.
13. Data Breach Notification
In the event of a data breach that may affect your Personal Data, we will notify you and the relevant regulatory authorities in accordance with the Nigeria Data Protection Act (NDPA 2023) and other applicable laws. We will provide details of the breach, potential risks, and steps we are taking to mitigate any impact.
14. Contact Us
If you have any questions or concerns about this Privacy Policy, wish to exercise your data subject rights, or want to report a potential data protection issue, please contact our designated Data Protection Officer (DPO):
Data Protection Officer
Sunbeth Shipping and Logistics (SSL)
44, Plateau Road, Apapa Quays, Lagos, Nigeria
Email: dpo@sunbeth.net
Nigeria Data Protection Commission (NDPC) – Supervisory Authority
If you are dissatisfied with how we handle your data protection concerns, you have the right to escalate the matter directly to Nigeria’s data protection supervisory authority:
15. Updates to This Privacy Policy
We reserve the right to update or revise this Privacy Policy from time to time to reflect changes in our services, data processing activities, applicable laws, or data protection best practices. We will not reduce your rights under this Policy without your explicit consent.
When we make material changes, we will:
- Publish the updated Policy on our website with a clearly visible revised Effective Date
- Notify existing customers by email or via our platform where changes significantly affect how we process their personal data
- Where required by the NDPA, seek fresh consent before undertaking any materially new uses of your personal data
We encourage you to review this Policy periodically. Your continued use of our services following the publication of an updated Policy constitutes your acknowledgment that you have read and understood the changes.
© 2026 Sunbeth Shipping and Logistics (SSL). All rights reserved.