Data Privacy Policy

1. Scope 
All data subjects whose Personal Data is collected, in line with the requirements of the Nigeria Data Protection Regulation (“NDPR”). This Privacy Policy (“Policy”) describes what personal information the Fast Moving Consumer Goods Distributions Ltd (“FMCG”) collects, what the FMCG does with it, how the FMCG protects it and how the FMCG maintains information collected from Users. We are a Data Controller - meaning that we determine the purposes for and manner in which Personal Data is processed or is to be processed.


2. Responsibilities 
2.1. The assigned Data Protection Officer is responsible for ensuring that this notice is made available to data subjects prior to the Fast Moving Consumer Goods Distributions Ltd (“FMCG”) collecting/processing their Personal Data. 
2.2. All Employees/Staff of FMCG who interact with data subjects are responsible for ensuring that this notice is drawn to the data subject’s attention and their consent to the processing of their data is secured. 

3. Privacy notice 

3.1. Brief description of Fast Moving Consumer Goods Distributions Ltd

FMCG is a Nigerian wide distribution company, dealing with Tobacco, Alcohol and Beverages.
  
Our assigned Data Protection Officer can be contacted directly via:
• Website: www.fmcgdistribution.org/dpo 
• Email: dpo@fmcgdistribution.org 
• Tel/WhatsApp : +234 (0) 9062968750
• Address: 1 Cocoa Industries Road, Ikeja, Lagos. 

3.2. Consent 

By consenting to this privacy notice you are giving us permission to process your Personal Data specifically for the purposes identified.

Consent is required for FMCG to process both types of Personal Data, but it must be explicitly given. Where we are asking you for sensitive Personal Data we will always tell you why and how the information will be used.

You may withdraw consent at any time by contacting us at the details provided or in line with Withdrawal of Consent Procedure.

3.3. Disclosure 

FMCG will not pass on your Personal Data to third parties without first obtaining your consent. We do not share your Personal Data without first obtaining your consent.

3.4. Storage of your Personal Data 
The Personal Data that we collect from you will be transferred to and stored at destinations within Nigeria. By submitting your Personal Data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely and in accordance with this Policy.


3.5. Retention period 

FMCG will process Personal Data for the purposes of your business dealings and or employment with us and store information in line with statutory obligations. Wherever possible Personal Data will be minimized and securely destroyed. Storage of Personal Data  will follow statutory retention requirements.

3.6. Your rights as a data subject 

At any point while we are in possession of or processing your Personal Data, you, the data subject, have the following rights: 

•	Right of access – you have the right to request a copy of the information that we hold about you. 
•	Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. 
•	Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. 
•	Right to restriction of processing – where certain conditions apply to have a right to restrict the processing. 
•	Right of portability – you have the right to have the data we hold about you transferred to yourself or another organisation. 
•	Right to object – you have the right to object to certain types of processing such as direct marketing. 
•	Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling. 
•	Right to judicial review: in the event that FMCG refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in clause 3.6 below. 

All of the above requests will be forwarded on should there be a third party involved in the processing of your Personal Data.

3.7. Complaints 

In the event that you wish to make a complaint about how your Personal Data is being processed by FMCG (or third parties as described in 3.3 above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and FMCG data protection representative the assigned Data Protection Officer / NDPR Owner, details as in 3.1. 
We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information within thirty (30) days in accordance with this Privacy Policy and in accordance with applicable law and regulation.

3.8. Online privacy statement 

3.8.1. Personal Data 

Under the NDPR, Personal Data is defined as: “any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

 
3.8.2. How we use your information 

This privacy notice tells you how we, FMCG, will collect and use your Personal Data. We acquire and use information relating to commercial organisations and individuals for a variety of reasons:

1. Delivery of our goods and or services 
2. Communications 
3. Legal obligations 
4. Marketing purposes 
5. Human resources ( Employment ) 

If you are requested to provide us with Personal Data you can of course refuse. If you choose not to provide the Personal Data that we require to provide our goods and or services then we may not be able to deliver that service for you.
If you choose not to provide the Personal Data that we require to provide employment then we may not be able to employ you. FMCG will not share with other parties, information which you may provide when using the Site, except to the extent necessary to provide services to you, further, to obtaining your consent.



3.8.3. The Personal Data collected from you are as follows:

Contact data: We will request your full name, address, phone number and e-mail address. 

Special category data: We may request on occasion such Personal Data about you that may be necessary to facilitate the execution of our services or in suppling us services or goods or in the course of employment with us,. This maybe Personal Data such as your NIN, Criminal records, current health for a vulnerability assessment. 

Payment data: Where it is necessary to process your payment, if you are making payment for goods or services supplied to you, then sensitive information, such as your bank account number, TIN, maybe stored.

Business and relationships: We may collect such Personal Data that you provide to us relating to your contacts and business relationships. 

Content: We may collect the content of any data files and communications that you may send us for the purposes of carrying out our dealings with you, together with any relevant physical documents that you may give us as well, when these are necessary to provide you with the offered service and or employment. Data we collect may include but not limited to:

•	address, subject line and body of an email 
•	video and/or audio recording of a video message 
•	written content of a text, similar app or other content of an instant message 
•	relevant social media messages 


We may also collect Personal Data that you provide us with regards to client feedback for services provided. This Personal Data will be retained in line with our retention policy. 
The Personal Data we collect will be used for the following purposes but not limited to:

•	To carry out our business activities 
•	To enforce using the appropriate legal process 
•	Update existing Personal Data 
•	Manage our products and services 
•	Monitor and keep records of communications 
•	To improve the operations of our business where possible 
•	To comply with legal and regulatory obligations and requirements 


Our legal basis for processing Personal Data:

•	To provide products and services 
•	To receive products and services
•	Legitimate interests 
•	Vulnerability assessments 
•	Public interest matters 
•	To comply with legal and regulatory obligations and requirements 
•	To offer employment

Any legitimate interests pursued by us, or third parties we use, are as follows:

•	Develop business partnerships 
•	To comply with legal and regulatory obligations and requirements 


3.8.4. Need to collect and store Personal Data 

In order for us to provide you with the goods and services we offer we need to collect Personal Data for:


•	General Personal Data processing: though we do not undertake automated decision making or profiling of Personal Data. 
•	Legitimate Business requirements 
•	Perform contractual and payment obligations 
•	Meet legal obligations and requirements 

In order for us to provide you with employment we need to collect Personal Data for:

•	Human resources requirements.
•	Background checks



In any event, we are committed to ensuring that the Personal Data we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy. 

3.8.5. Sharing Personal Data 

Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on our behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with FMCG  procedures. If we wish to pass your sensitive Personal Data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise. We do not sell, trade, or rent Users Personal Data to others.


3.8.6. Use of Personal Data 

FMCG will process (collect, store and use) the Personal Data you provide in a manner compatible with the Nigeria Data Protection Regulation (NDPR). We will endeavour to keep your Personal Data accurate and up to date, and not keep it for longer than is necessary. Personal Data may be held in addition to these periods depending on individual business needs.


3.8.7. The Personal Data that FMCG holds about you 

If FMCG does hold Personal Data about you, you can request the following Personal Data:

• Identity the contact details of the person or organisation that has determined how and why to process your data. 
• Contact details of the data protection officer, where applicable. 
• The purpose of the processing as well as the legal basis for processing. 
• If the processing is based on the legitimate interests of FMCG or a third party, Personal Data about those interests. 
• The categories of Personal Data collected, stored and processed. 
• Recipient(s) or categories of recipients that the data is/will be disclosed to. 
• If we intend to transfer the Personal Data to a third country or international organisation, Personal Data about how we ensure this is done securely. 
• The National Information Technology Development Agency (NITDA) has approved sending Personal Data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your Personal Data. 
• How long the data will be stored. 
• Details of your rights to correct, erase, restrict or object to such processing. 
• Personal Data about your right to withdraw consent at any time. 
• How to lodge a complaint with the supervisory authority. 
• Whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the Personal Data and the possible consequences of failing to provide such data. 
• The source of Personal Data if it wasn’t collected directly from you. 
• Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing. 

3.8.8. What forms of ID will I need to provide in order to access this? 

FMCG accepts: 
Passport Photograph 
National ID Card 
Driver's License 
Nigerian International passport


4. Cookie Policy 
Our website does use cookies for the purposes of analytics. A detailed outline of cookies is listed below:

4.1. About cookies 

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. 
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. 



4.2. Cookies that we do and do not use 

We do and do not use cookies for the following purposes: 

(a) authentication - we do not use cookies to identify you when you visit our website and as you navigate our website 

(b) status - we do not use cookies to help us to determine if you are logged into our website

(c) personalisation – we do not use cookies to store Personal Data  about your preferences and to personalise the website for you 

(d) security - we do not use cookies, as an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally, as we do not have these credentials located anywhere 

(e) advertising - we do not use cookies to help us to display advertisements that will be relevant to you 

(f) analysis - we may use cookies to help us to analyse the use and performance of our website and services. Cookies used for this purpose would be listed below 

(g) cookie consent - we may use cookies to store your preferences in relation to the use of cookies more generally.


4.3. Cookies used by our service providers 

Our service providers may use cookies and those cookies may be stored on your computer when you visit our website. 
We use Google Analytics to analyse the use of our website. Google Analytics gathers i Personal Data about website use by means of cookies. The Personal Data gathered relating to our website is used to create reports about the use of our website. Google's privacy policy is available at: https://www.google.com/policies/privacy/.


4.4. Managing cookies 

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date Personal Data about blocking and deleting cookies via these links ( for popular web browsers ): 

• https://support.google.com/chrome/answer/95647?hl=en (Chrome); 
• https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-websitepreferences (Firefox); 
• http://www.opera.com/help/tutorials/security/cookies/ (Opera); 
• https://support.microsoft.com/en-gb/help/17442/windows-internet-explorerdelete-manage-cookies (Internet Explorer); 
• https://support.apple.com/kb/PH21411 (Safari); and 

• https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge). 

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all of the features on our website.

4.5.	Changes to this privacy policy
Our Privacy Policy may change from time to time. We will not reduce your rights under this Policy without your explicit consent. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes) or via a pop-up notice or statement of changes on our website)

You acknowledge and agree that it is Your responsibility to review this Policy periodically and become aware of modifications. This Privacy Notice or Policy was last updated on March 22, 2021. The most up-to-date version can be found on this website. 


4.6	Compliance with the Regulators
This Privacy Policy is in line with the provisions of Nigeria Data Protection Regulation, 2019 (Regulation), a regulation which describes how organisations including the FMCG must collect, handle and store Personal Data and applies regardless of whether data is stored electronically, on paper or on other materials.
According to the Regulation, FMCG shall notify NITDA within 72 hours of knowledge of a breach of security leading to accidental or unlawful destruction, loss, alteration unauthorized disclosure of, or access to your Personal Data. 
If you feel that your Personal Data has not been handled correctly or you are unhappy with our response to any requests you have made to us regarding the use of your Personal Data, you have a right to lodge a complaint with the NITDA. The contact details are:
National Information Technology Development Agency
Tel: +234929220263, +2348168401851, +2347052420189

Email: info@nitda.gov.ng