Data Privacy Policy

1. Introduction

Tenax Marine Limited (“the Company”, “we”, “our” or “us”) is committed to safeguarding the privacy, confidentiality, integrity, and security of personal data in compliance with the Nigeria Data Protection Act 2023 (“NDPA”), as well as globally recognized best practices in data protection and information security.

This Policy describes the principles and practices guiding how we collect, use, store, share, and protect personal data. It applies to all personal data processed by us in the course of our business operations, including data relating to our employees, contractors, clients, service providers, and other stakeholders.

By engaging with our services, providing personal data to us, or using our platforms, you acknowledge and consent to the practices outlined in this Policy.

2. Interpretation and Definitions

2.1. Interpretation

The words of which the initial letter is capitalized shall have the meanings defined under the following paragraphs. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.

2.2. Definitions

In this Privacy Policy:

“Data Controller” means Tenax Marine Limited, which determines the purposes and means of processing personal data.

“Data Subject” means an individual whose personal data is processed by us.

“NDPC” means the Nigeria Data Protection Commission.

“Personal Data” means any information relating to an identified or identifiable natural person, as defined under the NDPA 2023.

“Processing” means any operation or set of operations performed on personal data, including collection, storage, use, disclosure, transfer, or deletion.

“Sensitive Personal Data” includes information relating to health, biometrics, religion, financial status, or other categories designated under the NDPA.

3. Our Privacy Principles

We process personal data only on lawful bases permitted under the NDPA and other applicable laws, including:

a. Performance of a contract with the data subject.

b. Compliance with legal and regulatory obligations.

c. Protection of vital interests of the data subject or another person.

d. Pursuit of our legitimate business interests provided such interests do not override fundamental rights of data subjects.

e. Consent of the data subject (where applicable).

4. Categories of Personal Data Collected

We may collect and process the following categories of Personal Data:

a. Identification Data: name, date of birth, gender, nationality, government-issued IDs (e.g., passport, driver’s license, NIN).

b. Contact Data: address, email, telephone number, emergency contacts.

c. Employment & HR Data: CVs, qualifications, employment records, references, payroll and benefits information.

d. Client & Vendor Data: business contact details, contractual information, transaction history.

e. Financial Data: bank account details, payment records.

f. Technical Data: device identifiers, IP addresses, log-in data, system usage.

g. Other Data: any personal information voluntarily provided to us in the course of our services.

5. Purpose of Processing

We process personal data strictly for the following purposes:

a. Recruitment, employment, HR management, and payroll administration.

b. Provision of marine services to clients, contract performance, and business operations.

c. Compliance with applicable laws, regulations, and industry standards.

d. Safety, security, risk management, and fraud prevention.

e. Communication with stakeholders (clients, vendors, regulators).

f. Maintenance of business records and corporate governance.

6. Data Subject Rights

In compliance with NDPA, data subjects are entitled to the following rights (subject to applicable limitations):

a. Right to be informed about processing.

b. Right of access to personal data.

c. Right to rectification of inaccurate data.

d. Right to erasure (“right to be forgotten”).

e. Right to restrict or object to processing.

f. Right to data portability.

g. Right to withdraw consent at any time (where processing is based on consent).

h. Right to lodge a complaint with the Nigeria Data Protection Commission (NDPC).

Requests to exercise these rights should be directed to our Data Protection Officer (see Section 12).

7. Data Sharing & Disclosure

We may share Personal Data only under strict conditions, including:

a. With service providers, contractors, and partners who process data on our behalf under written agreements ensuring compliance with NDPA 2023.

b. With regulators, law enforcement, or public authorities where required by law.

c. With affiliates and business partners strictly for legitimate business purposes.

d. In the context of mergers, acquisitions, or business transfers, provided confidentiality safeguards are applied.

We do not sell, lease, or trade personal data to third parties.

8. International Data Transfers

Where Personal Data is transferred outside Nigeria, we ensure such transfers comply with NDPA and international standards, including:

a. Transfers to countries with adequate data protection frameworks recognized by the NDPC.

b. Execution of appropriate contractual clauses ensuring equivalent safeguards.

c. Implementation of technical and organizational measures to maintain data integrity and security.

9. Data Retention

We retain Personal Data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law, regulation, or contractual obligation. When retention is no longer necessary, data will be securely deleted, anonymized, or archived in accordance with industry best practices.

10. Data Security

We implement appropriate technical and organizational security measures to prevent unauthorized access, loss, misuse, alteration, or disclosure of personal data. Such measures include:

a. Encryption and secure storage.

b. Access controls and authentication.

c. Regular monitoring and system audits.

d. Staff awareness and training.

e. Incident response protocols.

11. Limitation of Liability

While we take reasonable and industry-standard steps to safeguard personal data, Tenax Marine Limited shall not be liable for:

a. Any unauthorized access, disclosure, or loss of data arising from factors beyond our reasonable control, including but not limited to cyber-attacks, third-party misconduct, or force majeure events.

b. Any reliance by third parties on Personal Data shared with us without our knowledge or consent.

c. Any loss or damage arising from inaccurate or incomplete Personal Data provided by data subjects.

Data subjects acknowledge that no method of data transmission or storage is 100% secure, and we disclaim liability to the fullest extent permitted by applicable law.

12. Data Protection Officer (DPO)

We have appointed a Data Protection Officer responsible for monitoring compliance with this Policy and applicable data protection laws.

Contact:

Data Protection Officer

Tenax Marine Limited

16A, African Lane, off Admiralty Road, Lekki Phase 1, Lagos State

Email: jojugbele@tenaxmarine.com

Telephone: +2348028765878

13. Policy Review & Updates

This Policy shall be reviewed periodically and updated as necessary to reflect changes in applicable laws, regulations, or our business operations. Updated versions will be published on our official website or otherwise communicated to stakeholders.

14. Governing Law

This Policy shall be governed by and construed in accordance with the laws of the Federal Republic of Nigeria, including the Nigeria Data Protection Act 2023.

Data Privacy Policy

We would like to hear from you