Privacy Policy
Effective Date: March 2, 2026 | Last Updated: March 2, 2026
1. Introduction
Dronavid Technologies is committed to protecting the privacy and security of information entrusted to us by our enterprise clients. This Privacy Policy explains how we collect, use, store, share, and protect information in connection with the Dronavid platform and Services.
This Policy applies to: authorized Dashboard users operating on behalf of enterprise Clients; business representatives interacting with Dronavid for partnership and onboarding; and visitors to dronavid.com.
Dronavid's Services are exclusively B2B. Questions: contact@dronavid.com
2. Information We Collect
- Business and Account Information: Legal name, CAC registration number, business address, facility locations, names/emails/phone numbers of authorized users, billing information, and executed agreements.
- Operational and Logistics Data: Pickup and drop-off GPS coordinates (facility-level precision), Payload descriptions and declared values, delivery scheduling preferences, digital confirmation records, and API integration configurations.
- Flight and Telemetry Data: Complete flight telemetry (GPS trajectory, altitude, speed, battery, environmental sensors), drone diagnostic logs, airspace compliance records, and incident/safety event logs — collected for safety assurance, regulatory compliance, and operational optimization.
- Dashboard Usage Data: Login timestamps, session duration, IP addresses, device/browser info, actions performed within the Dashboard, and support request records.
- Communications Data: Content of emails and support interactions retained for account management.
- Website Visitor Data: Standard analytics (page views, session duration). No personally identifying information is collected from anonymous visitors.
3. How We Use Your Information
| Purpose | Description |
|---|---|
| Delivering the Services | Executing Delivery Missions, real-time tracking, proof of delivery, AI routing improvement (anonymized) |
| Account Management | Partner onboarding, Dashboard access, billing, service communications |
| Safety and Regulatory Compliance | NCAA/NAMA flight logs, incident investigations, sector-specific regulatory support |
| Security and Fraud Prevention | Dashboard security monitoring, infrastructure protection, prohibited Payload prevention |
| Service Improvement | Aggregated, anonymized operational analysis — identifiable data never used without consent |
| Legal Obligations | Compliance with Nigerian law, enforcement of Terms, establishing or defending legal claims |
4. Legal Basis for Processing
- Contract Performance: Processing necessary to execute your partnership agreement and SLA.
- Legal Obligation: Compliance with NCAA/NAMA regulations, FIRS tax requirements, NDPA 2023.
- Legitimate Interests: Safety monitoring, security, fraud prevention, and service improvement.
- Consent: For optional communications — withdrawable at any time without affecting prior processing.
5. Data Sharing and Disclosure
Dronavid does not sell or rent your data. We share only in these limited circumstances:
- Service Providers: Cloud hosting, analytics, and invoicing providers bound by data processing agreements.
- Regulatory Authorities: NCAA, NAMA, NDPC, and other Nigerian government agencies under lawful authority. Clients notified where legally permissible.
- Legal Proceedings: Valid court orders or binding legal process, with efforts to limit scope and notify Clients where permitted.
- Business Transfers: Merger or acquisition successors, who are bound by this Policy.
- With Consent: Any other sharing only with your prior written consent.
6. Data Retention
| Data Category | Retention Period | Reason |
|---|---|---|
| Account and business registration data | Partnership duration + 7 years | Legal and tax compliance |
| Operational and delivery records | 5 years from mission date | Safety, regulatory, and SLA |
| Flight telemetry and drone logs | 5 years from flight date | NCAA/NAMA requirements |
| Invoice and billing records | 7 years | FIRS tax law |
| Dashboard usage and access logs | 2 years | Security monitoring |
| Incident and safety reports | 10 years | Regulatory and legal liability |
| Communications and support records | 3 years from last interaction | Account management |
Data is securely deleted or irreversibly anonymized upon expiry.
7. Data Security
- Encryption in Transit: TLS 1.2 or higher for all Dashboard, server, and drone communications
- Encryption at Rest: All stored operational and telemetry data encrypted at rest
- Access Controls: Role-based authentication; internal access on a need-to-know basis only
- Infrastructure Security: Cloud providers maintaining ISO 27001-aligned practices
- Breach Notification: We will notify affected Clients within 72 hours of becoming aware of a breach, per NDPA 2023
- Regular Security Reviews: Periodic platform and infrastructure assessments
Report security concerns to contact@dronavid.com immediately.
8. Nigeria Data Protection Act 2023 Compliance
Dronavid is fully committed to the Nigeria Data Protection Act 2023 (NDPA) and the Nigeria Data Protection Commission (NDPC).
Dronavid Technologies is the Data Controller for personal data processed in connection with the Services.
Your rights under the NDPA 2023:
| Right | What It Means |
|---|---|
| Access | Request a copy of personal data Dronavid holds about you |
| Rectification | Request correction of inaccurate or incomplete data |
| Erasure | Request deletion where no longer necessary, subject to legal retention obligations |
| Restriction | Request restricted processing in certain circumstances |
| Object | Object to processing based on legitimate interests |
| Data Portability | Request data in a structured, machine-readable format where feasible |
| Withdraw Consent | Withdraw consent at any time where processing is consent-based |
Submit requests to contact@dronavid.com — we will respond within 30 days. Identity verification may be required.
Dronavid is registered with the NDPC as required by the NDPA 2023.
9. Cookies
- Website: Minimal functional cookies only. No third-party advertising or behavioural tracking cookies.
- Dashboard: Session cookies strictly necessary for authentication. No tracking cookies within the operational environment.
10. International Data Transfers
Any data processed by cloud providers outside Nigeria is transferred in compliance with NDPA 2023 requirements, including standard contractual clauses or other approved mechanisms where required.
11. Children's Privacy
Dronavid's Services are exclusively for enterprise use. We do not knowingly collect information from individuals under 18. Contact contact@dronavid.com immediately if you believe a minor's information has been submitted.
12. Changes to This Policy
Material changes will be communicated to registered Clients via email and Dashboard notification at least 30 days before taking effect. Continued use of the Services after the effective date constitutes acceptance.
13. Contact and Complaints
Dronavid Technologies — Data Privacy
Email: contact@dronavid.com
Website: https://dronavid.com
For formal data protection complaints: Nigeria Data Protection Commission (NDPC) — www.ndpc.gov.ng