DropDeli LogoDropDeli

DropDeli – Data Protection Policy

Effective Date:

DropDeli is committed to protecting the personal data of its users, merchants, riders, partners, and employees. This Data Protection Policy outlines how DropDeli collects, processes, stores, and protects personal data in compliance with applicable data protection laws and best practices.

1. Purpose of This Policy

This Data Protection Policy is designed to ensure compliance with applicable data protection laws in jurisdictions where DropDeli operates, including:

  • Nigeria Data Protection Regulation (NDPR)
  • Ghana Data Protection Act, 2012 (Act 843)
  • International best practices aligned with the General Data Protection Regulation (GDPR) where applicable.

The purpose of this Data Protection Policy is to:

  • Ensure personal data is handled lawfully, fairly, and transparently
  • Protect personal data against unauthorized access, misuse, loss, or disclosure
  • Define responsibilities regarding data protection within DropDeli
  • Demonstrate DropDeli’s commitment to data privacy and security

2. Scope

This policy applies to:

  • All users of the DropDeli platform
  • Merchants (restaurants, hotels, supermarkets, and other businesses)
  • Riders and delivery partners
  • Employees, contractors, and third-party service providers
  • All personal data processed through DropDeli’s systems, applications, and services

3. Definitions

  • Personal Data: Any information relating to an identified or identifiable individual.
  • Data Subject: An individual whose personal data is processed.
  • Processing: Any operation performed on personal data, including collection, storage, use, disclosure, or deletion.
  • Data Controller: DropDeli, which determines the purposes and means of processing personal data.
  • Data Processor: Any third party that processes personal data on behalf of DropDeli.

4. Data Protection Principles

DropDeli processes personal data in accordance with the following principles:

  1. Lawfulness, Fairness, and Transparency – Data is processed legally and transparently.
  2. Purpose Limitation – Data is collected for specified and legitimate purposes.
  3. Data Minimization – Only necessary data is collected and processed.
  4. Accuracy – Reasonable steps are taken to keep data accurate and up to date.
  5. Storage Limitation – Data is not kept longer than necessary.
  6. Integrity and Confidentiality – Data is protected against unauthorized access or loss.

5. Lawful Basis for Processing

DropDeli processes personal data based on one or more of the following lawful grounds:

  • Consent of the data subject
  • Performance of a contract
  • Compliance with legal obligations
  • Legitimate business interests, where such interests do not override data subject rights

6. Types of Data Collected

DropDeli may collect and process:

  • Identification data (name, phone number, email)
  • Location and delivery address data
  • Account and transaction data
  • Device and usage data
  • Communication and support records

Sensitive personal data is processed only where necessary and in accordance with applicable laws.

7. Data Security Measures

DropDeli implements appropriate technical and organizational measures, including:

  • Secure servers and encrypted data transmission
  • Restricted access to personal data
  • Authentication and authorization controls
  • Regular system monitoring and updates

Despite these measures, no system can be guaranteed to be completely secure.

8. Data Sharing and Third Parties

Personal data may be shared with:

  • Merchants and riders for order fulfillment
  • Payment processors and service providers
  • Cloud hosting and analytics providers
  • Regulatory or law enforcement authorities when legally required

All third parties are required to process data in accordance with this policy and applicable laws.

9. Data Retention and Disposal

Personal data is retained only for as long as necessary to fulfill its purpose or comply with legal requirements. When no longer needed, data is securely deleted, anonymized, or archived.

10. Data Subject Rights

Data subjects may have the right to:

  • Access their personal data
  • Request correction or updates
  • Request deletion or restriction of processing
  • Withdraw consent where applicable
  • Object to certain processing activities

Requests can be submitted through DropDeli’s official support channels.

11. Data Breach Management

In the event of a data breach, DropDeli will:

  • Take immediate steps to contain and assess the breach
  • Notify relevant authorities where required by law
  • Inform affected data subjects where there is a high risk to their rights

12. Responsibilities

  • DropDeli management is responsible for enforcing this policy.
  • Employees and contractors must comply with data protection requirements.
  • Third-party processors must adhere to agreed data protection obligations.

13. Policy Review and Updates

This Data Protection Policy will be reviewed periodically and updated as necessary to reflect legal, technical, or operational changes.

14. Contact Information

Data Controller: DropDeli

Primary Business Address (Ghana):
Garden Road, East Legon, Greater Accra, Ghana
Postal Code: GH 1101151
Phone: +233-554-366674

Business Address (Nigeria):
Ikeja, Lagos State, Nigeria

Support Email: support@dropdeli.com

For Nigeria-related data protection matters, DropDeli complies with the Nigeria Data Protection Regulation (NDPR) and cooperates with relevant regulatory authorities.

By using DropDeli or engaging with our services, you acknowledge and agree to this Data Protection Policy.