Privacy Policy

Welcome to the Diakite Group of Companies ("Diakite Group of Companies," "we," "us," or "our"). The Diakite Group of Companies is a diversified industrial conglomerate operating across six strategic sectors—Mining & Mining Equipment, Oil & Gas, Civil Engineering & Real Estate, Agribusiness, Transport, and Hospitality—with a presence in five West African countries: Nigeria, Mali, Côte d'Ivoire, Benin, and Togo.

We are committed to protecting the privacy and security of personal information entrusted to us by our clients, partners, employees, investors, suppliers, website visitors, and all other individuals with whom we interact. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in accordance with applicable data protection laws and regulations across our operational jurisdictions.

This Privacy Policy applies to all entities within the Diakite Group of Companies, including Diakite Enterprises Limited (and its country-specific subsidiaries), Diakite Autos Limited, Diakite Hotels & Suites Limited, Air Diakite Limited, and Diakite Group Limited.

By engaging with our services, visiting our websites, entering our facilities, or otherwise interacting with the Diakite Group of Companies, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

Our Commitment to Privacy

As a group committed to ethical governance, transparency, and sustainable operations, the Diakite Group of Companies recognizes privacy as a fundamental right. We adhere to the highest standards of data protection and comply with applicable laws in all jurisdictions where we operate, including but not limited to:

  • Nigeria Data Protection Regulation (NDPR) and Nigeria Data Protection Act (NDPA)
  • Data protection provisions under the OHADA framework in Mali, Côte d'Ivoire, Benin, and Togo
  • General Data Protection Regulation (GDPR) principles for international data transfers
  • Industry-specific regulations governing Oil & Gas, Mining, Financial Services, and Hospitality sectors

Our commitment extends beyond legal compliance to encompass best practices in data governance, security, and ethical handling of personal information.

Scope and Applicability

This Privacy Policy applies to personal information collected through:

  • Our corporate websites and digital platforms
  • Business relationships with clients, suppliers, contractors, and partners
  • Employment and recruitment processes
  • Investor relations and shareholder communications
  • Hospitality services provided through Diakite Hotels & Suites Limited
  • Transport and logistics services
  • Real estate transactions and property management
  • Mining, Oil & Gas, and agribusiness operations
  • Any other interactions with the Diakite Group of Companies entities

Information We Collect

The Diakite Group of Companies collects various types of personal information necessary for conducting business operations, delivering services, and maintaining relationships with stakeholders. The specific information collected depends on the nature of your relationship with us.

Personal Identification Information

We may collect the following personal identification details:

  • Full name, date of birth, and gender
  • National identification numbers, passport details, or other government-issued identification
  • Residential and business addresses
  • Contact information including telephone numbers and email addresses
  • Photographs and biometric data (where required for security or identification purposes)
  • Emergency contact information
  • Nationality and immigration status (for employment and cross-border operations)

Professional and Business Information

For business relationships, employment, and partnership purposes, we collect:

  • Professional qualifications, certifications, and licenses
  • Employment history and references
  • Business registration documents and tax identification numbers
  • Financial institution details and banking information
  • Credit history and financial standing (for credit assessments)
  • Company ownership structures and beneficial ownership information
  • Professional affiliations and memberships

Financial Information

In the course of business transactions, we may collect:

  • Bank account details and payment information
  • Credit card and payment card information
  • Financial statements and tax records
  • Investment portfolio information (for investor relations)
  • Invoicing and billing details
  • Transaction histories and payment records

Technical and Digital Information

When you visit our websites or use our digital services, we automatically collect:

  • IP addresses and device identifiers
  • Browser type and version
  • Operating system information
  • Pages visited and time spent on our websites
  • Referring website addresses
  • Location data (with your consent)
  • Cookies and similar tracking technologies data

Operational and Safety Information

For projects, operations, and facility access, we collect:

  • Site access logs and visitor records
  • CCTV footage and security surveillance data
  • Health and safety records
  • Medical information (where necessary for occupational health requirements)
  • Training records and certifications
  • Incident and accident reports
  • Drug and alcohol testing results (where permitted by law and necessary for safety)

Communications and Correspondence

We retain records of:

  • Email correspondence and business communications
  • Telephone call recordings (with appropriate notice)
  • Meeting notes and minutes
  • Feedback, inquiries, and customer service interactions
  • Marketing preferences and subscription information

Special Categories of Personal Data

In limited circumstances, and only where legally permissible and necessary, we may process special categories of personal data including:

  • Health information (for occupational health, insurance, or emergency situations)
  • Biometric data (for security and access control)
  • Information related to criminal convictions (for background checks where legally required)

We process such sensitive information only with explicit consent or where permitted by applicable law, and implement enhanced security measures for its protection.

How We Collect Information

We collect personal information through various methods:

Direct Collection

  • Information you provide when filling out forms, applications, or registration documents
  • Details submitted during business negotiations, contract execution, or service delivery
  • Information provided during employment applications, interviews, or onboarding
  • Data submitted through website contact forms, email inquiries, or phone calls
  • Details provided at conferences, trade shows, or networking events

Indirect Collection

  • Information obtained from publicly available sources (business registries, professional networks)
  • Data received from third-party service providers, contractors, or partners
  • References and background check information from previous employers or professional contacts
  • Credit information from credit reference agencies
  • Information from regulatory authorities or government agencies

Automated Collection

  • Website analytics and tracking technologies
  • CCTV and surveillance systems at our facilities
  • Vehicle tracking systems in our transport operations
  • Access control systems and security logs
  • Automated data processing systems in our operations

How We Use Your Information

The Diakite Group of Companies uses personal information for legitimate business purposes, including:

Service Delivery and Contract Performance

  • Executing contracts for mining, Oil & Gas, civil engineering, agribusiness, transport, and hospitality services
  • Managing logistics and supply chain operations
  • Providing technical support and project management services
  • Delivering hotel accommodation, conferencing, and hospitality services
  • Managing property transactions and real estate development projects

Business Operations and Management

  • Conducting due diligence and Know Your Customer (KYC) procedures
  • Processing payments, invoicing, and financial transactions
  • Managing supplier and contractor relationships
  • Conducting risk assessments and credit evaluations
  • Maintaining business records and archives

Employment and Human Resources

  • Recruiting, selecting, and onboarding employees
  • Managing employment relationships and performance
  • Administering payroll, benefits, and compensation
  • Providing training and professional development
  • Ensuring workplace health and safety
  • Managing employee grievances and disciplinary matters

Compliance and Legal Obligations

  • Complying with legal, regulatory, and statutory requirements
  • Adhering to international accounting standards (IFRS)
  • Meeting anti-money laundering (AML) and counter-terrorism financing obligations
  • Responding to lawful requests from regulatory authorities
  • Defending legal claims and enforcing our rights
  • Maintaining corporate governance and audit requirements

Security and Safety

  • Protecting the security of our facilities, assets, and personnel
  • Preventing fraud, theft, and unauthorized access
  • Ensuring health and safety in high-risk operational environments (mining sites, Oil & Gas facilities)
  • Conducting security screenings and background checks
  • Investigating incidents, accidents, and security breaches

Marketing and Communications

  • Sending information about our services, projects, and developments (with appropriate consent)
  • Conducting market research and analyzing customer preferences
  • Managing investor relations and shareholder communications
  • Publishing newsletters, reports, and corporate announcements
  • Organizing events, conferences, and stakeholder engagements

Strategic Planning and Development

  • Analyzing business performance and operational efficiency
  • Conducting feasibility studies for new projects
  • Identifying business opportunities and partnerships
  • Making strategic investment decisions
  • Supporting mergers, acquisitions, and corporate restructuring

Legal Basis for Processing

We process personal information based on one or more of the following legal grounds:

  • Contractual Necessity: Processing is necessary to perform a contract with you or to take pre-contractual steps at your request
  • Legal Obligation: Processing is required to comply with applicable laws, regulations, or court orders
  • Legitimate Interests: Processing is necessary for our legitimate business interests, provided these do not override your fundamental rights and freedoms
  • Consent: You have provided explicit, informed consent for specific processing activities
  • Vital Interests: Processing is necessary to protect your life or the life of another person
  • Public Interest: Processing is necessary for the performance of tasks carried out in the public interest

Information Sharing and Disclosure

The Diakite Group of Companies may share personal information with third parties in the following circumstances:

Within the Diakite Group of Companies

Personal information may be shared among entities within the Diakite Group of Companies for administrative efficiency, consolidated reporting, and integrated service delivery. All intra-group transfers are governed by appropriate data protection agreements and security measures.

Service Providers and Business Partners

We engage third-party service providers to support our operations, including:

  • IT service providers and cloud hosting companies
  • Professional advisors (legal, accounting, consulting firms)
  • Banking and financial institutions
  • Insurance companies and brokers
  • Logistics and freight forwarding companies
  • Security service providers
  • Marketing and communications agencies
  • Recruitment and human resources consultants

All service providers are contractually required to maintain confidentiality and implement appropriate security measures.

Government and Regulatory Authorities

We disclose information to regulatory bodies, government agencies, and law enforcement when:

  • Required by law or legal process
  • Necessary for regulatory compliance (CAC in Nigeria, RCCM under OHADA, CEPICI in Côte d'Ivoire)
  • Responding to lawful requests or investigations
  • Complying with tax, customs, or trade regulations
  • Meeting health, safety, and environmental reporting obligations

Joint Ventures and Business Transactions

Personal information may be shared with:

  • Joint venture partners and consortium members in collaborative projects
  • Potential buyers, investors, or merger partners during corporate transactions
  • Professional advisors conducting due diligence
  • Successor entities in the event of business restructuring or asset transfers

With Your Consent

We may disclose your information to third parties where you have provided specific consent for such disclosure.

International Data Transfers

As a group operating across five West African countries with potential international partnerships, personal information may be transferred across borders. We ensure that all international data transfers comply with applicable laws and are protected by:

  • Standard contractual clauses approved by relevant data protection authorities
  • Adequacy decisions recognizing equivalent data protection standards
  • Binding corporate rules within the Diakite Group of Companies
  • Explicit consent for specific transfers
  • Necessary safeguards to protect the security and confidentiality of transferred data

We take particular care when transferring data from jurisdictions with comprehensive data protection frameworks (such as Nigeria under NDPR) to ensure equivalent protection standards are maintained.

Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected or as required by law. Retention periods vary depending on:

  • The nature of the information and purpose of processing
  • Legal, regulatory, and contractual obligations (tax records, corporate filings, employment records)
  • Statute of limitations for potential legal claims
  • Business and operational needs
  • Industry-specific retention requirements (mining licenses, Oil & Gas permits, engineering certifications)

Typical retention periods include:

  • Employment records: Duration of employment plus 7 years
  • Financial records: 7-10 years from the end of the financial year
  • Tax documentation: As required by applicable tax authorities (typically 7-10 years)
  • Contract documentation: Duration of contract plus 7 years
  • CCTV footage: 30-90 days unless required for investigations
  • Website analytics: 24-36 months
  • Marketing communications: Until consent is withdrawn or contact becomes inactive

Upon expiry of the retention period, personal information is securely deleted, destroyed, or anonymized in accordance with our data disposal procedures.

Your Rights

Subject to applicable laws in your jurisdiction, you have the following rights regarding your personal information:

Right to Access

You have the right to request confirmation of whether we process your personal information and to obtain a copy of that information along with details about how it is used.

Right to Rectification

You may request correction of inaccurate or incomplete personal information we hold about you.

Right to Erasure

In certain circumstances, you may request deletion of your personal information, including when:

  • The information is no longer necessary for the purposes for which it was collected
  • You withdraw consent and there is no other legal ground for processing
  • You object to processing and there are no overriding legitimate grounds
  • The information has been unlawfully processed
  • Erasure is required to comply with a legal obligation

Right to Restriction of Processing

You may request that we restrict processing of your personal information in specific situations, such as when you contest the accuracy of the information or object to processing.

Right to Data Portability

Where technically feasible, you may request that we transfer your personal information to another organization or provide it to you in a structured, commonly used, machine-readable format.

Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw that consent at any time, without affecting the lawfulness of processing prior to withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with the relevant data protection authority in your jurisdiction if you believe your rights have been violated.

To exercise any of these rights, please contact our Data Protection Officer using the details provided in the "Contact Us" section below.

Data Security

The Diakite Group of Companies implements comprehensive technical, administrative, and physical security measures to protect personal information from unauthorized access, disclosure, alteration, or destruction. Our security framework includes:

Technical Safeguards

  • Encryption of data in transit and at rest
  • Secure firewalls and intrusion detection systems
  • Regular security assessments and vulnerability testing
  • Multi-factor authentication for system access
  • Secure backup and disaster recovery systems
  • Antivirus and anti-malware protection

Administrative Safeguards

  • Strict access control policies limiting access to authorized personnel
  • Regular employee training on data protection and security
  • Confidentiality agreements with employees and service providers
  • Incident response and breach notification procedures
  • Regular review and update of security policies
  • Data Protection Impact Assessments for high-risk processing

Physical Safeguards

  • Restricted access to facilities storing personal information
  • CCTV surveillance and security personnel
  • Secure storage of physical documents
  • Controlled visitor access and sign-in procedures
  • Secure destruction of physical records containing personal information

Despite our robust security measures, no system is completely secure. We continuously monitor and improve our security practices to address evolving threats.

Cookies and Tracking Technologies

Our websites use cookies and similar tracking technologies to enhance user experience, analyze website performance, and deliver personalized content. Cookies are small text files stored on your device when you visit our websites.

Types of Cookies We Use

  • Essential Cookies: Necessary for website functionality and cannot be disabled
  • Performance Cookies: Collect anonymous information about website usage to improve performance
  • Functionality Cookies: Remember your preferences and personalize your experience
  • Targeting/Advertising Cookies: Deliver relevant advertisements and measure campaign effectiveness

You can control cookie preferences through your browser settings. However, disabling certain cookies may affect website functionality. For detailed information about our cookie practices, please refer to our Cookie Policy.

Third-Party Links

Our websites may contain links to third-party websites, applications, or services not controlled by the Diakite Group of Companies. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have inadvertently collected information from a child, we will take steps to delete it promptly.

Changes to This Privacy Policy

We reserve the right to update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. The "Last Updated" date at the top of this policy indicates when the most recent changes were made.

Material changes will be communicated through:

  • Prominent notice on our website
  • Email notification to registered users
  • Direct communication to clients and partners

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact:

Link Here to Contact Us

We are committed to addressing your concerns promptly and transparently. You can expect a response within 30 days of receiving your inquiry.

Regulatory Compliance

The Diakite Group of Companies maintains active relationships with data protection authorities across our operational territories and is committed to cooperative engagement with regulators to ensure ongoing compliance with evolving data protection standards.

Nigeria: Nigeria Data Protection Commission (NDPC)
OHADA Countries: Relevant national data protection authorities and Commerce Chambers

About Us

Diakite Group of Companies are dynamic, integrated powerhouse committed to the infrastructural and economic transformation of West Africa through visionary leadership, ethical governance, and sustainable operations across six strategic sectors.

Our Companies

Diakite Group of Companies

Diakite Enterprises Limited