Effective Date: 1st April 2026
1. Introduction
Welcome to the official website of the Consulate General of Saint Lucia in Nigeria (consulstlucia.ng). We are committed to protecting the privacy and security of our visitors, citizens, and applicants. This Privacy Policy outlines how we collect, use, process, and protect your personal data in accordance with the Nigeria Data Protection Regulation (NDPR) and the General Data Protection Regulation (GDPR).
2. Identity of the Data Controller
For the purposes of applicable data protection laws, the Data Controller is:
Consulate General of Saint Lucia in Nigeria
[No Physical Address in Abuja, Nigeria Yet]
Email: info@consulstlucia.ng
Phone: Non-Yet
3. Personal Data We Collect
We collect and process data to provide essential diplomatic services. The categories of data we collect include:
- Service Application Data: Information provided when applying for Visas, Birth Certificates, Emergency Travel Documents, or Citizenship. This includes names, dates of birth, contact details, passport information, and supporting documentation. (Note: Currently processed via submitted PDF forms; this policy also applies to future secure online portal submissions).
- Communication Data: Information you provide when contacting us via email or inquiries, including your name, email address, and the contents of your message.
- Technical & Analytical Data: Information collected automatically when you visit our site, managed securely via our self-hosted analytics platform (detailed below).
4. Website Analytics (Matomo) & Data Sovereignty
To understand how visitors interact with our website and to improve our digital services, we use Matomo Analytics.
Because diplomatic data security is our priority, our Matomo instance is entirely self-hosted. This means your tracking data is stored exclusively on our own secure servers. No data is ever shared with, sold to, or processed by third-party analytics corporations.
- Data Collected by Matomo: IP address (strictly anonymized), first-party cookies, geolocation (at a regional level), pages visited, time spent on the site, referrer URLs, and browser types.
- Anonymization: We have configured Matomo to automatically anonymize your IP address immediately upon collection. No identifiable IP address is stored in our database.
- Legal Basis: We process this data on the basis of legitimate interest to maintain the security, performance, and usability of our government portal.
- Opt-Out: Even though the data is anonymized and strictly self-hosted, you may still opt out of all website tracking here:
[matomo_opt_out]5. Purpose and Legal Basis for Processing
We process your personal data for the following purposes:
- Public Task / Official Authority: To process consular requests, issue travel documents, and facilitate diplomatic relations.
- Consent: When you subscribe to our newsletters or explicitly agree to specific data processing.
- Legitimate Interest: To ensure network security, prevent fraud, and optimize our web infrastructure.
- Legal Obligation: To comply with international laws and agreements between Saint Lucia and the Federal Republic of Nigeria.
6. Data Sharing and Third-Party Transfers
As a government entity, we treat your data with the highest level of confidentiality.
- We do not sell or trade your data.
- Your data may be shared internally with the Government of Saint Lucia (e.g., Ministry of External Affairs, Immigration Department) strictly for the processing of official applications.
- Any international transfer of data between the Consulate in Nigeria and the Government in Saint Lucia is safeguarded by diplomatic protocols and recognized data protection frameworks.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal mandates:
- Consular Applications: Retained in accordance with the official statutory retention periods of the Government of Saint Lucia.
- Analytics Data: Our self-hosted server cron jobs are configured to automatically purge raw analytics data after 13 months.
8. Data Security
We implement robust, enterprise-grade security measures to protect your data against unauthorized access, alteration, or destruction. This includes Web Application Firewalls (WAF), secure server architecture, and isolated database environments for processing sensitive information.
9. Your Data Subject Rights
Under the GDPR and NDPR, you possess the following rights regarding your personal data:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure (Right to be Forgotten): Request deletion of your data, subject to legal and diplomatic retention requirements.
- Right to Restrict Processing: Temporarily halt the processing of your data.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object / Withdraw Consent: Object to specific processing activities (like analytics) or withdraw consent for communications.
10. Contact and Complaints
To exercise any of your rights, please contact our Data Protection Officer at: [Insert Email Address].
If you believe your data has been handled improperly, you have the right to lodge a complaint with the relevant supervisory authorities, such as the Nigeria Data Protection Commission (NDPC) or the applicable European Data Protection Board authority (if you are an EU resident).
