Sialkot Dry Port Trust, Sambrial

Privacy Policy

Privacy Policy of Sialkot Dry Port Trust (SDPT)
Version: 2.1 — Pakistan Regulatory Compliance Edition

Last Updated: 22/11/2025

1. Introduction
This Privacy Policy (“Policy”) explains how Sialkot Dry Port Trust (“SDPT”, “we”, “our”) collects, uses, discloses, and protects Personal Data in connection with our operational, administrative, cargo, logistics, security, and website activities.

This Policy applies to:
- Clients, consignees, clearing agents, business partners
- Employees, applicants, contractors, and vendors
- Visitors, drivers, and transport providers
- Any individual interacting with SDPT, customs facilities, or systems

SDPT complies with applicable Pakistani laws, including requirements of Pakistan Customs, ANF, PRAL, and other relevant regulatory agencies operating at the Dry Port.

2. Definitions
“Personal Data” means information relating to an identified individual.
“Processing” means collecting, storing, manipulation, using, or sharing Personal Data.
“Sensitive Personal Data” refers to CNIC, passport, financial and tax data, medical data, security information, license, or government-regulated data.
“Regulatory Bodies” include Pakistan Customs, ANF, PRAL, FBR, PRA, SRB, EOBI, PESSI, SESSI, LEAs, and any agencies authorized under federal or provincial laws.

3. Personal Data Collected
3.1 Clients, Agents & Cargo Stakeholders
- Full name, CNIC, license data, passport
- Phone number, email, company details
- Vehicle and driver records
- Security passes
- Cargo documentation, gate passes, delivery orders
- Customs and PRAL-generated documents
- CCTV video and security logs

3.2 Employees & Applicants
- Identification (CNIC, father name, address)
- Qualification and experience records
- Employment contracts, HR files
- Salary, bank details, tax records
- EOBI, PESSI, SESSI data
- Family members, Medical records
- Attendance, access logs, performance records
- Security clearance information

3.3 Contractors & Vendors
- Company registration details
- NTN/GST/PST information
- CNIC of authorized persons
- Payment details, invoices
- Access and compliance documentation
- Security passes or driver data

3.4 Website, Digital Platforms & PRAL Integrated Systems
- IP address, Cell phone numbers, device information
- Session logs
- Cookies and activity tracking
- Portal access logs and authentication data

4. Legal Basis for Processing
SDPT processes data based on:
- Legal and regulatory requirements under laws, rules & regulations w.r.t. Pakistan Customs, ANF, PRAL, FBR, PRA, SBR, EOBI, PESSI, SESSI
- Operational necessity for logistics, cargo handling, clearance
- Security and verification purposes
- Contractual relationships
- Compliance with federal or provincial laws

5. Purpose of Processing
5.1 Operational & Cargo Management
- Gate operations, identity verification
- Cargo receipt, movement, clearance, delivery
- Cargo Insurance and safety
- Customs documentation
- Coordination with PRAL systems, PSW and WeBOC
- Record keeping for audits and inspections

5.2 Security & Regulatory Compliance
- CCTV monitoring
- Vehicle and driver checks
- Support to Customs, ANF, FIA, LEAs
- Prevention of smuggling or illegal items
- Security logs and gate entries

5.3 HR & Workforce Management
- Recruitment, onboarding
- Payroll, taxation, benefits
- Attendance, access rights
- Disciplinary processes

5.4 Vendor & Contractor Management
- Due-diligence checks
- Contract administration
- Payments and billing
- Compliance validation
- Tax compliance

6. Disclosure of Personal Data
6.1 Government & Regulatory Authorities
- Pakistan Customs
- ANF
- PRAL
- FBR, PRA, SRB, EOBI, PESSI, SESSI
- Pakistan Customs, FIA, Police, LEAs
- Any legally authorized body

6.2 Operational Partners
- Transport providers
- Clearing agents
- Banks, Insurers, IT service providers
- Security contractors
- Suppliers and Vendors

6.3 Internal Use
- HR, payroll, administration
- Security & compliance teams
- Management audits

7. Data Security
Technical Measures:
- Password-protected systems
- Access controls
- Secure servers and backups

Organizational Measures:
- Confidentiality policies
- Staff training
- Document handling protocols

Physical Measures:
- CCTV surveillance
- Controlled entry/exit
- Security personnel
- Visitor logs

8. Data Retention
Data is retained in accordance with:
- Customs Act
- FBR requirements
- Regulatory agency instructions
- Operational and employment needs

Afterward, data is securely deleted or archived.

9. Rights of Individuals
Individuals may request:
- Correction of inaccurate information
- Access to records (where permitted)
Certain data (Customs/ANF/PRAL/FBR/PRA/SRB/EOBI/PESSI/SESSI/security) cannot be deleted or altered except by law.

10. Website & Digital Platforms
We use:
- Essential cookies
- Activity logs
- Security monitoring tools
- PRAL-linked authentication

11. Employees, Contractors & Vendors — Special Clauses
11.1 Monitoring:
- CCTV
- Access logs
- IT usage logs

11.2 Confidentiality:
- Staff and vendors must protect all SDPT information.

11.3 Disciplinary:
- Violations may result in termination or legal action.

12. Amendments
SDPT may update this Policy anytime. Updates will be posted on the website and displayed at the administration office.