🔒 Privacy Policy

1. Data Collection

We collect the following types of personal information:

• Account Information: Username, email address, password (hashed), full name, role
• Profile Information: Phone number, date of birth, profile photo, bio, address, emergency contacts
• Client Information: Client name, contact person, phone number, email, address
• Operational Data: Field reports, financial transactions, job records
• Technical Data: IP address, browser type, device information, usage logs

Legal Basis: We process your data based on legitimate business interests, contract performance, and your explicit consent where required.

2. How We Use Your Data

We use your personal information to:

• Provide and improve our services
• Process field reports and transactions
• Manage client relationships and communications
• Ensure system security and prevent fraud
• Comply with legal obligations
• Send important system notifications

We do not sell, rent, or share your personal information with third parties except as necessary to provide our services or as required by law.

3. Data Sharing

We may share your data with:

• Service Providers: Third-party services that help us operate (e.g., email providers, hosting services)
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In case of merger, acquisition, or sale of assets

All third parties are required to maintain the confidentiality and security of your data.

4. Your Rights

Under Ghana Data Protection Act and GDPR (where applicable), you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data (subject to legal obligations)
• Data Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing of your data for certain purposes
• Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us through your account settings or system administrator.

5. Data Retention

We retain your personal data for as long as necessary to:

• Provide our services
• Comply with legal obligations
• Resolve disputes and enforce agreements

Financial records are retained for 7 years as required by law. Personal account data is retained while your account is active. You may request deletion of your account at any time.

6. Security Measures

We implement comprehensive security measures to protect your data:

• Encryption of passwords and sensitive data
• Secure authentication and access controls
• Regular security audits and updates
• Secure file storage and transmission
• Role-based access permissions
• Activity logging and monitoring

7. Cookies and Tracking

We use essential cookies for system functionality, including:

• Session management cookies
• Authentication tokens
• User preference settings

We do not use third-party tracking cookies or analytics without your explicit consent.

8. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

• Notify affected users within 72 hours
• Report to relevant data protection authorities as required
• Take immediate steps to contain and remediate the breach

9. Changes to Privacy Policy

We may update this privacy policy from time to time. Material changes will be communicated through the system and the "Last Updated" date will be revised. Continued use of the system after changes constitutes acceptance.

10. Contact Information

For questions, concerns, or to exercise your rights regarding personal data, please contact:

🇬🇭 Ghana Data Protection Commission

For complaints or inquiries regarding data protection in Ghana:

Data Protection Commission, Ghana
Website: data.gov.gh