Skip to main content

Limited Time Offer!

Get your FREE website before they're gone!

Claim Now

Data Protection & Privacy Policy

Your privacy is fundamental to us. Learn how we collect, use, and protect your personal information in compliance with international data protection standards.

GDPR Compliant
ISO 27001 Certified
Regular Security Audits
Last Updated: March 15, 2024Effective Date: March 1, 2024

Overview

At Okpah Limited, we are committed to protecting your privacy and ensuring the security of your personal information. This Data Protection and Privacy Policy explains how we collect, use, store, and protect your data when you use our services, visit our website, or interact with our platforms.

Our Commitment

  • Transparent data practices
  • Minimal data collection
  • Strong security measures
  • User control and choice

Compliance Standards

  • GDPR (EU General Data Protection Regulation)
  • Ghana Data Protection Act 2012
  • ISO 27001 Information Security
  • SOC 2 Type II Compliance

Important Note

This policy applies to all Okpah Limited services including our e-commerce platform, school management system, delivery app, job search platform, and client portal. Different services may have additional specific privacy notices.

Data Collection

We collect information that you provide directly to us, information we obtain automatically when you use our services, and information from third parties. We only collect data that is necessary for providing and improving our services.

Personal Information

  • Name, email address, phone number
  • Business contact information
  • Billing and payment details
  • Account credentials and preferences

Technical Information

  • IP address and device information
  • Browser type and version
  • Operating system details
  • Usage patterns and analytics

Business Data

  • Project requirements and specifications
  • Communication history
  • Support tickets and feedback
  • Service usage and performance data

Collection Methods

Direct Collection

  • • Account registration and profile setup
  • • Contact forms and service requests
  • • Project consultation and onboarding
  • • Customer support interactions
  • • Newsletter and marketing subscriptions

Automatic Collection

  • • Website analytics and usage patterns
  • • Application performance monitoring
  • • Security logs and access records
  • • Cookie and tracking technologies
  • • Error reports and diagnostic data

How We Use Your Data

We use your personal information only for legitimate business purposes and in accordance with this privacy policy. Here's how we use the data we collect:

Service Delivery

To provide, maintain, and improve our IT services and platforms

Project development and deployment
Technical support and maintenance
User account management
Service customization

Communication

To communicate with you about our services and your projects

Project updates and milestones
Service notifications
Marketing communications (with consent)
Customer support responses

Legal & Compliance

To comply with legal obligations and protect our legitimate interests

Contract fulfillment
Regulatory compliance
Fraud prevention
Legal dispute resolution

Analytics & Improvement

To analyze usage patterns and improve our services

Performance monitoring
User experience optimization
Service development
Market research

Legal Basis for Processing

Legitimate Interests

Providing and improving our services, fraud prevention, direct marketing

Contractual Necessity

Fulfilling our contractual obligations to deliver agreed services

Consent

Marketing communications, cookies, and other optional features

Legal Compliance

Meeting regulatory requirements and legal obligations

Data Sharing & Disclosure

We do not sell, trade, or rent your personal information to third parties. We only share your data in limited circumstances as described below, and always with appropriate safeguards in place.

Service Providers & Partners

We may share your information with trusted third-party service providers who help us deliver our services:

Technical Partners

  • • Cloud hosting providers (AWS, Google Cloud)
  • • Payment processors (Stripe, PayPal)
  • • Email service providers
  • • Analytics and monitoring tools

Business Partners

  • • Subcontractors for specific projects
  • • Professional advisors (legal, accounting)
  • • Business consultants
  • • Integration partners

Legal Requirements

We may disclose your information when required by law or to protect our rights:

  • To comply with legal obligations, court orders, or regulatory requirements
  • To protect the rights, property, or safety of Okpah Limited, our users, or others
  • To investigate and prevent fraud, security breaches, or illegal activities
  • In connection with business transfers or corporate restructuring

Data Protection Safeguards

Contractual Protections

  • • Data processing agreements (DPAs)
  • • Strict confidentiality clauses
  • • Security requirement standards
  • • Data retention limitations

Technical Safeguards

  • • Encrypted data transmission
  • • Access controls and authentication
  • • Regular security audits
  • • Secure data storage protocols

Security Measures

We implement comprehensive security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. Our multi-layered approach includes technical, administrative, and physical safeguards.

Technical Safeguards

  • 256-bit SSL/TLS encryption for data in transit
  • AES-256 encryption for data at rest
  • Multi-factor authentication (MFA)
  • Regular security vulnerability assessments
  • Intrusion detection and prevention systems
  • Automated backup and disaster recovery

Administrative Controls

  • Employee security training and awareness
  • Background checks for all staff
  • Role-based access controls
  • Regular security policy updates
  • Incident response procedures
  • Third-party security audits

Physical Security

  • Secure data center facilities
  • 24/7 monitoring and surveillance
  • Biometric access controls
  • Environmental monitoring systems
  • Redundant power and cooling systems
  • Secure equipment disposal procedures

Certifications & Compliance

  • ISO 27001:2013 Information Security Management
  • SOC 2 Type II Compliance
  • GDPR Compliance Framework
  • PCI DSS Level 1 (for payment processing)

Incident Response

In the unlikely event of a data breach, we have comprehensive procedures in place:

  • • Immediate containment and assessment
  • • Notification within 72 hours (where required)
  • • Forensic investigation and remediation
  • • Transparent communication with affected parties
  • • Post-incident review and improvements

Your Data Protection Rights

You have several rights regarding your personal data. We are committed to helping you exercise these rights and will respond to your requests within the required timeframes.

Right to Access

Request access to your personal data we hold

Download your data or request a copy

Right to Rectification

Correct or update inaccurate personal information

Update your profile or contact us for corrections

Right to Erasure

Request deletion of your personal data

Submit a deletion request (subject to legal obligations)

Right to Portability

Receive your data in a structured, machine-readable format

Export your data for transfer to another service

Right to Restriction

Restrict the processing of your personal data

Request processing limitations in specific circumstances

Right to Objection

Object to certain types of data processing

Opt-out of marketing or object to legitimate interest processing

How to Exercise Your Rights

Online Methods

  • Client Portal - Privacy Settings
  • Email: privacy@okpah.com
  • Online Data Request Form

Response Times

  • Access requests: Within 30 days
  • Corrections: Within 72 hours
  • Deletions: Within 30 days

Cookie Policy

We use cookies and similar tracking technologies to improve your experience on our website, analyze usage patterns, and deliver personalized content. Here's how we use different types of cookies:

Essential Cookies

Required for basic website functionality

Required
Duration: Session or 1 year

Examples:

Authentication tokens
Security cookies
Load balancing
Shopping cart data

Analytics Cookies

Help us understand how you use our website

Optional
Duration: 2 years

Examples:

Google Analytics
Usage statistics
Performance monitoring
Error tracking

Marketing Cookies

Used to deliver relevant advertisements

Optional
Duration: 1 year

Examples:

Facebook Pixel
Google Ads
Remarketing tags
Conversion tracking

Preference Cookies

Remember your choices and personalize your experience

Optional
Duration: 1 year

Examples:

Language settings
Theme preferences
Region selection
Customization options

Managing Cookies

  • Use our Cookie Preference Center
  • Configure browser settings
  • Use privacy-focused browser extensions
  • Opt-out of marketing cookies

Important Note

Disabling certain cookies may affect the functionality of our website and your user experience.

Contact Us

If you have any questions about this privacy policy, your data rights, or our data practices, please don't hesitate to contact us using any of the methods below.

Data Protection Officer

Email
privacy@okpah.com
For all privacy-related inquiries
Phone
+233 540177664
Monday - Friday, 8:00 AM - 6:00 PM GMT
Office Address
11 Gyedu Street, Race Course
Lapaz, Accra, Ghana

Quick Actions

Response Times

  • • General inquiries: Within 2 business days
  • • Data access requests: Within 30 days
  • • Urgent security matters: Within 24 hours
  • • Data deletion requests: Within 30 days