Privacy Policy

Introduction and Commitment
Information We Collect
How We Use Your Information
Mobile Money and Payment Data
Data Sharing and Third Parties
Data Storage and Security
Data Retention
Your Rights
Cookies and Tracking
Children's Privacy
Cross-Border Data Transfers
Changes to This Policy
Contact and Complaints

Your privacy matters. SikaDua is built on trust. This policy explains exactly what data we collect, why we collect it, how we protect it, and what rights you have. We will never sell your personal data to third parties.

1Introduction and Commitment

1.1 SikaDua ("we", "our", "us") is committed to protecting the privacy of all users of the Platform — Resellers, Suppliers, Partners, and Buyers.

1.2 This Privacy Policy explains how we collect, use, store, share, and protect personal data in connection with the SikaDua application, website, and related services.

1.3 We operate in compliance with applicable Ghanaian data protection law, including the Data Protection Act, 2012 (Act 843), and relevant regulations issued by the Data Protection Commission of Ghana.

1.4 By registering on or using the Platform, you consent to the processing of your personal data as described in this Policy.

2Information We Collect

2.1 Information You Provide Directly

Data Type	Examples	Who It Applies To
Identity Data	Full name, date of birth, gender, Ghana Card/ID number (for KYC)	All users
Contact Data	Phone number, email address, physical address	All users
Financial Data	Mobile Money wallet number, network provider, bank account (for Suppliers/Partners)	All users
Business Data	Business name, registration number, product details, pricing information	Suppliers
Investment Data	Capital amounts, investment agreements, profit records	Partners
Communication Data	Messages submitted via contact forms, customer support interactions	All users

2.2 Information Collected Automatically

Device data: Device type, operating system, app version, unique device identifiers;
Usage data: Pages and screens visited, features used, products viewed, links shared, session duration;
Transaction data: Orders placed, commission earned, payment history, timestamps;
Location data: General location (city/region) derived from your network, if you grant location permissions;
Log data: IP address, browser type, referral URLs, error logs.

3How We Use Your Information

We use your personal data for the following lawful purposes:

Purpose	Legal Basis
Account creation, verification, and management	Contract performance
Processing orders, commissions, and payouts	Contract performance
Identity verification (KYC) as required by financial regulations	Legal obligation
Fraud prevention and platform security	Legitimate interest
Customer support and dispute resolution	Contract performance
Sending service notifications, order updates, payout alerts	Contract performance
Sending marketing communications (opt-in)	Consent
Platform improvement and analytics	Legitimate interest
Compliance with Ghanaian tax and financial reporting requirements	Legal obligation

We will only use your data for the purposes stated above. We will not use your data for automated decision-making that significantly affects your rights without human review.

4Mobile Money and Payment Data

4.1 SikaDua does not directly store your Mobile Money wallet PIN or authentication credentials. Payments are facilitated through licensed payment service providers (PSPs) who comply with Bank of Ghana regulations.

4.2 Your Mobile Money wallet number is stored securely and is used solely for:

Processing incoming payments from Buyers;
Disbursing commission payouts to Resellers;
Settling Supplier payments;
Distributing Partner profit shares.

4.3 All payment data is encrypted in transit and at rest using industry-standard encryption protocols.

4.4 Transaction records are retained for a minimum of seven (7) years in compliance with Ghanaian financial record-keeping requirements.

5Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to any third party for their marketing purposes.

5.1 We may share your data with the following categories of third parties where necessary:

Payment processors: To facilitate Mobile Money transactions and disbursements;
Delivery partners: Recipient name and delivery address shared with logistics providers for order fulfilment;
Identity verification services: For KYC/AML compliance;
Cloud infrastructure providers: Our hosting and data storage providers operate under contractual data protection obligations;
Analytics providers: Anonymised and aggregated usage data for platform improvement;
Legal and regulatory authorities: Where required by Ghanaian law, court order, or regulatory demand.

5.2 All third-party processors are contractually required to handle your data in accordance with applicable data protection laws and to implement appropriate security measures.

5.3 In the event of a business sale, merger, or acquisition, user data may be transferred to the acquiring entity, who will be bound by this Privacy Policy.

6Data Storage and Security

6.1 Your data is stored on secure servers located in Ghana or in jurisdictions with adequate data protection standards.

6.2 We implement the following security measures:

TLS/SSL encryption for all data in transit;
AES-256 encryption for sensitive data at rest;
Role-based access controls — only authorised personnel can access user data;
Regular security audits and vulnerability testing;
Two-factor authentication for all administrative access;
Automated fraud detection and anomaly monitoring.

6.3 In the event of a data breach that is likely to result in risk to your rights, SikaDua will notify affected users and the Data Protection Commission of Ghana within the timeframes required by law.

7Data Retention

7.1 We retain personal data only for as long as necessary for the purposes described in this Policy or as required by law:

Data Category	Retention Period
Account and identity data	Duration of account + 3 years after closure
Transaction and financial records	7 years (financial regulation requirement)
KYC and verification documents	5 years after last transaction
Customer support communications	3 years
Marketing preferences and consent records	Until consent is withdrawn + 1 year
Usage and analytics data (anonymised)	Indefinitely (no personal identifiers)

7.2 When data is no longer required, it is securely deleted or anonymised using industry-standard methods.

8Your Rights

Under the Data Protection Act, 2012 (Act 843) of Ghana and general data protection principles, you have the following rights:

Right of Access: Request a copy of the personal data we hold about you;
Right of Correction: Request correction of inaccurate or incomplete data;
Right of Erasure: Request deletion of your data where it is no longer necessary, subject to legal retention requirements;
Right to Object: Object to processing of your data for marketing purposes at any time;
Right to Data Portability: Request your data in a structured, commonly used format;
Right to Withdraw Consent: Withdraw consent for marketing communications at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at privacy@sikadua.com. We will respond within 30 days. We may require identity verification before processing your request.

9Cookies and Tracking

9.1 Our website uses cookies and similar tracking technologies to:

Maintain your session and login state;
Remember your preferences;
Analyse website traffic and user behaviour (using anonymised data);
Deliver and measure the effectiveness of our communications.

9.2 You can control cookie settings through your browser preferences. Disabling certain cookies may affect Platform functionality.

9.3 The SikaDua mobile application uses device analytics SDKs that collect anonymised usage data to help us improve the app experience. You may opt out of analytics tracking in the app settings.

10Children's Privacy

10.1 The Platform is intended for users aged 18 and over. We do not knowingly collect personal data from individuals under 18 years of age.

10.2 If we become aware that a person under 18 has registered on the Platform, we will delete their account and associated data promptly.

10.3 If you believe a minor has registered on the Platform, please contact us immediately at privacy@sikadua.com.

11Cross-Border Data Transfers

11.1 Where we transfer personal data outside Ghana (for example, to cloud infrastructure providers), we ensure adequate protection is in place through:

Contractual data processing agreements that meet Data Protection Commission standards;
Transfers only to jurisdictions with equivalent data protection laws;
Appropriate technical and organisational safeguards.

11.2 We do not transfer sensitive financial data (Mobile Money details, KYC documents) outside Ghana without explicit legal basis.

12Changes to This Policy

12.1 We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law.

12.2 When we make material changes, we will:

Post the updated Policy on the Platform with a revised "last updated" date;
Send a notification to registered users via the Platform or their registered contact details;
Where required by law, seek fresh consent for new processing activities.

12.3 Your continued use of the Platform after the effective date of any update constitutes acceptance of the revised Policy.

13Contact and Complaints

For any privacy-related enquiries, requests, or complaints, please contact our Data Protection Officer:

Email: privacy@sikadua.com
General: hello@sikadua.com
Address: SikaDua Data Protection Officer, Accra, Ghana

We aim to respond to all privacy requests within 30 calendar days. If you are not satisfied with our response, you have the right to lodge a complaint with the Data Protection Commission of Ghana.

Data Protection Commission of Ghana
Website: www.dataprotection.org.gh
Location: Accra, Ghana

Table of Contents