Privacy, security, and responsible data handling at Richaine Technologies.

This Privacy Policy explains how Richaine Technologies may collect, use, store, disclose, protect, and otherwise process personal information when you visit our website, contact us, request a quote, engage our services, or interact with our systems.

It is intended to reflect core obligations under Ghana's Data Protection Act, 2012 (Act 843), cybersecurity governance expectations under Ghana's Cybersecurity Act, 2020 (Act 1038), and internationally recognized privacy principles, including transparency, purpose limitation, data minimization, security, and user rights.

Depending on your interaction with us, we may collect identity and contact details such as your name, email address, phone number, company name, physical address, and any information you include in forms, emails, support requests, or quote requests.

We may also collect business and technical information that helps us deliver services, including service requirements, infrastructure details, device or network information, and website usage information such as browser type, approximate location, IP address, and interaction logs where relevant for security, analytics, or service operation.

We may use personal information to respond to inquiries, prepare quotes, deliver products and services, manage projects, provide technical support, improve customer communication, protect our systems, meet legal obligations, and maintain appropriate operational records.

We do not intend to process personal information for purposes that are incompatible with the reason it was collected, unless a lawful basis exists or the relevant person has been properly informed or has consented where required.

Where applicable, our processing may rely on contractual necessity, legitimate business interests, compliance with legal obligations, protection of systems and services, or consent where a consent-based activity is being carried out.

For Ghana-based processing, this policy is informed by the rights and duties established under Act 843, including data subject rights, security obligations, and expectations around registration, accountability, and responsible handling of personal data by controllers and processors.

We may share information internally with authorized personnel and externally with service providers, professional advisers, hosting or infrastructure partners, communications providers, or regulators where reasonably necessary to deliver services, support business operations, or meet legal requirements.

Where third parties process data on our behalf, they should only do so under appropriate instructions, confidentiality obligations, and security expectations that are proportionate to the nature of the information and the service being delivered.

Richaine Technologies aims to implement reasonable technical and organizational measures to protect confidentiality, integrity, and availability of personal information and business systems. These measures may include access controls, role-based permissions, secure storage, endpoint protection, monitoring, backups, and incident-response procedures.

This section is informed by Ghana's cybersecurity framework under Act 1038 and internationally accepted security expectations. However, no internet-based transmission or storage environment can be guaranteed to be completely secure, and users should understand that residual risk always exists.

We may retain personal information only for as long as reasonably necessary for the purpose for which it was collected, for ongoing service delivery, for support and operational continuity, for dispute management, or to comply with legal, tax, audit, or regulatory obligations.

When information is no longer required, we aim to delete, anonymize, block, archive, or securely destroy it in a manner appropriate to the sensitivity of the information and the legal context.

Where our work touches users, tools, or infrastructure outside Ghana, we aim to align our data-handling practices with broadly recognized international principles, including transparency, fairness, accountability, purpose limitation, data minimization, storage limitation, and appropriate safeguards for transfers and processing.

Where international transfers occur, they should be assessed carefully and managed using suitable contractual, operational, and security protections proportionate to the nature of the data and the applicable legal context.

Subject to applicable law and context, you may have rights to request access, correction, restriction, objection, deletion, or clarification regarding how your personal information is used. You may also ask questions about our data-handling practices or request that we review information that appears inaccurate or outdated.

Where we rely on consent for a specific activity, you may generally withdraw that consent for future processing, subject to legal and operational constraints.

Our website and services are not intentionally designed to collect personal data from children except where strictly relevant to a lawful service context and appropriately managed. If we become aware that information has been collected inappropriately, we may take steps to review and remove it where required.

We may use essential website technologies, analytics tools, security monitoring, and related digital mechanisms to operate, secure, and improve our website. Where cookies or similar tools are used, they should be managed in a manner consistent with transparency and applicable legal expectations.

We may update this Privacy Policy from time to time to reflect operational changes, legal developments, security requirements, or improvements in our internal data-governance practices. When material changes are made, the updated version should be published with an updated effective date.