MineX360 Privacy Policy

1. GENERAL OVERVIEW OF OUR PRIVACY NOTICE

Background

Minex 360 Services Ltd. is a company registered in Ghana and is very passionate and cares about how personal information shared with the company in the course of business and providing services to clients or customers is processed. This privacy policy aims to provide information about how the company processes personal information. We will only process information where you have given us the information directly as a data controller or by our clients where we are processors in accordance with their instructions and in line with our obligations and your rights under The Data Protection 2012 (Act 843), The EU General Data Protection Regulation (GDPR) and other Jurisdictional Data Protection laws that are applicable.

2. DATA CONTROLLER

Minex 360 Services Ltd is the data controller for the information we process unless otherwise stated. For the purpose of this Privacy Notice, Minex 360 Services Ltd shall be referred to as “Minex”.

Registered Address

Minex 360 Services Limited
No.14 Addis Ababa Road. Block C,
East Legon - Accra Ghana

Tel: +233 (0) 501 608 002

Email: contact@minex360.com

3. HOW DO WE OBTAIN YOUR PERSONAL DATA?

Minex collects personal information directly from you when you engage with us through various channels. Where we collect your personal information indirectly from you, we will inform you in due course when we contact you of where we obtained the information from. The following are the various ways we collect information from you.

  • When you sign up on our applications
  • Through our joint controller (the schools)
  • When you use or visit our apps and websites
  • When you contact us to make an inquiry or request for information.
  • When you make a complaint and or give feedback.
  • When you apply for a job with us.
  • When you register to be added to our recruitment and membership services
  • When you register for or attend an event/conference we organise
  • And through any other interaction that you have with us.

4. THE INFORMATION WE COLLECT AND WHEN

We only collect personal information that is necessary, relevant and not excessive for the purpose. The personal information that we collect depends on the context of your interactions with us and the App, the choice you make and the products and features you use.

The type of personal information that we may collect and process about you when you interact with us include the following:

  • Name and Contact Data. We collect your first and last name, email address, postal address, phone number, and other similar contact data.
  • Relationship with child/children
  • Photograph
  • Credentials. We collect passwords, password hints, and similar security information used for authentication and SmartSapp account access.
  • Payment Data. We do not collect your debit/credit card or any form of payment information. We reroute you to our partner banks payment platform anytime you need to make payments. All payment data is stored by our payment processor and you should review its privacy and contact them directly to respond to your questions.

Information automatically collect

We automatically collect certain information when you visit, use or navigate the Apps. The information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, cookies and location to maintain the security and operation of our Apps, and for our internal analytics and reporting purposes.

Information collect through our Apps

If you use our Apps, we may also collect the following information:

  • Geo-Location Information. We may request access or permission to track location-based information from your mobile device, either continuously or while you are using our mobile applications, to provide location-based services. If you wish to change our access or permission, you may do so in your device’s settings.
  • Mobile Device Access. We may request access or permission to certain features from your mobile device, including your mobile device’s calendar, camera, microphone, contacts, storage and other features. If you wish to change our access or permissions, you may do so in your device’s settings.
  • Mobile Device Data. We may automatically collect device information (such as your mobile device ID, model and manufacturer), operating system, version information and IP address.
  • Push Notifications. We may request to send you push notifications regarding your account or the mobile application. If you wish to opt-out from receiving these types of communications, you may turn them off in your device’s/app’s settings.

5. DO WE PROCESS PERSONAL DATA OF CHILDREN?

We process personal data which relates to children under 18 years of age or are still under parental control to fulfil our contractual obligations. The data is however collected through their parents.

DATA WE COLLECT ON CHILDREN

  • Name
  • Date of birth
  • Class
  • School ID
  • Gender
  • Photograph

6. PURPOSE OF PROCESSING

The purposes for which we process your personal data include one or more of the following:

  1. To provide you with information that you have requested or that we consider may be relevant to a service or product in which you have exhibited an interest.
  2. To fulfil a contract that we have entered into with you or with the entity that you represent. In these circumstances it may be your entity, rather than yourself, that has provided us with your personal data for us to fulfil the contract
  3. To ensure the security safeguard of our apps and underlying business infrastructure.
  4. To manage any communication between you and us

7. LAWFULNESS

Minex will only process your personal data for the specific purpose that we state at the point of a personal data collection and when the law allows or requires us to do so. Most commonly, we will use your personal data in the following circumstances:

  • For us to perform a contract that we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests and if your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or statutory obligation.
  • Where you give us your consent.

We have set out below, in a table format, a description of the ways we may use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

Type of Processing activityLawful basis
To contact you, following your enquiry, reply to any questions, suggestions, issues or complaints you have contacted us aboutLegitimate interest
Fulfillment of a contract to provide you with an agreed servicePerformance of a contract
Make available our services to youLegitimate interest
For statistical analysis and to get feedback from you about our services or products or events.Legitimate interest
Marketing /mailing list /subscriptions to newslettersConsent

8. RETENTION (HOW LONG WE KEEP YOUR PERSONAL DATA)

We shall not retain your data for a period longer than is necessary to achieve the purpose for which we process your data and in line with our retention policy. At the end of the retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and the organization’s business planning.

Specific details of the retention periods for different aspects of your personal data are available in our retention policy which you can request from us.

9. WHO WE MIGHT SHARE YOUR INFORMATION WITH

We will not share your information with third parties unless any of the following circumstances applies.

  • Where the law or a statutory duty requires us to do so
  • Our internal team members who need the information in the course of their roles to administer a contract or service we are providing to you
  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk); or
  • Share with recipients including employees only for the purposes of administering services to you or respond to your request. This will only be shared on a strictly need to know basis. We will only share with third parties that we have either contracted to perform services for us and will ensure that we put in the necessary security and third-party contracts and agreements in place.

10. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

11. DO WE USE GOOGLE MAPS?

All websites, mobile applications, or Facebook applications use Google Maps APIs. By using our Maps API Implementation, you agree to be bound by Google's Terms of Service. You agree to allow us to obtain or cache your location. You may revoke your consent at any time. We use information about location in conjunction with data from other data providers.

12. SECURITY SAFEGUARDS

Security safeguards are of high importance to us and therefore we believe we have appropriate technical and organizational security measures and controls in place to protect your information in accordance with Act 843. We do not, however, have any control over what happens between your device and the boundary of our infrastructure. You should only access the services in a secure environment.

13. YOUR RIGHTS AS A DATA SUBJECT

You have rights under the Data Protection Act 2012 (Act 843). These are:

  • Right to be informed
  • Right of access to personal data
  • Right to give and withdraw consent
  • Right to amend (rectification), block, erase and destroy
  • Right to request a restriction on processing of your data
  • Freedom from automated decision making
  • Freedom from processing for direct marketing
  • Right to compensation
  • Right to complain
  • Other Rights under different jurisdictions Across Africa and beyond

Right to be informed

You have the right to be informed about the processing of your personal information (personal data) that we do. This privacy notice is a way of ensuring we meet our obligations to enable you to exercise your right to be informed.

Right to Access Your Personal Information

You can request that we give a description of your data held by us and data about the identity of a third party or a category of a third party who has or has had access to the said data.

We shall request for specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).

This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

If we need further information before responding to your request, we will contact you to speed up our response in a reasonable manner and format; and in a form that is generally understandable.

Right to rectification, blocking, erasure and destruction

It is important that the personal data we hold about you is accurate and current so please keep us informed if your personal data changes during your relationship with us.

You have the right to request that we correct your data because it is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully or that it is incompatible with the legitimate purposes for which we obtained the said data.

Further to the above, you can request that we destroy or delete a record of personal data about you that we no longer have your consent to retain.

To exercise any of these rights, you must serve us with a notice in which you must state the reasons why you believe that the data we hold is inaccurate or incomplete or is being held in a manner which is incompatible with the legitimate purposes pursued by us.

On receipt of the request, we shall comply with the request or provide you with credible evidence in support of the data.

Where we are unable to reach an agreement, we shall attach to the record an indication that a request for the data has been made but has not been complied with.

Where we comply with the request, we shall inform each person to whom the data has been disclosed of the correction made.

We shall notify you of the action taken as a result of the request.

Right to request a restriction on processing of your data

You have the right to ask us to restrict or suspend the processing of your personal data if:

(a) you want us to establish the data’s accuracy; or

(b) where our use of the data is unlawful, but you do not want us to erase it; or

(c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or

(d) you have objected to our use of your data, but we need to verify whether we have overriding and legitimate grounds to continue using it.

Right to give and withdraw consent

Where we rely on your consent to process your personal data, you have the right to withdraw it at any time by contacting us or using any details provided in our communication with you.

Right to complain and compensation

You may write to complain if you believe any of your rights have not been met or we fail to meet our obligations as a data controller.

Other Rights under different jurisdictions Across Africa and beyond

Minex will ensure the various rights of data subjects where we operate are respected and that we take our obligations seriously. Where we process personal data of other jurisdictions, we undertake a privacy assessment to identify any potential risk of noncompliance.

Notice to Exercise Rights

You can at any time give notice in writing to us to exercise your rights. We will within twenty-one (21) days after receipt of a notice inform you in writing that we have complied or intend to comply with the notice, or state the reasons if we cannot comply with the request.

If you would like to exercise this right, please contact us as set out below.

14. OUR RESPONSIBILITIES

We have a responsibility to protect your privacy and any personal data we obtain from you through your interaction with us.

Before processing any data, we will ensure that the data we obtain from you is complete, accurate, up to date and is not misleading having regard to the purpose for which we collect or process the said data

At all relevant times we shall notify you of the purpose for which the Organization requires your data.

We shall also indicate which data you have discretion to provide and or which data we think you have to provide because it's mandatory to do so. We shall notify you of the consequences if you fail to provide the said data.

15. OUR COMMITMENT TO YOU

We are committed to managing & safeguarding your personal information.

We are guided not only by Act 843, we also adhere to the General Principles of Data Protection and general International best practices in relation to Data Protection. Our aim at all relevant times is to be responsible and ensure the confidentiality, integrity, and availability of your data.

We assure you that whenever you provide personal information, we will treat that information in accordance with this Privacy Policy and shall endeavour at all times to keep your data accurate and secure.

16. CHANGES TO THIS PRIVACY NOTICE

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any changes we make will be published.

The Data Protection Commission (DPC) regulates data protection and privacy matters in Ghana. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as ourselves are available publicly.

CONTACT AND OFFICE DETAILS

Contact our Data Protection Supervisor on: dps@minex360.com

The DPS is responsible for overseeing all queries relating to this Privacy Policy and all relevant Data Protection queries If you have any queries please do not hesitate to contact us.

Email: contact@minex360.com

Phone No: +233 (0) 501 608 002