Privacy Policy

This Privacy Policy (“Policy”) describes how AXN Group (“AXN Group,” “we,” “us,” or “our”), a company registered in Ghana, collects, uses, stores, and discloses personal information in connection with our website (axngroupgh.com), cybersecurity services, IT infrastructure solutions, digital transformation services, managed services, HR consulting, and all related platforms and services.

By accessing or using our services, you acknowledge that you have read, understood, and agreed to this Policy. If you do not agree, please discontinue use of our services.

  1. Information We Collect

We may collect the following categories of information:

1.1 Information You Provide Directly

  • Personal Identifiers: Name, email address, phone number, job title, organization/company name
  • Professional Information: Industry, company size, business requirements, project specifications
  • Contact Information: Mailing address, billing address, emergency contact details
  • Account Information: Username, password, security questions and answers
  • Communication Records: Content of emails, chat messages, support tickets, and phone conversations
  • Service Requests: Details about cybersecurity assessments, IT infrastructure needs, training requirements

1.2 Information Collected Automatically

  • Technical Data: IP addresses, device identifiers, browser type and version, operating system, screen resolution
  • Usage Data: Pages visited, time spent on pages, click-through rates, access logs, session recordings
  • Performance Data: Website loading times, error reports, system performance metrics
  • Location Data: General geographic location based on IP address
  • Cookies and Tracking Data: Information gathered through cookies, web beacons, analytics tools, and similar technologies

1.3 Information from Third Parties

  • Business Information: Publicly available information about your organization
  • Professional Networks: Information from LinkedIn and other professional platforms (with your consent)
  • Service Providers: Data from payment processors, analytics providers, and other business partners
  • Referral Sources: Information from clients who refer your organization to our services
  1. How We Use Information

We process personal information for the following purposes:

2.1 Service Delivery

  • Providing cybersecurity assessments, IT infrastructure services, and digital transformation solutions
  • Delivering managed services, technical support, and emergency response
  • Conducting HR consulting and professional training programs
  • Customizing services to meet your specific business needs

2.2 Business Operations

  • Responding to inquiries and delivering customer support
  • Processing payments and managing billing
  • Managing user accounts and service subscriptions
  • Conducting business analysis and service improvement
  • Internal record-keeping, reporting, and risk management

2.3 Security and Compliance

  • Monitoring system performance, usage, and security threats
  • Preventing fraud, unauthorized access, and security breaches
  • Complying with legal, regulatory, and contractual obligations
  • Conducting security audits and vulnerability assessments

2.4 Communication and Marketing

  • Sending service updates, security alerts, and technical notifications
  • Providing educational content about cybersecurity and IT best practices
  • Inviting participation in surveys, feedback sessions, or industry events
  • Marketing communications (with your explicit consent)
  1. Legal Basis for Processing

Under Ghana’s Data Protection Act, 2012 (Act 843) and international standards, we process personal information based on:

  • Consent: Where you have provided explicit consent for specific processing activities
  • Contract Performance: To fulfill our service agreements and contractual obligations
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes
  • Legitimate Interests: For business purposes that do not override your privacy rights
  • Vital Interests: To protect your safety or the safety of others in emergency situations
  1. Disclosure of Information

We do not sell, rent, or trade personal information. We may disclose information in the following circumstances:

4.1 Service Providers and Partners

  • IT Infrastructure Providers: Cloud hosting services, data storage providers
  • Security Vendors: Cybersecurity tools, threat intelligence providers
  • Professional Services: Legal counsel, auditors, consultants
  • Payment Processors: For billing and payment processing
  • Analytics Providers: For website and service performance analysis

4.2 Legal and Regulatory Requirements

  • Government Authorities: When required by law, court order, or regulatory directive
  • Law Enforcement: In response to lawful requests for investigation purposes
  • Legal Proceedings: In connection with litigation, arbitration, or dispute resolution
  • Regulatory Compliance: To data protection authorities or industry regulators

4.3 Business Transactions

  • Corporate Restructuring: In connection with mergers, acquisitions, or asset transfers
  • Due Diligence: For potential business partnerships or investment opportunities
  • Successor Entities: To acquiring companies, subject to confidentiality agreements

4.4 Aggregated and De-identified Data

  • Anonymized information for research, industry reports, and service improvement
  • Statistical data that cannot be linked back to individual users
  • Benchmarking information for industry analysis
  1. Data Retention

We retain personal information based on the following criteria:

5.1 Retention Periods

  • Active Service Accounts: Throughout the service relationship and up to 7 years after termination
  • Cybersecurity Records: Up to 10 years for security incident documentation
  • Financial Records: 7 years from the date of last transaction
  • Marketing Communications: Until you unsubscribe or withdraw consent
  • Legal Documentation: As required by applicable laws and regulations

5.2 Secure Deletion

After retention periods expire, we securely delete or anonymize personal information using industry-standard methods including data wiping, degaussing, and physical destruction of storage media.

  1. Data Security

We implement comprehensive security measures including:

6.1 Technical Safeguards

  • Encryption: Advanced encryption for data in transit and at rest
  • Access Controls: Multi-factor authentication and role-based access
  • Network Security: Firewalls, intrusion detection, and monitoring systems
  • Regular Assessments: Vulnerability testing and security audits
  • Backup Systems: Secure, redundant data backup and recovery procedures

6.2 Organizational Measures

  • Staff Training: Regular cybersecurity and privacy training for all employees
  • Access Restrictions: Need-to-know basis for accessing personal information
  • Vendor Management: Due diligence and contractual requirements for service providers
  • Incident Response: Documented procedures for security breach response
  • Privacy by Design: Integration of privacy considerations into all business processes
  1. International Data Transfers

When personal information is transferred outside of Ghana, we ensure:

  • Adequacy Decisions: Transfers to countries with adequate protection levels
  • Appropriate Safeguards: Standard contractual clauses, binding corporate rules, or certification schemes
  • Specific Safeguards: Additional technical and organizational measures for high-risk transfers
  • Transparency: Clear information about transfer destinations and safeguards
  1. Your Rights and Choices

Under applicable privacy laws, you have the following rights:

8.1 Access and Portability

  • Request access to your personal information
  • Obtain a copy of your data in a structured, machine-readable format
  • Transfer your data to another service provider

8.2 Correction and Deletion

  • Request correction of inaccurate or incomplete information
  • Request deletion of personal information (subject to legal obligations)
  • Request restriction of processing in certain circumstances

8.3 Consent and Objection

  • Withdraw consent for processing based on consent
  • Object to processing based on legitimate interests
  • Opt-out of marketing communications at any time

8.4 Exercising Your Rights

To exercise these rights, contact us using the information in Section 12. We will respond within 30 days and may require identity verification to protect your privacy.

  1. Cookies and Tracking Technologies

Our website uses cookies and similar technologies:

9.1 Types of Cookies

  • Essential Cookies: Required for website functionality
  • Performance Cookies: Help us understand how visitors use our website
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used for targeted advertising (with consent)

9.2 Cookie Management

You can control cookies through your browser settings. Note that disabling essential cookies may affect website functionality.

  1. Third-Party Links and Services

Our website may contain links to third-party websites and services. This Policy does not apply to external sites, and we encourage you to review their privacy policies.

  1. Updates to This Policy

We may update this Policy to reflect:

  • Changes in applicable laws and regulations
  • New services or business practices
  • Feedback from users and stakeholders
  • Industry best practices and standards

Updates will be posted on our website with a revised “Effective Date.” For material changes, we will provide additional notice through email or prominent website notification.

  1. Contact Information

For questions, concerns, or requests regarding this Policy, please contact us:

AXN Group
Data Protection Officer
Email: privacy@axngroupgh.com
Phone: [Insert Phone Number]
Address: [Insert Registered Address]
Website: axngroupgh.com

For Security Incidents:
Email: security@axngroupgh.com
Phone: [Insert Emergency Number]

  1. Complaints and Dispute Resolution

If you believe we have not handled your personal information appropriately, you may:

  1. Contact Us Directly: Use the contact information above to raise concerns
  2. Ghana Data Protection Commission: Lodge a complaint with the national supervisory authority
  3. Legal Remedies: Pursue available legal remedies under applicable laws

Ghana Data Protection Commission
Website: dataprotection.gov.gh
Email: [Insert DPC Contact Email]

  1. Governing Law and Jurisdiction

This Policy is governed by the laws of the Republic of Ghana, including:

  • Data Protection Act, 2012 (Act 843)
  • Electronic Transactions Act, 2008 (Act 772)
  • Cybersecurity Act, 2020 (Act 1038)

Any disputes arising from this Policy will be subject to the exclusive jurisdiction of the courts of Ghana.

  1. Definitions
  • Personal Information: Any information relating to an identified or identifiable individual
  • Processing: Any operation performed on personal information, including collection, use, storage, and deletion
  • Data Controller: The entity that determines the purposes and means of processing personal information
  • Data Processor: The entity that processes personal information on behalf of a data controller

This Privacy Policy demonstrates AXN Group Solutions’ commitment to protecting your privacy while delivering secure, innovative technology solutions. For the most current version, please visit axngroupgh.com/privacy.