Spalce Technologies Ltd ("Spalce", "we", "our", or "us") is a software development company headquartered in Accra, Ghana, serving clients across Africa and globally. We respect your privacy and are committed to protecting personal data in a way that is consistent with applicable Ghanaian law (including the Data Protection Act, 2012 (Act 843)), the EU General Data Protection Regulation (GDPR) where applicable, and recognised industry frameworks such as ISO/IEC 27001. This Privacy Policy explains what information we collect, why we collect it, and the choices you have regarding our processing of your personal data.
1. Information We Collect
We collect information directly from you, automatically through your use of our websites and services, and from third parties such as partners, service providers, and publicly available sources. The categories of information we collect depend on how you interact with Spalce.
Information you provide
- Contact details such as your name, email address, telephone number, employer, and job title.
- Account credentials and profile information for any platforms we host on your behalf.
- Project, billing, and commercial information shared with our sales or delivery teams.
- Content of communications you send to us, including support tickets and meeting recordings (where consented to).
Information collected automatically
- Device and browser metadata (IP address, operating system, browser type, language).
- Usage data describing how you interact with our website and applications.
- Cookies and similar technologies, as described in our Cookies Policy.
2. How We Use Your Information
We use personal data to operate, deliver, and improve our products and services, and to communicate with prospective and existing customers. Specifically, we use information to: respond to enquiries, deliver consulting and engineering work, manage accounts and billing, ensure security and detect abuse, comply with legal obligations, and conduct internal analytics.
Where we rely on consent (for example, marketing communications), you may withdraw that consent at any time. Where we rely on legitimate interests, we balance our interests against your rights and freedoms and document our assessment.
3. Legal Bases for Processing
When the GDPR or comparable data-protection regimes apply, we process personal data on one of the following legal bases: performance of a contract with you, compliance with a legal obligation, your consent, our legitimate interests, or to protect vital interests. The legal basis used for any specific processing activity will depend on the context.
4. How We Share Information
Spalce does not sell personal data. We share information only with parties that help us run our business and deliver services, and only under appropriate contractual safeguards.
- Sub-processors and service providers (e.g., cloud hosting, analytics, payment processing) who act on our documented instructions.
- Professional advisers such as auditors, lawyers, and accountants.
- Government, regulatory, or law enforcement authorities where required by law or to protect our rights.
- Successors in the event of a merger, acquisition, or asset transfer, subject to confidentiality.
5. International Data Transfers
Because we serve a global customer base, your personal data may be transferred to, and processed in, countries other than your country of residence, including Ghana, the European Economic Area, the United Kingdom, and the United States. Where required, we put in place appropriate transfer mechanisms such as the European Commission's Standard Contractual Clauses, the UK International Data Transfer Addendum, or equivalent safeguards aligned with the Data Protection Act, 2012 (Act 843) of Ghana.
6. Data Retention
We retain personal data for as long as necessary to fulfil the purposes for which it was collected, including for the duration of any contractual relationship, to comply with our legal and regulatory obligations, and to resolve disputes. When personal data is no longer needed, we either delete it securely or anonymise it for analytical purposes.
7. Security
Spalce maintains an information security programme aligned with ISO/IEC 27001 controls. We implement administrative, technical, and physical safeguards designed to protect personal data against unauthorised access, alteration, disclosure, or destruction.
- Encryption of data in transit (TLS 1.2+) and at rest where applicable.
- Role-based access controls, least-privilege provisioning, and multi-factor authentication.
- Continuous logging, monitoring, and incident response procedures.
- Regular security training for our personnel and contractors.
8. Your Rights
Depending on your jurisdiction, you may have the right to access, correct, delete, restrict, or object to our processing of your personal data, and the right to data portability. Where processing is based on consent, you have the right to withdraw consent at any time.
To exercise any of these rights, please contact us using the details below. We will respond within the timeframes required by applicable law and may need to verify your identity before fulfilling your request.
9. Children's Privacy
Our services are designed for businesses and are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.
10. Changes to this Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date and, where appropriate, provide additional notice. Continued use of our services after such changes constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact our Data Protection point of contact at [email protected], or write to Spalce Technologies Ltd, Accra, Ghana.