Privacy Policy

At Xtottel, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

We comply with Ghana's Data Protection Act, 2012 (Act 843) and other applicable data protection laws. By using our services, you consent to the practices described in this policy.

• "Personal Data" means any information relating to an identified or identifiable natural person.
• "Processing" means any operation performed on personal data, including collection, storage, and use.
• "Data Controller" means Xtottel, which determines the purposes and means of processing personal data.
• "Data Subject" means the individual to whom the personal data relates.
• "Consent" means any freely given, specific, informed, and unambiguous indication of the data subject's wishes.

3.1 Personal Information

We may collect the following types of personal information:

• • Contact Information (name, email, phone number, address)
• • Business Information (company name, job title)
• • Payment Information (billing details, transaction history)
• • Communication Records (emails, chat logs, meeting notes)
• • Project Requirements and Specifications

3.2 Technical Information

When you visit our website, we automatically collect:

• • IP address and browser type
• • Device information and operating system
• • Website usage data and analytics
• • Cookies and similar tracking technologies

3.3 Information from Third Parties

We may receive information about you from third-party services, such as:

• • Social media platforms (when you interact with our content)
• • Business partners and service providers
• • Publicly available sources

We use your personal information for the following purposes:

We may share your personal information in the following circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our business, such as:

• • Cloud hosting providers (AWS, Google Cloud)
• • Payment processors (Stripe, PayPal, Hubtel, Paystack)
• • Analytics and marketing tools
• • Customer support platforms

5.2 Legal Requirements

We may disclose your information when required by law or to:

• • Comply with legal processes or government requests
• • Protect our rights, property, or safety
• • Prevent fraud or security issues
• • Enforce our terms and conditions

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Our retention periods are based on:

• • The nature of the personal data
• • The purpose for processing
• • Legal and contractual requirements
• • Business needs and legitimate interests

When personal data is no longer needed, we securely delete or anonymize it.

Under Ghana's Data Protection Act, you have the following rights regarding your personal data:

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section.

We use cookies and similar tracking technologies to enhance your experience on our website.

9.1 Types of Cookies We Use

• Essential Cookies: Required for basic website functionality
• Analytics Cookies: Help us understand how visitors interact with our website
• Preference Cookies: Remember your settings and preferences
• Marketing Cookies: Used to deliver relevant advertisements

9.2 Managing Cookies

You can control cookie settings through your browser. However, disabling essential cookies may affect website functionality.

As a digital service provider, we may transfer and process your personal information outside of Ghana, primarily to countries with adequate data protection laws or under appropriate safeguards.

We ensure that any international transfers comply with Ghana's Data Protection Act and that your data receives adequate protection through:

• • Standard contractual clauses
• • Adequacy decisions
• • Binding corporate rules
• • Other approved transfer mechanisms

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children.

If we become aware that we have collected personal information from a child without parental consent, we will take steps to remove that information from our servers.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date. We encourage you to review this policy periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

You also have the right to lodge a complaint with the Data Protection Commission of Ghana if you believe our processing of your personal data violates applicable law.