Legal
Privacy Policy
Last updated: 2 May 2026 ✦ Effective: 2 May 2026
We take your privacy seriously. This document explains in plain language what data we collect, why, and what rights you have.
Introduction
SafeHers ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you visit safehers.africa, complete our contact form, subscribe to our newsletter, or download resources from our library.
This policy is governed primarily by Ghana's Data Protection Act, 2012 (Act 843). Where visitors are located in the European Economic Area (EEA) or United Kingdom, we additionally comply with the General Data Protection Regulation (GDPR) and UK GDPR. References to "data controller" in this document mean SafeHers.
Please read this policy carefully. By using our website you acknowledge you have read and understood its terms.
Data We Collect
We collect data in two ways: information you provide directly, and information collected automatically.
Information you provide directly
Contact Form: When you submit a message we collect your full name, email address, country, organisation name (optional), area of interest, and message content.
Newsletter Subscription: When you subscribe we collect your email address and the timestamp of subscription.
Resource Downloads: We collect your email address, the resource requested, download timestamp, and country.
Information collected automatically
Server Logs: Our hosting infrastructure may log your IP address, browser type, OS, referral URL, and pages visited. Logs are retained for a maximum of 30 days.
Cookies: We use strictly necessary session cookies and optional analytics cookies. See the Cookies section below.
How We Use Your Data
We use your personal data only for the purposes for which it was collected:
To respond to contact form enquiries and service requests.
To send our newsletter to subscribers who have opted in.
To process and fulfil resource download requests.
To improve our website and content through aggregated analytics.
To detect and prevent fraud, spam, and abusive activity.
To comply with applicable law.
We do not sell, rent, or trade your personal data to third parties for marketing purposes.
Legal Basis for Processing
Under the Ghana Data Protection Act 2012 and the GDPR we must have a lawful basis for processing your data.
Consent — Newsletter subscriptions and optional analytics cookies are processed on the basis of your explicit consent. You may withdraw consent at any time.
Legitimate Interests — Contact form submissions and server logs are processed on the basis of our legitimate interest in responding to enquiries and maintaining site security.
Legal Obligation — We may process data where required by applicable law or court order.
Data Storage and Security
Your personal data is stored in a MongoDB Atlas database. MongoDB Atlas is certified to ISO 27001 and SOC 2 Type II standards and provides encryption at rest (AES-256) and in transit (TLS 1.2+).
Database access is restricted to our application servers and authorised personnel only. We store only the fields necessary for each use case.
Retention periods: Contact form data — 24 months. Newsletter subscription data — until unsubscribe. Resource download records — 12 months.
Despite our best efforts, no method of transmission over the internet is 100% secure. If you become aware of a security incident please contact privacy@safehers.africa immediately.
Third-Party Services
We use the following third-party providers who may process data on our behalf. All are bound by Data Processing Agreements:
MongoDB Atlas — Database hosting. United States / EU regions.
Vercel — Website hosting and edge network. United States.
Resend — Transactional email delivery. United States.
Google Fonts — Typography CDN. Google may log your IP address when fonts load.
Your Rights
Under the Ghana Data Protection Act 2012 you have the right to:
1. Access — Request a copy of the personal data we hold about you.
2. Correction — Request that inaccurate data be corrected.
3. Erasure — Request deletion of your personal data (subject to legal retention obligations).
4. Objection — Object to processing based on legitimate interests.
5. Withdrawal of Consent — Withdraw consent at any time for consent-based processing.
EEA/UK residents additionally have GDPR rights to data portability and restriction of processing.
To exercise any right, contact privacy@safehers.africa. We will respond within 30 days. You may lodge a complaint with the Data Protection Commission of Ghana or your local supervisory authority.
International Data Transfers
SafeHers operates from Ghana and the United States. Transfers outside the EEA are protected by Standard Contractual Clauses approved by the European Commission, adequacy decisions, or other appropriate safeguards permitted under the GDPR.
Children's Privacy
Our website is not directed at children under 13 (or 16 in the EEA). We do not knowingly collect data from children. If you believe a child has provided us data without parental consent, contact privacy@safehers.africa and we will delete it promptly.
Changes to This Policy
We may update this Privacy Policy from time to time. The "Last Updated" date at the top reflects the most recent revision. Continued use of the site after a revision constitutes acceptance of the updated policy.
Contact Us
For privacy questions, data requests, or complaints contact our Data Protection Officer:
Email: privacy@safehers.africa
Post: SafeHers, East Legon, Accra, Ghana
For EU/UK matters: gdpr@safehers.africa
Questions? Contact us or email privacy@safehers.africa.