VentrixRMS
Back to Home
Data Protection and Early Access Privacy

Privacy Policy

Last updated: May 19, 2026

Secure by Default

Transport and storage protections

Transparent Use

Clear processing and purpose limits

No Data Selling

No sale of personal information

Act 843 Aligned

Ghana data law focused controls

1. Scope and Data Controller

Ventrix Inc. ("Ventrix", "we", "us", or "our") is the data controller for personal data processed through our inventory and point-of-sale platform.

This Policy applies to users, merchants, staff members, website visitors, and other persons whose personal data is processed when using Ventrix services.

We design this policy to align with the Ghana Data Protection Act, 2012 (Act 843), while supporting practical obligations for Early Access operations.

2. Categories of Data We Collect

Identity and Account Data

Name, email, phone, role, authentication metadata, and verification details.

Source: Directly from you during sign-up and account administration.

Business and Transaction Data

Store profiles, product catalogs, sales records, inventory movement, and user activity logs.

Source: Generated through your use of the platform.

Device and Technical Data

IP address, browser type, operating system, device identifiers, and session diagnostics.

Source: Collected automatically through security and analytics tools.

Support and Communication Data

Support tickets, chat/email exchanges, onboarding feedback, and issue reports.

Source: Provided when you contact us or participate in research.

3. How We Use Data and Our Legal Bases

Service delivery

Legal basis: Contract necessity

Create accounts, process business records, and enable core platform workflows.

Security and fraud prevention

Legal basis: Legitimate interests and legal obligations

Protect users, detect abuse, and maintain system integrity.

Support and communication

Legal basis: Contract necessity and legitimate interests

Respond to issues, service notices, and account-related requests.

Compliance and audit

Legal basis: Legal obligation

Meet applicable legal, regulatory, and financial record requirements.

4. Early Access Monitoring and Product Research

During Early Access, we process additional technical diagnostics and usage telemetry to identify bugs, improve reliability, and validate new features.

This may include workflow timestamps, error events, device performance metrics, and interactions with beta functionality. We use this data for service quality and product development, not for selling personal information.

Where required by law, we obtain consent for optional analytics or communication preferences. You can opt out of non-essential communications at any time.

5. Data Sharing, Processors, and Transfers

We may share personal data only as reasonably necessary with:

  • Infrastructure providers, analytics vendors, and technical processors acting under contract.
  • Payment and financial service providers needed to execute authorized transactions.
  • Professional advisers, auditors, or legal authorities where required by law.
  • Successors in a merger, acquisition, financing, or asset transfer scenario.

Data may be transferred outside Ghana where hosting or service providers operate in other jurisdictions. We apply contractual and organizational safeguards to protect transferred data.

We do not sell personal data to third parties.

6. Retention and Security Controls

Account and Profile Records

Active account + legal retention period

Maintained for operational continuity and compliance.

Transaction and Ledger Records

Up to 7 years where required

Retained for audit, tax, and statutory obligations.

Security and Audit Logs

90 days rolling period

Business-level audit logs are retained for 90 days. After 90 days, logs are automatically archived, sent to the merchant owner's registered email, and deleted from the live database.

In-App Notifications

Read notifications retained for 90 days

Read notifications are automatically removed after 90 days. Unread notifications can remain until reviewed, deleted, or required for operational follow-up.

Security measures include role-based access, credential protections, encrypted transport, and internal access controls. No method is fully risk-free, but we continuously improve safeguards and incident response procedures.

7. Your Rights and Choices

Request access to personal data we hold about you.
Request correction of inaccurate or incomplete personal data.
Request deletion of personal data where lawful and appropriate.
Object to or restrict certain processing activities.
Withdraw consent for consent-based processing.
Request information about international data transfers.

We may need to verify identity before fulfilling certain requests. If local law requires, you may also lodge a complaint with the Ghana Data Protection Commission.

Contact and Complaints

Questions about privacy, data requests, or compliance concerns can be sent to our data team. We may update this policy periodically as the platform evolves from Early Access to general launch.

Privacy Contact

privacy@ventryman.com

Regulatory Reference

Ghana Data Protection Commission