Secure by Default
Transport and storage protections
Transparent Use
Clear processing and purpose limits
No Data Selling
No sale of personal information
Act 843 Aligned
Ghana data law focused controls
1. Scope and Data Controller
Ventrix Inc. ("Ventrix", "we", "us", or "our") is the data controller for personal data processed through our inventory and point-of-sale platform.
This Policy applies to users, merchants, staff members, website visitors, and other persons whose personal data is processed when using Ventrix services.
We design this policy to align with the Ghana Data Protection Act, 2012 (Act 843), while supporting practical obligations for Early Access operations.
2. Categories of Data We Collect
Identity and Account Data
Name, email, phone, role, authentication metadata, and verification details.
Source: Directly from you during sign-up and account administration.
Business and Transaction Data
Store profiles, product catalogs, sales records, inventory movement, and user activity logs.
Source: Generated through your use of the platform.
Device and Technical Data
IP address, browser type, operating system, device identifiers, and session diagnostics.
Source: Collected automatically through security and analytics tools.
Support and Communication Data
Support tickets, chat/email exchanges, onboarding feedback, and issue reports.
Source: Provided when you contact us or participate in research.
3. How We Use Data and Our Legal Bases
Service delivery
Legal basis: Contract necessity
Create accounts, process business records, and enable core platform workflows.
Security and fraud prevention
Legal basis: Legitimate interests and legal obligations
Protect users, detect abuse, and maintain system integrity.
Support and communication
Legal basis: Contract necessity and legitimate interests
Respond to issues, service notices, and account-related requests.
Compliance and audit
Legal basis: Legal obligation
Meet applicable legal, regulatory, and financial record requirements.
4. Early Access Monitoring and Product Research
During Early Access, we process additional technical diagnostics and usage telemetry to identify bugs, improve reliability, and validate new features.
This may include workflow timestamps, error events, device performance metrics, and interactions with beta functionality. We use this data for service quality and product development, not for selling personal information.
Where required by law, we obtain consent for optional analytics or communication preferences. You can opt out of non-essential communications at any time.
6. Retention and Security Controls
Account and Profile Records
Active account + legal retention period
Maintained for operational continuity and compliance.
Transaction and Ledger Records
Up to 7 years where required
Retained for audit, tax, and statutory obligations.
Security and Audit Logs
90 days rolling period
Business-level audit logs are retained for 90 days. After 90 days, logs are automatically archived, sent to the merchant owner's registered email, and deleted from the live database.
In-App Notifications
Read notifications retained for 90 days
Read notifications are automatically removed after 90 days. Unread notifications can remain until reviewed, deleted, or required for operational follow-up.
Security measures include role-based access, credential protections, encrypted transport, and internal access controls. No method is fully risk-free, but we continuously improve safeguards and incident response procedures.
7. Your Rights and Choices
We may need to verify identity before fulfilling certain requests. If local law requires, you may also lodge a complaint with the Ghana Data Protection Commission.
Contact and Complaints
Questions about privacy, data requests, or compliance concerns can be sent to our data team. We may update this policy periodically as the platform evolves from Early Access to general launch.
Privacy Contact
privacy@ventryman.com
Regulatory Reference
Ghana Data Protection Commission