Public storefronts, POS, inventory, reports, and payouts now live in one business OS.
Z ypron
Stores Open App
Legal

Privacy Policy

Effective date: May 1, 2025. This policy explains how Zypron collects, uses, and protects your personal information.

1. Introduction

Zypron ("we", "us", "our") is committed to protecting the privacy of our users. This Privacy Policy describes how we collect, use, disclose, and safeguard personal data in connection with the Zypron platform in accordance with the Ghana Data Protection Act, 2012 (Act 843) and applicable data protection principles.

2. Data Controller

Zypron Technologies acts as the data controller for personal data collected through the Platform. If you have questions about how your data is handled, you may contact our data protection team at privacy@zypron.com.

3. Information We Collect

Account and identity data: When you register, we collect your mobile phone number, name, and optionally your email address and Ghana Card number (used for business identity verification only).

Business data: Information about your business including name, logo, address, Ghana GPS coordinates, TIN, business registration number, and business description.

Transactional data: Sales records, purchase records, expense records, inventory data, invoices, orders, and payment references processed through the Platform.

Customer data you enter: Names, phone numbers, and email addresses of your customers that you voluntarily enter into the Platform (e.g., when recording a sale or creating an invoice). You are responsible for ensuring you have the lawful basis to submit third-party personal data.

Payment data: We do not store full payment card details. Mobile money transactions are processed by Hubtel. We store transaction references, amounts, and status for your records.

Device and usage data: IP addresses, browser type, device identifiers, push notification tokens, and in-app activity logs for security, analytics, and service improvement purposes.

Communication data: Records of SMS and WhatsApp messages sent via the Platform for operational purposes (e.g., OTP delivery, order notifications).

4. How We Use Your Information

We use your personal data to: (a) create and manage your account; (b) provide, operate, and improve the Platform; (c) process payments and reconcile transactions; (d) send OTP codes, security alerts, and transactional notifications; (e) enforce our Terms of Service; (f) comply with legal and regulatory obligations; (g) generate anonymized, aggregated analytics about Platform usage; and (h) communicate updates, new features, or promotional information where you have consented.

5. Legal Basis for Processing

We process your personal data on the following legal bases: Contractual necessity — processing required to provide the Service under our Terms; Legitimate interests — security monitoring, fraud prevention, and service improvement; Legal obligation — compliance with Ghanaian laws including tax and financial regulations; and Consent — for marketing communications and optional features.

6. Sharing of Personal Data

We do not sell your personal data. We may share data with: (a) Payment processors (Hubtel) to facilitate transactions; (b) SMS providers (mNotify) to deliver OTP codes and notifications; (c) WhatsApp Business API (Meta) for messaging features you explicitly enable; (d) AI service providers (OpenAI) for AI-powered features, where data is transmitted under appropriate data processing agreements; (e) Legal and regulatory authorities when required by law, court order, or government regulation; and (f) Service continuity partners in the event of a merger, acquisition, or asset sale, with advance notice to users.

All third-party service providers are required to process your data only on our instructions and in accordance with applicable data protection laws.

7. Data Retention

We retain your personal data for as long as your account is active or as necessary to provide the Service. Following account termination, we retain data for 90 days to facilitate data export requests, then delete it unless legal obligations require longer retention. Financial and transactional records may be retained for up to 7 years in accordance with Ghanaian tax and accounting regulations.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or destruction. These include password-hashed session authentication, OTP-based login (no passwords stored), HTTPS encryption in transit, and access controls limiting data access to authorized personnel only. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but commit to prompt notification in the event of a data breach affecting your data.

9. Cookies and Local Storage

The Platform uses session cookies strictly necessary for authentication and security. We do not use third-party advertising cookies. We use browser push notification tokens (stored with your consent) to deliver in-app and push notifications. You can revoke push notification permission at any time through your browser or device settings.

10. Your Rights

Under the Ghana Data Protection Act and applicable law, you have the right to: (a) Access the personal data we hold about you; (b) Correct inaccurate or incomplete data; (c) Delete your personal data ("right to be forgotten"), subject to legal retention requirements; (d) Restrict or object to certain processing activities; (e) Data portability — receive your data in a structured, machine-readable format; and (f) Withdraw consent at any time for consent-based processing.

To exercise any of these rights, contact us at privacy@zypron.com. We will respond within 30 days.

11. Children's Privacy

The Platform is not intended for use by persons under the age of 18. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a minor, please contact us immediately and we will delete it promptly.

12. International Data Transfers

Some of our third-party service providers (including OpenAI and Meta) operate outside Ghana. When we transfer personal data internationally, we ensure appropriate safeguards are in place — including standard contractual clauses and data processing agreements — to maintain protection equivalent to Ghanaian data protection standards.

13. Changes to This Policy

We may update this Privacy Policy periodically. We will notify registered users via SMS or in-app notification at least 14 days before material changes take effect. We encourage you to review this policy regularly.

14. Contact Us

For privacy inquiries, data access requests, or to raise a concern:

Data Protection Officer — Zypron Technologies
Email: privacy@zypron.com
Platform: https://zypron.com

You also have the right to lodge a complaint with the Ghana Data Protection Commission if you believe your data protection rights have been violated.