Our Location
Dansoman Shell Filling Station Control, Opposite Noble House Restaurant
Privacy Policy
Last Updated: May 7, 2025
1. Introduction and Scope
This Privacy Policy (“Policy”) outlines the principles and practices of Ikarao Ghana Ltd (“ikaraoghana.com,” “we,” “us,” or “our”) concerning the collection, use, processing, disclosure, and protection of Personal Data of individuals (“you,” “your,” “User,” “Data Subject”) who visit, access, or use our e-commerce platform located at www.ikaraoghana.com (the “Website”) and purchase Ikarao electronic products or related services (collectively, the “Services”).
We are committed to protecting your privacy and ensuring that your Personal Data is handled in a safe, secure, and responsible manner, in compliance with the Data Protection Act, 2012 (Act 843) of Ghana and other applicable data protection laws and regulations.
This Policy applies to all Personal Data processed by ikaraoghana.com, whether collected online through our Website, or through other interactions you may have with us. By accessing or using our Services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with any part of this Policy, you must not use our Website or Services.
2. Definitions
For the purposes of this Policy, the following terms shall have the meanings ascribed to them below:
“Personal Data”: Any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This includes but is not limited to information you provide to us when you create an account, place an order, or contact customer support.
“Processing”: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Data Controller”: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data. For the purpose of this Policy, Ikarao Ghana Ltd is the Data Controller.
“Data Processor”: A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller. This may include third-party service providers such as payment gateways and logistics partners.
“Data Subject”: An identified or identifiable natural person to whom Personal Data relates.
“Consent”: Any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the Processing of Personal Data relating to him or her.
“Cookies”: Small text files stored on your device (computer, tablet, mobile phone) when you visit certain websites.
“Website”: The e-commerce platform www.ikaraoghana.com.
“WooCommerce”: The e-commerce platform software upon which our Website is built.
3. Data Controller Information
The Data Controller responsible for your Personal Data is:
Ikarao Ghana Ltd
Dansoman Shell Filling Station Control, Opposite Noble House Restaurant, Accra, Ghana
Company Registration Number: CS011540125
Email: info@ikaraoghana.com
Phone: +233 (256) 064 478
4. Principles of Data Processing
We adhere to the following principles when processing your Personal Data, as mandated by the Data Protection Act, 2012 (Act 843):
Lawfulness, Fairness, and Transparency: We process Personal Data lawfully, fairly, and in a transparent manner in relation to the Data Subject.
Purpose Limitation: We collect Personal Data for specified, explicit, and legitimate purposes and do not further process it in a manner that is incompatible with those purposes.
Data Minimisation: We ensure that Personal Data collected is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
Accuracy: We take reasonable steps to ensure that Personal Data is accurate and, where necessary, kept up to date. Inaccurate data will be rectified or erased without delay.
Storage Limitation: We keep Personal Data in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the Personal Data is processed.
Integrity and Confidentiality (Security): We process Personal Data in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical and organisational measures.
Accountability: We are responsible for, and able to demonstrate compliance with, these principles.
5. Personal Data We Collect
We may collect and process the following categories of Personal Data about you:
Identity Data: Includes first name, last name, username or similar identifier, title, date of birth, and gender.
Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
Financial Data: Includes payment card details (processed securely through our third-party payment gateway, Paystack), bank account information for refunds. We do not store full payment card details on our servers.
Transaction Data: Includes details about payments to and from you, and other details of products and services you have purchased from us.
Technical Data: Includes Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this Website.
Profile Data: Includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
Usage Data: Includes information about how you use our Website, products, and services, including browsing history, search queries, and pages viewed.
Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Location Data: We may collect information about your location if you provide it or if it can be inferred from your IP address or device settings, to provide relevant services such as local delivery options.
We collect Personal Data in the following ways:
Direct Interactions: You may give us your Identity, Contact, Financial, and Profile Data by filling in forms on our Website, creating an account, placing an order, subscribing to our newsletter, requesting marketing materials, entering a competition or promotion, providing feedback, or corresponding with us by post, phone, email or otherwise.
Automated Technologies or Interactions: As you interact with our Website, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this Personal Data by using cookies, server logs, and other similar technologies.
Third Parties or Publicly Available Sources: We may receive Personal Data about you from various third parties and public sources such as: Technical Data from analytics providers (e.g., Google Analytics).
Contact, Financial, and Transaction Data from providers of technical, payment (e.g., Paystack), and delivery services (local delivery services used by Ikarao Ghana Ltd).
Identity and Contact Data from data brokers or aggregators.
Identity and Contact Data from publicly available sources.
6. Lawful Basis for Processing Personal Data
We will only process your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances, in accordance with Act 843:
Consent: Where you have given clear consent for us to process your Personal Data for a specific purpose (e.g., subscribing to marketing communications).
Contractual Necessity: Where the processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract (e.g., to process and deliver your order).
Legal Obligation: Where the processing is necessary for compliance with a legal obligation to which we are subject (e.g., for tax purposes, fraud prevention).
Legitimate Interests: Where the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your fundamental rights and freedoms which require protection of Personal Data. Our legitimate interests include operating our e-commerce business, improving our services, ensuring the security of our Website, and marketing our products.
Vital Interests: Where the processing is necessary to protect your vital interests or those of another natural person.
Public Interest/Official Authority: Where the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.
7. How We Use Your Personal Data
We use your Personal Data for the following purposes, based on the lawful bases outlined above:
To Register You as a New Customer: (Contractual Necessity)
To Process and Deliver Your Orders: This includes managing payments, fees, and charges through Paystack, and collecting and recovering money owed to us. (Contractual Necessity, Legitimate Interests for debt recovery)
To Manage Our Relationship With You: This includes notifying you about changes to our terms or privacy policy, and asking you to leave a review or take a survey. (Contractual Necessity, Legal Obligation, Legitimate Interests)
To Enable You to Participate in Promotions, Competitions, and Surveys: (Contractual Necessity, Legitimate Interests)
To Administer and Protect Our Business and This Website: This includes troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data. (Legal Obligation, Legitimate Interests)
To Deliver Relevant Website Content and Advertisements to You: And measure or understand the effectiveness of the advertising we serve to you. (Legitimate Interests, Consent for certain types of advertising)
To Use Data Analytics to Improve Our Website, Products/Services, Marketing, Customer Relationships, and Experiences: (Legitimate Interests)
To Make Suggestions and Recommendations to You: About goods or services that may be of interest to you. (Legitimate Interests, Consent for direct marketing)
To Comply With Legal and Regulatory Obligations: Including fraud prevention and detection. (Legal Obligation)
To Respond to Your Enquiries and Provide Customer Support: (Contractual Necessity, Legitimate Interests)
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
8. Data Sharing and Disclosure
We do not sell, rent, or trade your Personal Data to third parties for their marketing purposes without your explicit consent. However, we may share your Personal Data with the following categories of recipients for the purposes set out in this Policy:
Service Providers: We engage third-party companies and individuals to perform services on our behalf, such as payment processing (e.g., Paystack), order fulfilment and logistics (local delivery services used by Ikarao Ghana Ltd), website hosting, data analysis, IT services, customer service, email delivery, and marketing assistance. These service providers act as Data Processors and are contractually bound to protect your Personal Data and only process it in accordance with our instructions.
WooCommerce Platform: Our store is hosted on WooCommerce. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data may be stored through WooCommerce’s data storage, databases, and the general WooCommerce application. They store your data on a secure server behind a firewall. You should review WooCommerce’s privacy policy for more information on their data handling practices.
Professional Advisers: Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services, where necessary for our legitimate interests or legal compliance.
Regulatory and Governmental Authorities: We may disclose Personal Data to law enforcement agencies, courts, regulators, government authorities, or other third parties where we are legally required to do so, or where it is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.
Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your Personal Data may be transferred as part of the transaction. We will notify you via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Data, as well as any choices you may have regarding your Personal Data.
With Your Consent: We may disclose your Personal Data to other third parties with your prior consent.
International Data Transfers:
Some of our external third parties (e.g., cloud service providers, analytics providers, Paystack) may be based outside of Ghana or process data internationally. If we transfer your Personal Data out of Ghana, or if it is processed by such third parties internationally, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the Data Protection Commission of Ghana.
Where we use certain service providers, we may use specific contracts approved by the Data Protection Commission of Ghana which give Personal Data the same protection it has in Ghana.
Where we use providers based in the US, we may transfer data to them if they are part of a framework that requires them to provide similar protection to personal data shared between Europe and the US (e.g., the EU-U.S. Data Privacy Framework, if applicable and recognized by Ghana).
Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data out of Ghana.
9. Data Security
We have implemented appropriate technical and organisational security measures designed to protect your Personal Data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include, but are not limited to:
Encryption: Use of Secure Socket Layer (SSL) technology to encrypt Personal Data during transmission.
Access Controls: Limiting access to Personal Data to authorised personnel who have a legitimate business need to access it.
Firewalls and Intrusion Detection Systems: To protect our network and systems from unauthorised access.
Regular Security Assessments: And updates to our security practices.
Data Minimisation: Collecting and retaining only necessary Personal Data.
Staff Training: On data protection and security best practices.
Incident Response Plan: To address any potential data breaches in a timely and effective manner.
While we strive to use commercially acceptable means to protect your Personal Data, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the Data Protection Commission of Ghana without undue delay, in accordance with applicable law.
10. Data Retention
We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for Personal Data, we consider:
The amount, nature, and sensitivity of the Personal Data.
The potential risk of harm from unauthorised use or disclosure of your Personal Data.
The purposes for which we process your Personal Data and whether we can achieve those purposes through other means.
The applicable legal, regulatory, tax, accounting or other requirements.
For example, order information (Transaction Data) will typically be retained for a period of 6 years after the transaction for tax and accounting purposes. Account information may be retained for as long as the account is active and for a reasonable period thereafter to allow for reactivation or to resolve disputes.
When Personal Data is no longer required, we will securely destroy or anonymise it in accordance with our data retention policies and applicable laws.
11. Your Legal Rights (Data Subject Rights)
Under the Data Protection Act, 2012 (Act 843) and other applicable data protection laws, you have certain rights regarding your Personal Data. These rights include:
Right to Information: The right to be informed about the processing of your Personal Data.
Right of Access: The right to request access to the Personal Data we hold about you and to receive a copy of it.
Right to Rectification: The right to request correction of inaccurate or incomplete Personal Data we hold about you.
Right to Erasure (‘Right to be Forgotten’): The right to request the deletion or removal of your Personal Data where there is no compelling reason for its continued processing, subject to certain legal exceptions.
Right to Restrict Processing: The right to request the restriction or suppression of your Personal Data in certain circumstances.
Right to Data Portability: The right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where processing is based on consent or contract and carried out by automated means.
Right to Object: The right to object to the processing of your Personal Data in certain circumstances, including processing for direct marketing purposes or processing based on legitimate interests.
Rights Related to Automated Decision-Making and Profiling: The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except under certain conditions.
Right to Withdraw Consent: Where we rely on your consent as the legal basis for processing your Personal Data, you have the right to withdraw your consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
Right to Lodge a Complaint: You have the right to lodge a complaint with the Data Protection Commission of Ghana if you believe that our processing of your Personal Data infringes applicable data protection laws.
Data Protection Commission of Ghana
Address: East Legon, Paw Paw Street, Accra, Ghana
Postal Address: P.O. Box CT7195, Cantonments, Accra-Ghana
Email: info@dataprotection.org.gh
Phone: +233 (0)30 222 2929 / +233 256 301 533
Website: www.dataprotection.org.gh
It is advisable to check the official DPC Ghana website (www.dataprotection.org.gh) for the most up-to-date contact information.
To exercise any of these rights, please contact us using the details provided in Section 16 (Contact Us). We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
There is generally no fee to access your Personal Data or exercise other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
12. Cookies and Tracking Technologies
Our Website uses cookies and similar tracking technologies (such as web beacons and pixels) to distinguish you from other users, to provide a better browsing experience, to improve our Website, and for advertising purposes.
What are Cookies?
Cookies are small text files that are placed on your computer or mobile device by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Types of Cookies We Use:
Strictly Necessary Cookies: These are essential for you to browse the Website and use its features, such as accessing secure areas of the site and making purchases. Without these cookies, services like shopping carts cannot be provided.
Performance/Analytical Cookies: These cookies collect information about how you use our Website, for instance, which pages you go to most often, and if you get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how the Website works.
Functionality Cookies: These cookies allow the Website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For instance, these cookies can be used to remember changes you have made to text size, fonts, and other parts of web pages that you can customise.
Targeting/Advertising Cookies: These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers.
Managing Cookies:
Most web browsers allow some control of most cookies through the browser settings. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this Website may become inaccessible or not function properly.
For more detailed information about the cookies we use and the purposes for which we use them, please see our [Link to Cookie Policy, if separate, otherwise detail more here, or remove this sentence if cookies are sufficiently detailed above].
13. Third-Party Links
Our Website may include links to third-party websites, plug-ins, and applications (e.g., social media buttons, Paystack payment gateway). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements or practices. When you leave our Website, we encourage you to read the privacy policy of every website you visit.
14. Children’s Privacy
Our Website and Services are not intended for use by children under the age of 18 (“Child” or “Children”). We do not knowingly collect Personal Data from Children. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us immediately. If we become aware that we have collected Personal Data from Children without verification of parental consent, we will take steps to remove that information from our servers.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top of this Policy. In some cases, we may provide more prominent notice (such as adding a statement to our homepage or sending you a notification).
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your Personal Data. Your continued use of the Website or Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.
16. Contact Us
If you have any questions, concerns, or complaints about this Privacy Policy, our data handling practices, or if you wish to exercise any of your legal rights, please contact our Data Protection Officer (or designated privacy contact) at:
Ikarao Ghana Ltd
Attn: Data Protection Officer
Dansoman Shell Filling Station Control, Opposite Noble House Restaurant, Accra, Ghana
Email: info@ikaraoghana.com
Phone: +233 (256) 064 478
Please provide sufficient detail in your correspondence to enable us to effectively address your query or concern.
17. Governing Law and Jurisdiction
This Privacy Policy and any disputes arising out of or related to it shall be governed by and construed in accordance with the laws of the Republic of Ghana, without regard to its conflict of law provisions.
You agree that any legal action or proceeding arising out of or related to this Privacy Policy shall be brought exclusively in the competent courts located in Accra, Ghana.
End of Privacy Policyour Attractive Heading