Ardent POS

Privacy Policy

Last updated: 27 October 2025

At Mega Web Services, we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Ardent POS software and related services.

1. Legal Framework

This Privacy Policy complies with:

  • • Ghana Data Protection Act, 2012 (Act 843)
  • • General Data Protection Regulation (GDPR) (EU) 2016/679
  • • California Consumer Privacy Act (CCPA)
  • • International data protection best practices

2. Information We Collect

2.1 Personal Information

We collect personal information that you provide directly to us, including:

  • • Name and contact information (email, phone number, address)
  • • Business information (company name, business type, registration details)
  • • Account credentials and authentication information
  • • Payment and billing information (processed securely by third parties)
  • • Customer and transaction data processed through our POS system

2.2 Technical Information

We automatically collect certain technical information, including:

  • • IP address and device information
  • • Browser type and version
  • • Operating system and device identifiers
  • • Usage patterns and analytics data
  • • Cookies and similar tracking technologies

3. How We Use Your Information

We use your information for the following purposes:

Purpose
Legal Basis (GDPR)
Data Type
Service ProvisionContract PerformancePersonal, Business
Account ManagementContract PerformancePersonal, Authentication
Customer SupportLegitimate InterestPersonal, Technical
Security & Fraud PreventionLegitimate InterestTechnical, Transaction
Marketing CommunicationsConsentPersonal, Contact
Legal ComplianceLegal ObligationAll Categories

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating our service

  • Legal Requirements: When required by law or to protect our rights and safety

  • Business Transfers: In connection with mergers, acquisitions, or asset sales

  • Consent: When you have given explicit consent for specific sharing

5. Data Security

We implement comprehensive security measures to protect your data:

  • • End-to-end encryption for data transmission
  • • AES-256 encryption for data at rest
  • • Multi-factor authentication for account access
  • • Regular security audits and penetration testing
  • • Access controls and employee training
  • • Secure data centers with physical security measures

6. Your Rights (GDPR & Ghana Data Protection Act)

Under applicable data protection laws, you have the following rights:

  • Right of Access: Request copies of your personal data

  • Right to Rectification: Correct inaccurate or incomplete data

  • Right to Erasure: Request deletion of your personal data

  • Right to Restrict Processing: Limit how we use your data

  • Right to Data Portability: Receive your data in a structured format

  • Right to Object: Object to processing based on legitimate interests

  • Right to Withdraw Consent: Withdraw consent at any time

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Account Data: Until account closure + 7 years (legal requirement)

  • Transaction Data: 7 years (tax and legal compliance)

  • Marketing Data: Until consent is withdrawn

  • Technical Logs: 2 years (security purposes)

8. International Data Transfers

Your data may be transferred to and processed in countries outside Ghana. We ensure appropriate safeguards are in place, including:

  • • Standard Contractual Clauses (SCCs) approved by the European Commission
  • • Adequacy decisions by relevant data protection authorities
  • • Binding Corporate Rules for intra-group transfers

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. For detailed information, please review our Cookie Policy.

10. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal information from children under 16. If we become aware of such collection, we will take steps to delete the information promptly.

11. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • • Notify the relevant data protection authority within 72 hours
  • • Inform affected individuals without undue delay
  • • Provide details about the breach and measures taken

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of any material changes via email or through our Service. Your continued use after such changes constitutes acceptance of the updated policy.

13. Contact Information

For privacy-related questions or to exercise your rights, contact our Data Protection Officer:

Data Protection Officer

Mega Web Services

Address: 10A Mega Street, Adenta, Accra, Ghana

Phone: +233 302 527 484

Email: privacy@megwebservices.com

Data Protection Authority: Ghana Data Protection Commission

This Privacy Policy is effective as of the date listed above and applies to all users of Ardent POS.