Privacy Policy

The data controller responsible for your personal data is Predly, contactable at dev.thearchibold@gmail.com. We are based in Accra, Ghana.

We collect the following categories of personal data:

2.1 Account & identity data

• Full name, email address and password (managed through our authentication provider, Clerk).
• Mobile phone number (in +233 format) used for account verification and Mobile Money payments.
• Profile photo, where you choose to upload one.
• For importers: business name, business description, business category, slug, and a unique importer profile.

2.2 Verification & KYC data (importers)

• Government-issued ID images (national ID, passport, or driver's licence).
• Proof of business registration where applicable.
• Verification status and verification timestamps.
• Bank account or Mobile Money payout details (collected at payout setup, not at signup).

2.3 Transaction & order data

• Orders, cart contents, ordering window participation, custom requests, quotes accepted.
• Delivery addresses (street address, region, postal code, contact phone number for delivery).
• Mobile Money transaction references, payment status, escrow status, payout history.
• Tracking information uploaded by importers (carrier, tracking numbers, shipment photos).
• Reviews and ratings you submit.
• Dispute filings, including photos, descriptions and the resolution outcome.

2.4 Communications

• Messages exchanged in our in-app chat between customer and importer, including any attached images.
• System messages automatically posted by the platform (e.g. quote sent, order shipped).
• Emails we send you and your replies to support requests.
• Push notification tokens (managed by OneSignal) where you opt in to push notifications.

2.5 Device, log & analytics data

• IP address, device type, operating system, browser type and language.
• Pages viewed, referrer URLs, click events and approximate session duration.
• Cookies and similar technologies used to keep you signed in and remember your preferences.

We do not intentionally collect special-category personal data (such as biometric data, health data, religious beliefs or political opinions). Please do not upload such data in your messages, reviews or dispute attachments.

We process personal data for the following purposes and legal bases:

• Operating the marketplace — creating your account, showing you ordering windows, processing orders, holding payments in escrow, releasing funds and issuing refunds. (Performance of a contract.)
• Verification & trust — verifying importer identity and business legitimacy to protect customers. (Legitimate interest; consent for KYC documents.)
• Payments & payouts — sharing the minimum information required with Mobile Money providers and our banking partners to take payment and pay importers. (Performance of a contract; legal obligation.)
• Dispute resolution — reviewing dispute submissions, accessing the relevant customer-importer chat history and resolving the dispute within our 48-hour SLA. (Performance of a contract; legitimate interest.)
• Customer support — responding to your questions and resolving issues. (Legitimate interest.)
• Communications — sending you transactional emails (order confirmation, shipment status, dispute updates) and, with your consent, push notifications or marketing.
• Trust & safety, fraud prevention — detecting suspicious activity, abusive behaviour, and Anti-Money-Laundering monitoring as required by Ghanaian law. (Legitimate interest; legal obligation.)
• Service improvement — analysing aggregated usage to improve features, performance and reliability. (Legitimate interest.)
• Legal compliance — complying with court orders, regulator requests and obligations under Ghanaian law, including reporting suspicious transactions to the Financial Intelligence Centre. (Legal obligation.)

We do not sell your personal data. We do not use your data for automated decision-making that has a legal or similarly significant effect on you.

We share personal data only with the parties below, only for the purposes described, and only to the extent necessary:

• Other Predly users. Your public profile information is visible to other users: for customers this includes the first name and public reviews you post; for importers this includes business name, photo, verification badge, average rating, fulfilled deliveries and catalog. When you place an order, the relevant importer (and vice versa) sees the order details, delivery address and chat thread needed to fulfil the order.
• Mobile Money providers — MTN MoMo, Vodafone Cash, AirtelTigo Money and any other licensed providers, for processing payments and payouts.
• Service providers who help us run the Service, including Clerk (authentication), our cloud hosting and database providers, our transactional email provider, OneSignal (push notifications), and image and file storage providers. Each is bound to confidentiality and only processes data on our instructions.
• Shipping & logistics partnersreferenced in tracking information (e.g. DHL, FedEx, local couriers).
• Professional advisors (lawyers, accountants, insurers) under confidentiality obligations.
• Authorities where we are legally required to do so, including the Data Protection Commission of Ghana, the Bank of Ghana, the Financial Intelligence Centre, the Ghana Revenue Authority, courts, and law enforcement agencies.
• Successors in the event of a merger, acquisition or asset sale. We will notify you before your data is transferred and becomes subject to a different privacy policy.

Some of our service providers (such as our hosting, authentication and notification providers) store and process data outside Ghana. Where we transfer personal data internationally, we do so in line with section 47 of the Data Protection Act, 2012, and we use providers that apply industry- standard safeguards, including encryption in transit and at rest and contractual data-protection commitments.

We keep personal data only as long as needed for the purposes set out in this Policy, after which it is deleted or anonymised:

• Account data: while your account is active, and for up to 12 months after you close it, unless we must keep it longer for legal or accounting reasons.
• Transaction & financial records: at least 6 years after the transaction date, as required by Ghanaian tax and AML law.
• KYC documents: 6 years after the importer relationship ends.
• Chat messages: while both parties have active accounts; threads tied to disputed orders are retained for at least 3 years after resolution for audit purposes.
• Marketing communications consent: until you withdraw consent.
• Logs & analytics: typically up to 24 months.

Under the Data Protection Act, 2012 (Act 843), you have the following rights in relation to your personal data:

• Access — request a copy of the personal data we hold about you.
• Correction — ask us to correct inaccurate or incomplete data.
• Deletion — ask us to delete data we no longer have a lawful basis to keep.
• Objection — object to processing based on our legitimate interests.
• Restriction — ask us to limit processing while we look into a concern.
• Withdraw consent — where we rely on your consent (e.g. marketing emails, push notifications), you can withdraw it at any time without affecting prior processing.
• Complain — to the Data Protection Commission of Ghana at www.dataprotection.org.gh.

To exercise any of these rights, email us at dev.thearchibold@gmail.com. We will respond within 30 days. We may ask you to verify your identity before we act on a request. Some data (such as completed-transaction records) cannot be deleted while we are still legally required to keep it.

We use a small number of strictly necessary cookies to keep you signed in, remember your cart and protect against abuse. We also use limited analytics cookies to understand which features people use. You can clear or block cookies in your browser settings — note that doing so may prevent you from staying signed in or placing orders.

We protect personal data with encryption in transit (TLS) and at rest, access controls, daily backups, separation of customer and importer data, and regular monitoring. No system is perfectly secure; if a breach affects your data, we will notify you and the Data Protection Commission as required by law.

You are responsible for keeping your account credentials secret. Please tell us immediately if you suspect your account has been accessed by someone else.

The Service is not directed at people under 18. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with data, contact us and we will delete it.

Predly offers a WhatsApp deep link as a fallback contact method between customers and importers. Conversations that happen on WhatsApp are not visible to Predly, are governed by WhatsApp's Privacy Policy, and are not covered by our dispute protection. Use our in-app chat for anything you may need to evidence later.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through an in-app notice at least 14 days before the new version takes effect. The "Last updated" date at the top of this page always reflects the most recent version.

Questions, requests or complaints about this Privacy Policy or your personal data? Reach us at dev.thearchibold@gmail.com.

See also our Terms & Conditions.