OrdisOrdis

Privacy Policy

Last updated: February 2026

1. Introduction

Ordis (“we”, “our”, or “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at ordis.io and related services (the “Service”).

We comply with the Ghana Data Protection Act, 2012 (Act 843) and are registered with the Data Protection Commission (DPC).

2. Information We Collect

2.1 Information You Provide

  • Account information: name, email address, phone number, company name, and business registration details.
  • Business profile: industry, number of employees, operational activities, and other details needed for compliance analysis.
  • Communications: messages you send us via email, contact forms, or support channels.

2.2 Information Collected Automatically

  • Usage data: pages visited, features used, actions taken within the platform, and timestamps.
  • Device information: browser type, operating system, IP address, and device identifiers.
  • Cookies and similar technologies: we use essential cookies for authentication and session management.

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Service.
  • Generate personalized compliance analyses and task recommendations.
  • Send you compliance deadline reminders and regulatory updates.
  • Process billing and manage your subscription.
  • Respond to your inquiries and provide support.
  • Detect and prevent fraud, abuse, and security threats.
  • Improve our AI models and service quality (using aggregated, de-identified data).

4. Legal Basis for Processing

We process your personal data on the following bases:

  • Contractual necessity: to perform our obligations under your service agreement.
  • Consent: where you have given explicit consent (e.g., marketing communications).
  • Legitimate interest: to improve our services and ensure security.
  • Legal obligation: to comply with applicable laws and regulations.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Service providers: trusted third-party vendors who assist in hosting, analytics, and payment processing, bound by confidentiality agreements.
  • Legal requirements: when required by law, court order, or government authority.
  • Business transfers: in connection with a merger, acquisition, or sale of assets (with prior notice).

6. Data Security

We implement industry-standard security measures including:

  • 256-bit TLS encryption for data in transit.
  • AES-256 encryption for data at rest.
  • Role-based access controls with audit logging.
  • Regular security assessments and vulnerability testing.

No method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Upon account deletion, we will remove your personal data within 30 days, except where retention is required by law.

8. Your Rights

Under the Ghana Data Protection Act, 2012 (Act 843), you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your personal data.
  • Object to or restrict certain processing activities.
  • Withdraw consent at any time.

To exercise these rights, contact us at ordis@sinerd.com.

9. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies. You can control cookie settings through your browser preferences.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal data from children.

11. International Transfers

Your data is primarily stored and processed in Ghana. If data is transferred internationally (e.g., for cloud hosting), we ensure appropriate safeguards are in place in accordance with Act 843.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a prominent notice on the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us: