LEGAL

Privacy Policy

How SecureCore Consult collects, uses, stores, protects, and retains your personal information.

SecureCore Consult

Last Updated: 22 May 2026

1. Introduction

SecureCore Consult respects your privacy and is committed to protecting the personal information you share with us through our website, contact forms, quotation forms, service enquiry channels, and client engagement processes.

This Privacy Policy explains how SecureCore Consult collects, uses, stores, protects, shares, and retains personal information when you visit our website, request a quotation, contact us, or engage us for cybersecurity, IT audit, information security governance, compliance, infrastructure, datacenter, or ISO certification-related services.

This policy applies to personal data processed through securecoreconsult.net and related official communication channels of SecureCore Consult.

2. Data Controller

For the purposes of applicable data protection laws, including Ghana's Data Protection Act, 2012 (Act 843), SecureCore Consult is the data controller responsible for personal data collected through this website and related business enquiries.

SecureCore Consult Accra, Ghana Email: sales@securecoreconsult.info Phone/WhatsApp: +233 (53) 422 4625

3. Personal Information We Collect

We may collect personal information that you voluntarily provide when you contact us, request a quotation, complete a website form, subscribe to updates, or engage us for services.

This may include:

  • Full name
  • Organization or company name
  • Job title or role, where provided
  • Email address
  • Phone number
  • Country or location
  • Service of interest
  • Message, enquiry, project details, or requirements
  • Organization size
  • Number of employees
  • Number of locations within scope
  • Scope of service requested
  • Estimated budget or service calculator inputs
  • How you heard about us
  • Any documents, screenshots, or files you submit to support your enquiry or engagement

During client engagements, we may also process business, technical, audit, compliance, infrastructure, security, and governance information necessary to deliver our services.

4. Technical and Website Usage Data

When you visit our website, we may automatically collect limited technical data required for the website to operate securely and effectively. This may include:

  • IP address
  • Browser type and version
  • Device type
  • Pages visited
  • Date and time of access
  • General website usage information
  • Basic security logs
  • Error logs or performance logs

This information helps us maintain website security, troubleshoot issues, improve website performance, and understand how visitors interact with our services.

5. How We Use Your Information

We collect and process personal information for legitimate business, contractual, legal, and consent-based purposes, including to:

  • Respond to enquiries and messages
  • Prepare tailored quotations and proposals
  • Contact you about requested services
  • Understand your organization's needs and scope
  • Provide cybersecurity, IT audit, compliance, ISO, infrastructure, datacenter, and advisory services
  • Conduct service planning, scoping, scheduling, and engagement coordination
  • Support ISO certification audit coordination, where applicable
  • Maintain client records and engagement documentation
  • Improve our website, service delivery, reporting, and client experience
  • Send service-related communications
  • Comply with legal, regulatory, contractual, and professional obligations
  • Protect the security, integrity, and availability of our website and systems
  • Prevent fraud, misuse, unauthorized access, or unlawful activity

We do not sell your personal data.

6. Legal Basis for Processing

We process personal data only where there is a lawful basis to do so. Depending on the circumstances, our legal basis may include:

Consent: where you voluntarily submit information through our forms or agree to receive communications from us.

Contractual necessity: where processing is needed to prepare a quotation, proposal, engagement letter, or deliver services.

Legitimate business interest: where processing is necessary to respond to enquiries, improve our services, secure our systems, manage client relationships, and operate our business.

Legal or regulatory obligation: where processing is required to comply with applicable laws, professional obligations, audit requirements, or regulatory expectations.

We use quotation and calculator data to understand your requirements, prepare proposals, improve our pricing models, and respond to your request.

8. Client Engagement and Confidential Information

As a cybersecurity, IT audit, compliance, and advisory firm, we may receive confidential business, technical, operational, financial, infrastructure, security, audit, or regulatory information from clients.

We treat client information with strict confidentiality and use it only for the purpose of delivering the agreed services. Where applicable, confidentiality obligations may also be governed by a separate engagement letter, non-disclosure agreement, proposal, statement of work, or contract.

Client engagement data may include:

  • Policies, procedures, and governance documents
  • Risk registers and audit evidence
  • Security architecture information
  • Infrastructure and datacenter information
  • Application and system information
  • Compliance documentation
  • Incident, vulnerability, or control information
  • Employee or user information provided for audit or assessment purposes
  • ISO certification audit evidence and related records

9. ISO Certification Audit Partnership Data

For ISO certification audit services delivered through our partnership with Royal Impact Certification Limited or other approved certification partners, we may share relevant client and engagement information necessary for audit planning, Stage 1 audit, Stage 2 audit, surveillance audit, recertification audit, nonconformity review, certificate issuance coordination, and certification-related administration.

Information shared for this purpose will be limited to what is necessary for the certification audit process and will be handled under applicable confidentiality, contractual, and data protection obligations.

10. Sharing of Personal Information

We may share personal data only where necessary and appropriate. This may include sharing information with:

  • Authorized SecureCore Consult personnel and consultants
  • Approved service providers supporting website hosting, email, forms, cloud storage, analytics, security, or business operations
  • Certification partners, where relevant to ISO certification audit engagements
  • Professional advisers, auditors, legal advisers, or insurers
  • Regulators, law enforcement, courts, or public authorities where legally required
  • Client-approved third parties involved in an engagement

We do not share personal information with third parties for their independent marketing purposes.

11. Third-Party Service Providers

We may use trusted third-party service providers to host our website, manage forms, deliver emails, store business records, process communications, provide cybersecurity tools, or support our operations.

Where third-party providers process personal data on our behalf, we require them to protect the information, use it only for authorized purposes, and apply appropriate technical and organizational safeguards.

12. International Data Transfers

SecureCore Consult serves clients in Ghana, Nigeria, Kenya, and other jurisdictions. Where necessary, personal data may be transferred, accessed, or processed outside Ghana for service delivery, cloud hosting, certification audit coordination, or business operations.

Where international transfers are required, we will take reasonable steps to ensure that personal data is protected using appropriate safeguards, contractual obligations, confidentiality commitments, and security controls.

13. Cookies and Tracking Technologies

Our website may use essential cookies or similar technologies required for the website to function properly, maintain security, remember basic preferences, and improve user experience.

At present, we do not use advertising cookies, third-party behavioral profiling cookies, or tracking technologies for targeted advertising.

If we introduce analytics, marketing cookies, or third-party tracking tools in the future, we will update this Privacy Policy and, where required, provide appropriate notice or consent options.

14. Data Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, disclosure, or destruction.

These measures may include:

  • Access control and role-based restrictions
  • Encryption where appropriate
  • Secure hosting and system configuration
  • Strong authentication practices
  • Confidentiality obligations for personnel and consultants
  • Secure file handling and storage procedures
  • Regular review of security controls
  • Backup, recovery, and availability controls
  • Monitoring and logging of relevant systems
  • Secure disposal or deletion of data no longer required

Although we take reasonable steps to protect personal data, no website, system, or internet transmission is completely secure. You are encouraged to avoid submitting highly sensitive information through website forms unless specifically requested through a secure channel.

15. Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, meet legal and regulatory obligations, resolve disputes, enforce agreements, and maintain appropriate business records.

As a general guide:

Contact form and general enquiry data may be retained for up to 2 years from the date of submission.

Quotation and proposal records may be retained for up to 3 years, unless they become part of a client engagement.

Client engagement, audit, compliance, ISO certification, and contractual records may be retained for a longer period based on legal, professional, regulatory, contractual, or certification requirements.

Website security logs may be retained for a limited period necessary for monitoring, investigation, and security purposes.

When personal data is no longer required, we will securely delete, archive, anonymize, or dispose of it in accordance with our retention and disposal procedures.

16. Your Data Protection Rights

Subject to applicable law, you may have the right to:

  • Request access to your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion of data where there is no lawful reason for continued retention
  • Object to certain processing activities
  • Request restriction of processing
  • Withdraw consent where processing is based on consent
  • Request information about how your data is used or shared
  • Lodge a complaint with the relevant data protection authority

To exercise your rights, contact us at: sales@securecoreconsult.info We may need to verify your identity before processing your request. We will respond within the timeframe required by applicable law.

17. Marketing Communications

We may contact you with service-related updates, proposals, responses to enquiries, or information relevant to a service you requested.

We will not send unrelated marketing communications without an appropriate lawful basis or consent. Where marketing emails are sent, you may opt out or unsubscribe at any time by contacting us or using the unsubscribe option provided.

18. Children's Privacy

Our website and services are intended for organizations, professionals, and business users. We do not knowingly collect personal data from children. If we become aware that a child has provided personal data through our website without appropriate consent, we will take reasonable steps to delete the information.

19. Automated Decision-Making

We do not use personal data collected through this website for automated decision-making that produces legal or similarly significant effects.

Any service calculator or automated estimate provided on the website is for informational purposes only and is subject to review by SecureCore Consult before a final quotation or proposal is issued.

20. Links to Third-Party Websites

Our website may contain links to third-party websites, platforms, or professional profiles. We are not responsible for the privacy practices, security, or content of third-party websites. We encourage you to review the privacy policies of any external websites you visit.

21. Data Breach Management

If we become aware of a data breach affecting personal data under our control, we will take appropriate steps to contain, investigate, assess, and remediate the incident.

Where required by applicable law, we will notify affected individuals, clients, regulators, or relevant authorities within the appropriate timeframe.

22. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our website, services, legal obligations, business operations, or data protection practices.

The updated version will be posted on this page with a revised "Last Updated" date. We encourage you to review this policy periodically.

23. Contact Us

For privacy-related questions, data protection requests, complaints, or concerns about how we handle your personal data, please contact:

SecureCore Consult Accra, Ghana Email: sales@securecoreconsult.info Phone/WhatsApp: +233 (53) 422 4625 Website: securecoreconsult.net