Privacy Policy
Your privacy matters to us. This policy explains how Profitha collects, uses, and protects your personal information.
1. Introduction
Profitha ("we", "us", "our") is committed to protecting the personal information of our users. This Privacy Policy describes the types of personal data we collect, how we use and store it, and the rights available to you as a data subject.
This policy applies to all personal data processed through the Profitha Platform and any related services. By using our Platform, you acknowledge that you have read and understood this Privacy Policy.
2. Data We Collect
We collect personal data that you provide to us directly, as well as data generated through your use of the Platform. This may include:
- Account Information: Your email address and any profile details you provide during registration
- Usage Data: Information about how you interact with the Platform, including login timestamps, session duration, and feature usage
- Technical Data: IP address, browser type, device identifiers, and operating system information
- Communication Data: Records of correspondence when you contact our support team
We do not collect sensitive personal data such as financial account details, government identification numbers, or biometric information unless strictly required and with explicit consent.
3. How We Use Your Data
We use the personal data we collect for the following purposes:
- To create and manage your account and authenticate your identity
- To provide, maintain, and improve our Platform and services
- To communicate with you about your account, security alerts, and service updates
- To comply with legal and regulatory obligations
- To detect, investigate, and prevent fraudulent activity or misuse of the Platform
- To analyse Platform usage and improve user experience
We do not use your personal data for automated decision-making processes that produce legally significant effects without your informed consent.
4. Legal Basis for Processing
We process your personal data on the following legal grounds:
- Contractual necessity: Processing required to perform the contract with you (providing the Platform service)
- Legal obligation: Processing required to comply with applicable laws and regulations
- Legitimate interests: Processing carried out for our legitimate business interests, where these are not overridden by your rights
- Consent: Where you have given explicit consent for specific processing activities, such as marketing communications
5. Data Sharing and Disclosure
We do not sell, rent, or trade your personal data to third parties. We may share your data only in the following limited circumstances:
- Service Providers: Trusted third-party vendors who assist us in operating the Platform (e.g., cloud hosting, email delivery), bound by strict data processing agreements
- Legal Requirements: When required by law, court order, or competent regulatory authority
- Business Transfers: In the event of a merger, acquisition, or sale of assets, subject to equivalent data protection obligations
- Protection of Rights: When necessary to protect the rights, property, or safety of Profitha, our users, or others
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting obligations. When your data is no longer required, it is securely deleted or anonymised in accordance with our data retention schedule.
Upon account closure, we will delete or anonymise your personal data within 90 days, unless we are required to retain it for longer under applicable law.
7. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, disclosure, or destruction. These measures include 256-bit encryption at rest and in transit, access control systems, and regular security audits.
While we take all reasonable precautions, no method of data transmission or storage is completely secure. We encourage you to use a strong, unique password and to keep your account credentials confidential.
8. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Access: The right to request a copy of the personal data we hold about you
- Rectification: The right to correct inaccurate or incomplete data
- Erasure: The right to request deletion of your personal data ("right to be forgotten")
- Restriction: The right to restrict how we use your data in certain circumstances
- Portability: The right to receive your data in a structured, commonly used format
- Objection: The right to object to certain types of processing
- Withdrawal of Consent: The right to withdraw previously given consent at any time
To exercise any of these rights, please contact our Data Protection Team at [email protected]. We will respond to all verified requests within 30 days.
9. Cookies
We use cookies and similar tracking technologies to enhance your experience on the Platform. For full details on how we use cookies and how to manage your preferences, please refer to our Cookies Policy.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable legal requirements. We will notify you of any material changes via email or a prominent notice on the Platform. We encourage you to review this policy periodically.
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Team at [email protected]. We are committed to resolving all privacy enquiries promptly and transparently.