This Privacy Policy explains how Cybanext (“we,” “us,” or “our”) collects, uses, and safeguards your personal information when you visit our website or engage our services. We are committed to handling your data with full transparency, integrity, and care — and we will never sell it.
1 Who We Are
Cybanext is a digital solutions company based in Accra, Ghana, providing web development, cybersecurity, cloud services, managed IT, and digital marketing to businesses locally and internationally. Our website is cybanext.com.
For all privacy-related enquiries, contact us at hello@cybanext.com. We take data privacy seriously and have a designated team member responsible for handling all such enquiries promptly and professionally.
2 Information We Collect
We collect personal information only where necessary to provide our services, respond to your enquiries, or fulfil a legal obligation. The types of information we may collect include:
- Information you provide directly — your name, email address, phone number, company name, industry, and any details submitted via contact forms, the client portal, WhatsApp, or direct email.
- Client portal account data — username, encrypted password, and profile details to enable secure dashboard access and project tracking.
- Service delivery information — technical details, system credentials, network information, and access data shared when engaging our managed IT or cybersecurity services. This is handled under strict confidentiality at all times.
- Financial information — billing details and payment records necessary for invoicing. We do not store full card numbers; payments go through secure, PCI-compliant third-party processors.
- Automatically collected data — IP address, browser type, device model, pages visited, session duration, and referring URLs, collected through standard web server logs and analytics tools.
- Cookies and similar technologies — small data files placed on your device to improve your experience and help us understand how our site is used. See Section 7 for full details.
3 How We Use Your Information
We use personal information only for legitimate, clearly defined purposes and never in ways you would not reasonably expect:
- To respond to your enquiries and deliver the services you have contracted
- To create and manage your client portal account, project records, and progress updates
- To send project status reports, invoices, support communications, and service alerts
- To process payments securely and maintain accurate financial records
- To improve our website design, content, and service offerings based on usage patterns
- To send marketing or promotional communications — only with your explicit prior consent, with an easy opt-out at any time
- To detect, prevent, investigate, and respond to fraud, abuse, or security incidents
- To comply with our legal, regulatory, tax, and contractual obligations under Ghanaian law
Our firm commitment: We will never sell, rent, trade, or share your personal information with third parties for their own marketing or commercial purposes — under any circumstances, without exception.
4 Legal Basis for Processing
Under Ghana’s Data Protection Act, 2012 (Act 843) and applicable international frameworks, we rely on the following legal bases to process your personal data:
- Contract performance — processing necessary to deliver services you have engaged us for, or to take steps at your request before entering a contract.
- Legitimate interests — communicating with potential clients, securing our systems, improving our services, and protecting our business — provided these do not override your fundamental rights.
- Consent — for marketing emails and non-essential cookies. You may withdraw consent at any time, without affecting the lawfulness of prior processing.
- Legal obligation — where we are required by Ghanaian law, a court order, or a regulatory authority to process or retain your data.
5 Sharing Your Information
We share personal data only where strictly necessary, and always with appropriate contractual safeguards in place:
- Trusted service providers — cloud hosting, email delivery, payment processing, and analytics partners who process data on our behalf. All are contractually prohibited from using your data for their own purposes.
- Professional advisers — accountants and legal counsel, bound by professional confidentiality obligations.
- Law enforcement and regulators — only where we are legally compelled to disclose information by a valid court order, regulatory authority, or applicable Ghanaian law.
- Business transfers — in the unlikely event of a merger or acquisition, affected individuals will be notified in advance, and any successor will be bound by equivalent privacy commitments.
We never disclose cybersecurity findings, vulnerability reports, client system data, or sensitive project information to any third party without your explicit written authorisation.
6 Data Retention
We keep your data only as long as needed for the purpose it was collected, or as required by law:
- Client project and financial records — 7 years after project completion, in line with Ghana Revenue Authority requirements.
- Marketing contact records — until you unsubscribe or request deletion, whichever comes first.
- General enquiry records — 2 years after last contact, unless a client relationship develops.
- Client portal accounts — for the duration of your relationship with us, plus 12 months after account closure.
- Web analytics — aggregated and anonymised data retained for up to 26 months.
When data is no longer required, it is securely deleted or irreversibly anonymised according to our internal data destruction policy.
7 Cookies & Tracking Technologies
Our website uses cookies — small text files stored on your device — to ensure the site works correctly and to help us understand usage patterns. We use three categories:
- Essential cookies — strictly necessary for the website to function (e.g. session tokens, login state, security checks). These cannot be disabled as they are required for basic operation.
- Analytics cookies — help us understand visitor behaviour in aggregate (page popularity, session length, navigation paths). Activated only with your consent; we may use tools such as Google Analytics.
- Preference cookies — remember your choices and settings between visits to improve your browsing experience.
You can manage or disable non-essential cookies at any time via your browser settings. Note that disabling certain cookies may limit the functionality of some features on our website.
8 Your Rights
Under applicable data protection law, including Ghana’s Data Protection Act, you have the following rights:
AccessRequest a full copy of the personal data we hold about you, free of charge.
CorrectionAsk us to correct any inaccurate, outdated, or incomplete information.
DeletionRequest erasure of your personal data, subject to legal retention requirements.
RestrictionAsk us to limit how we process your data in certain circumstances.
PortabilityReceive your data in a structured, commonly used, machine-readable format.
ObjectionObject to processing based on legitimate interests or for direct marketing.
Withdraw ConsentWithdraw marketing or cookie consent at any time without penalty.
ComplainLodge a complaint with the Ghana Data Protection Commission.
To exercise any of these rights, email hello@cybanext.com. We will acknowledge within 5 business days and respond fully within 30 days. We will never charge a fee for reasonable requests.
9 Data Security
As a cybersecurity company, protecting data is not just policy — it is our profession. We implement layered technical and organisational security measures, including:
- Encryption in transit (TLS 1.2+) for all data transmitted to and from our systems
- Encryption at rest for all sensitive client data stored on our servers
- Role-based access controls — staff access only the data they need to perform their role
- Multi-factor authentication on all internal systems and administrative accounts
- Regular vulnerability assessments and internal security reviews
- Documented incident response procedures for detecting, reporting, and recovering from breaches
- Ongoing staff training in data protection, phishing awareness, and secure handling
In the event of a data breach likely to affect your rights and freedoms, we will notify you and the appropriate regulatory authority within 72 hours of becoming aware, as required by law.
10 International Data Transfers
Our primary operations are based in Ghana. Some third-party services we use (such as cloud hosting providers, email platforms, or analytics tools) may be hosted in the European Union, United Kingdom, or United States.
Where personal data is transferred internationally, we ensure that appropriate safeguards are in place — including standard contractual clauses, adequacy decisions, or equivalent mechanisms — to protect your data to a standard equivalent to Ghanaian data protection requirements.
11 Children’s Privacy
Our services are directed at businesses and individuals aged 18 and above. We do not knowingly collect personal data from children under 18. If you believe a minor has submitted personal information through our website or services, please contact us immediately at hello@cybanext.com and we will delete it promptly.
12 Third-Party Links
Our website may contain links to third-party websites, social media platforms, or partner services. Clicking these links takes you away from our site. We are not responsible for the privacy practices, content, or security of those external sites and encourage you to read their respective privacy policies before providing any personal information.
13 Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services, practices, or legal obligations. When we make material changes, we will update the “Last updated” date at the top of this page, post a notice on our website, and where appropriate, notify existing clients by email. Your continued use of our services after changes take effect constitutes acceptance of the revised policy.
14 Contact Us
For any questions, data requests, or to exercise your rights, please contact our privacy team: