Privacy Policy

Welcome to SharkDeals (formerly known as ElectroHub), Ghana's premier online marketplace for premium electronics and cutting-edge technology solutions. We are deeply committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website (www.sharkdeals.com), use our mobile applications, or engage with our services in any way.

At SharkDeals, we believe that your trust is our most valuable asset. We understand that providing us with your personal information is an act of trust, and we take this responsibility seriously. This Privacy Policy outlines our commitment to transparency and accountability in how we handle your data. By using our services, you acknowledge that you have read, understood, and agree to the practices described in this policy.

This Privacy Policy applies to all visitors, users, and others who access or use our services. It covers information collected through our website, mobile applications, physical stores, customer support interactions, and any other channels through which we provide our services. This policy does not apply to the practices of third parties that we do not own or control, including third-party websites, services, or applications that you might access through our platform.

SharkDeals Technologies Ltd. is the data controller responsible for your personal information. Our company is registered in Ghana with our principal place of business at Accra - Circle. We have appointed a Data Protection Officer who oversees our compliance with data protection laws and regulations. You can contact our Data Protection Officer using the information provided in Section 13 of this policy.

We comply with all applicable data protection laws and regulations, including Ghana's Data Protection Act, 2012 (Act 843), and international standards such as the General Data Protection Regulation (GDPR) for users in the European Economic Area. This policy is designed to meet or exceed the requirements of these regulations while providing clear, accessible information about our practices.

Please read this Privacy Policy carefully before using our services. If you have any questions about this policy or our practices, please contact us using the information provided in Section 13. By accessing or using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, you should not use our services.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technology. We will notify you of any significant changes by posting the updated policy on our website and updating the "Last Updated" date at the top of this page. Your continued use of our services after such changes constitutes your acceptance of the new policy. We encourage you to review this policy periodically for updates.

This Privacy Policy is incorporated into and subject to our Terms and Conditions. Capitalized terms used in this policy have the meanings given to them in our Terms and Conditions unless otherwise defined herein.

We collect various types of information from and about users of our services, including personal information that can identify you directly or indirectly. This section describes the categories of information we collect and the sources from which we obtain this information.

Information You Provide Directly:

When you create an account, place an order, contact customer support, participate in surveys, or otherwise interact with our services, we collect information that you voluntarily provide to us. This may include:

• Personal Identification Information: Your name, email address, phone number, date of birth, gender, and government-issued identification numbers (when required for verification purposes).
• Contact Information: Your billing and shipping addresses, including street address, city, region, postal code, and country.
• Account Credentials: Your username, password (stored in encrypted form), security questions, and other authentication information.
• Payment Information: Credit/debit card numbers, expiration dates, CVV codes, bank account details, mobile money account information, and billing addresses. Note that we do not store full payment card details on our servers; this information is handled by our PCI-DSS compliant payment processors.
• Profile Information: Profile pictures, usernames, preferences, interests, wishlists, and product reviews.
• Communication Records: Records of your correspondence with us, including emails, chat transcripts, phone call recordings (with consent), and support tickets.
• Survey Responses: Information you provide when participating in surveys, contests, promotions, or feedback sessions.
• User-Generated Content: Product reviews, ratings, comments, forum posts, photos, videos, and other content you submit to our platform.

Information Collected Automatically:

When you access or use our services, we automatically collect certain information about your device and usage patterns. This information is collected through cookies, web beacons, pixel tags, and similar technologies. This may include:

• Device Information: Hardware model, operating system, unique device identifiers (such as IMEI, MAC address, or IDFA), browser type and version, screen resolution, and mobile network information.
• Usage Data: Pages visited, time spent on pages, click patterns, search queries, navigation paths, feature usage, and interaction with content.
• Location Data: Approximate location derived from your IP address, and precise location if you grant permission through your device settings (used for store locator, delivery estimates, and localized content).
• Log Files: IP address, browser type, Internet Service Provider (ISP), referring/exit pages, operating system, date/time stamps, and clickstream data.
• Network Information: Connection type (Wi-Fi, cellular), signal strength, and network performance data.

Information from Third Parties:

We may receive information about you from other sources, including:

• Social Media Platforms: If you choose to connect your SharkDeals account with social media accounts (such as Facebook or Google), we may receive profile information, friend lists, and other data you authorize the platform to share.
• Business Partners: Information from our partners, such as co-branded promotions, affiliate programs, or joint marketing initiatives.
• Analytics Providers: Aggregated demographic and interest data from third-party analytics services.
• Advertising Networks: Information about your interactions with our advertisements on third-party websites and applications.
• Public Records: Information from publicly available sources, such as business directories or government databases, for verification purposes.
• Shipping Carriers: Tracking information, delivery status, and proof of delivery from our logistics partners.

Information from Physical Interactions:

If you visit our physical locations in Accra - Circle or at UCC Campus in Cape Coast, we may collect additional information, including:

• Video surveillance footage for security purposes
• In-store purchase history and preferences
• Customer service interactions and feedback
• Biometric data (such as facial recognition) only with explicit consent and where permitted by law

Special Categories of Personal Data:

We generally do not collect special categories of personal data (such as racial or ethnic origin, political opinions, religious beliefs, health information, or sexual orientation) unless required by law or with your explicit consent for specific purposes (such as accessibility accommodations). If we do collect such information, we will implement additional safeguards and obtain your explicit consent where required.

Information from Children:

Our services are not intended for children under the age of 13, and we do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete such information promptly. If you believe we may have collected information from a child, please contact us immediately using the information in Section 13.

We use the information we collect for various purposes related to operating, improving, and personalizing our services. This section explains the specific ways we use your personal information and the legal bases for such processing under applicable data protection laws.

Providing and Managing Our Services:

We use your information to:

• Create and manage your account, verify your identity, and prevent fraudulent activities
• Process your orders, payments, and refunds
• Arrange shipping and delivery of products, including providing tracking information
• Communicate with you about your orders, account status, and service updates
• Provide customer support and respond to your inquiries
• Manage returns, exchanges, and warranty claims
• Facilitate interactions between buyers and sellers on our marketplace platform

Personalization and Improvement:

We use your information to:

• Personalize your experience by recommending products based on your browsing history, purchase behavior, and preferences
• Improve our website, mobile applications, and services based on user feedback and usage patterns
• Develop new features, products, and services that better meet your needs
• Conduct market research, analytics, and testing to enhance our offerings
• Customize content, advertisements, and communications to match your interests

Marketing and Communications:

With your consent (where required by law), we use your information to:

• Send promotional emails, SMS messages, or push notifications about products, deals, and events
• Provide personalized marketing content based on your interests and behavior
• Invite you to participate in surveys, contests, or focus groups
• Share information about new features, services, or partnerships
• Notify you about changes to our services or policies

You can opt out of marketing communications at any time by clicking the "unsubscribe" link in our emails, adjusting your notification preferences in your account settings, or contacting us directly.

Security and Fraud Prevention:

We use your information to:

• Detect, prevent, and investigate fraudulent transactions and other illegal activities
• Protect the security and integrity of our systems, networks, and data
• Verify user identities and prevent unauthorized access to accounts
• Comply with legal obligations and enforce our Terms and Conditions
• Monitor for and prevent security breaches, spam, and other malicious activities

Legal Compliance:

We use your information to:

• Comply with applicable laws, regulations, legal processes, or governmental requests
• Respond to lawful requests from public authorities, including national security and law enforcement requirements
• Enforce our Terms and Conditions and other agreements
• Protect our rights, property, safety, and operations, as well as those of our users and the public
• Defend against legal claims and establish, exercise, or defend our legal rights

Aggregate and Anonymized Data:

We may aggregate or anonymize your personal information so that it can no longer be associated with you. We use this de-identified data for various purposes, including:

• Generating statistical reports and business insights
• Conducting market research and trend analysis
• Improving our products, services, and operations
• Sharing with third parties for research, analytics, or commercial purposes

Aggregate and anonymized data is not considered personal information under this policy, as it cannot be used to identify you personally.

Legal Bases for Processing:

Under applicable data protection laws (such as GDPR), we rely on the following legal bases for processing your personal information:

• Contractual Necessity: Processing is necessary to perform our contract with you (e.g., processing orders, providing customer support).
• Legal Obligation: Processing is necessary to comply with legal obligations (e.g., tax reporting, fraud prevention).
• Legitimate Interests: Processing is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms (e.g., fraud prevention, service improvement, marketing).
• Consent: Processing is based on your explicit consent (e.g., marketing communications, location tracking, special categories of data).
• Vital Interests: Processing is necessary to protect someone's life (rarely applicable in our context).

Where we rely on consent as the legal basis for processing, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

We do not sell, rent, or trade your personal information to third parties for their marketing purposes without your explicit consent. However, we may share your information in the following circumstances:

With Service Providers:

We engage third-party companies and individuals to perform services on our behalf. These service providers have access to your personal information only to perform specific tasks and are obligated not to disclose or use your information for any other purpose. Service providers include:

• Payment Processors: Companies that process credit/debit card payments, mobile money transactions, and other payment methods (e.g., Flutterwave, Paystack, MTN Mobile Money).
• Shipping and Logistics Partners: Carriers and delivery services that fulfill your orders (e.g., DHL, GIG Logistics, Ghana Post).
• IT and Infrastructure Providers: Companies that provide cloud hosting, data storage, server maintenance, and other technical services (e.g., AWS, Google Cloud).
• Customer Support Providers: Third parties that assist with customer service operations, including live chat and email support.
• Marketing and Analytics Partners: Companies that help us analyze usage data, conduct market research, and deliver targeted advertising (e.g., Google Analytics, Facebook Ads).
• Fraud Prevention Services: Organizations that help us detect and prevent fraudulent transactions and activities.

With Sellers on Our Marketplace:

When you place an order with a third-party seller on our marketplace platform, we share necessary information with that seller to fulfill your order. This typically includes:

• Your name and contact information
• Shipping address
• Order details (products, quantities, prices)
• Payment status (but not full payment details)

Sellers are required to handle your information in accordance with their own privacy policies and applicable laws. SharkDeals is not responsible for the privacy practices of third-party sellers.

For Legal Compliance and Safety:

We may disclose your personal information if required to do so by law or in response to valid requests by public authorities (including national security or law enforcement requirements). We may also disclose your information to:

• Comply with court orders, subpoenas, or other legal processes
• Protect and defend our rights, property, or safety, and that of our users or the public
• Investigate and prevent fraudulent transactions, unauthorized access to our systems, or other illegal activities
• Enforce our Terms and Conditions or other agreements
• Respond to claims that content violates the rights of third parties

Business Transfers:

In the event of a merger, acquisition, reorganization, sale of assets, bankruptcy, or other change in control, your personal information may be transferred as part of the transaction. We will notify you of any such transfer and ensure that your information remains subject to this Privacy Policy or a substantially similar policy. If the information will be used contrary to this policy, we will provide you with prior notice and obtain your consent where required.

With Your Consent:

We may share your personal information for purposes not described in this policy with your explicit consent. For example, we might ask for permission to share your contact information with a business partner for a co-branded promotion or to feature your product review in our marketing materials.

Aggregate and Anonymized Data:

We may share aggregate or anonymized information that cannot reasonably be used to identify you with third parties for research, analytics, marketing, or other purposes. This includes demographic data, usage statistics, and market trends.

International Transfers:

Your personal information may be transferred to and processed in countries other than your country of residence, including countries that may not have data protection laws equivalent to those in your home country. When we transfer personal information internationally, we implement appropriate safeguards to protect your information, such as Standard Contractual Clauses approved by data protection authorities. For more information about international transfers, see Section 10 of this policy.

Third-Party Links:

Our services may contain links to third-party websites, applications, or services that are not operated by SharkDeals. This Privacy Policy does not apply to these third-party services. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the content or privacy practices of these third parties.

Advertising and Analytics:

We work with third-party advertising networks and analytics providers that use cookies and similar technologies to collect information about your activities across our services and other websites. This information helps us deliver targeted advertisements and measure the effectiveness of our marketing campaigns. These third parties may use your information in accordance with their own privacy policies. For more information about cookies and tracking technologies, see Section 7 of this policy.

SharkDeals takes the security of your personal information seriously. We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. While no system can be 100% secure, we continuously evaluate and improve our security practices to maintain the confidentiality, integrity, and availability of your data.

Technical Safeguards:

We employ industry-standard security technologies and practices, including:

• Encryption: We use Secure Socket Layer (SSL) and Transport Layer Security (TLS) encryption to protect data transmitted between your device and our servers. Sensitive information (such as passwords and payment details) is encrypted at rest using AES-256 encryption or equivalent standards.
• Access Controls: We implement role-based access controls to ensure that only authorized personnel have access to personal information. Access is granted on a need-to-know basis and is regularly reviewed and updated.
• Authentication Measures: We require strong passwords for user accounts and offer two-factor authentication (2FA) for additional security. Internal systems require multi-factor authentication for administrative access.
• Network Security: We use firewalls, intrusion detection/prevention systems, and regular security scanning to protect our networks from unauthorized access and attacks.
• Secure Development Practices: Our software development lifecycle incorporates security best practices, including code reviews, vulnerability testing, and penetration testing by internal and external security experts.
• Data Minimization: We limit the collection and retention of personal information to what is necessary for the purposes described in this policy.

Organizational Safeguards:

We maintain robust organizational policies and procedures to protect your information, including:

• Employee Training: All employees and contractors receive regular training on data protection, security awareness, and our privacy policies and procedures.
• Confidentiality Agreements: Employees and contractors with access to personal information sign confidentiality agreements and are subject to disciplinary action for violations.
• Security Policies: We maintain comprehensive security policies covering data handling, incident response, physical security, and acceptable use of systems.
• Vendor Management: We assess the security practices of third-party service providers and require them to implement appropriate safeguards through contractual obligations.
• Incident Response Plan: We maintain a formal incident response plan to quickly address and mitigate security breaches. This includes procedures for containment, investigation, notification, and remediation.

Physical Safeguards:

For information stored in physical form or on-premises servers, we implement physical security measures, including:

• Restricted access to data centers and server rooms using keycards, biometric scanners, or other access controls
• 24/7 video surveillance and security personnel at our facilities
• Environmental controls to protect against fire, flood, and power outages
• Secure disposal of physical records and electronic media containing personal information

Payment Security:

SharkDeals is committed to maintaining the highest standards of payment security. We comply with the Payment Card Industry Data Security Standard (PCI DSS) and do not store full payment card details on our servers. Payment information is processed by PCI-DSS compliant payment gateways, and we only retain the last four digits of your card number and expiration date for reference purposes.

Security Breach Notification:

In the event of a security breach that compromises your personal information, we will notify you and relevant authorities as required by law. Notification will be made without undue delay and will include information about the nature of the breach, the categories of information affected, and steps you can take to protect yourself. We will also take immediate steps to contain the breach, investigate its cause, and prevent future incidents.

Your Responsibilities:

While we implement robust security measures, you also play an important role in protecting your information. To help keep your account secure, you should:

• Use a strong, unique password for your SharkDeals account and avoid reusing passwords across multiple sites
• Enable two-factor authentication if available
• Log out of your account when using shared or public devices
• Keep your software and devices updated with the latest security patches
• Be cautious about phishing attempts and never share your password or verification codes with anyone
• Regularly review your account activity and report any suspicious behavior to us immediately

International Standards:

Our security program is designed to meet or exceed international standards and frameworks, including ISO/IEC 27001 (Information Security Management), NIST Cybersecurity Framework, and GDPR security requirements. We undergo regular security audits and assessments to ensure compliance with these standards.

Depending on your location and applicable data protection laws, you may have certain rights regarding your personal information. This section describes these rights and how you can exercise them.

Right to Access:

You have the right to request access to the personal information we hold about you and to obtain information about how we process your data. Upon verification of your identity, we will provide you with a copy of your personal information in a structured, commonly used, and machine-readable format.

Right to Rectification:

You have the right to request correction of inaccurate or incomplete personal information. You can update most of your account information directly through your account settings, or you can contact us to request corrections.

Right to Erasure (Right to be Forgotten):

You have the right to request deletion of your personal information in certain circumstances, such as when:

• The data is no longer necessary for the purposes for which it was collected
• You withdraw consent (where processing was based on consent)
• You object to processing (and we have no overriding legitimate grounds)
• The data was processed unlawfully
• Erasure is required to comply with a legal obligation

Please note that we may retain certain information as required by law or for legitimate business purposes, such as fraud prevention, warranty claims, or legal disputes.

Right to Restrict Processing:

You have the right to request restriction of processing of your personal information in certain circumstances, such as when:

• You contest the accuracy of your data (restriction applies during verification period)
• Processing is unlawful but you oppose erasure and request restriction instead
• We no longer need the data but you require it for legal claims
• You have objected to processing (restriction applies during verification of our legitimate grounds)

When processing is restricted, we may store your information but not use it except for limited purposes (e.g., legal claims, protection of others' rights).

Right to Data Portability:

You have the right to receive your personal information in a structured, commonly used, and machine-readable format, and to transmit this data to another controller without hindrance from us. This right applies when processing is based on consent or contractual necessity and is carried out by automated means.

Right to Object:

You have the right to object to processing of your personal information based on legitimate interests or for direct marketing purposes. If you object to processing for direct marketing, we will stop processing your information for such purposes immediately. For other objections, we will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or for legal claims.

Right to Withdraw Consent:

Where we process your personal information based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. You can withdraw consent through your account settings or by contacting us directly.

Right to Lodge a Complaint:

You have the right to lodge a complaint with a data protection authority if you believe our processing of your personal information infringes applicable data protection laws. For users in Ghana, this would be the Data Protection Commission. For users in the European Economic Area, you can contact your local supervisory authority.

How to Exercise Your Rights:

To exercise any of these rights, please contact us using the information provided in Section 13. We may require verification of your identity before processing your request to ensure the security of your information. We will respond to verified requests within 30 days (or as required by applicable law). In some cases, we may extend this period by an additional 60 days if necessary, taking into account the complexity and number of requests.

Account Settings:

You can manage many privacy preferences directly through your account settings, including:

• Updating your profile information and contact details
• Managing communication preferences (email, SMS, push notifications)
• Enabling or disabling location tracking
• Managing connected social media accounts
• Deleting your account (note that some information may be retained as described in Section 11)

Marketing Communications:

You can opt out of marketing communications at any time by:

• Clicking the "unsubscribe" link in marketing emails
• Replying "STOP" to marketing SMS messages
• Adjusting notification preferences in your account settings
• Contacting us directly using the information in Section 13

Note that even if you opt out of marketing communications, we may still send you service-related communications necessary for your account or orders (e.g., order confirmations, shipping notifications, security alerts).

Do Not Track:

Our services do not currently respond to "Do Not Track" (DNT) signals or similar mechanisms. However, you can manage tracking preferences through your browser settings or by using the cookie controls described in Section 7.

SharkDeals uses cookies and similar tracking technologies to enhance your experience, analyze usage patterns, and deliver personalized content and advertising. This section explains what these technologies are, how we use them, and how you can control them.

What Are Cookies?

Cookies are small text files stored on your device when you visit websites. They enable websites to remember your actions and preferences (such as login status, language, font size, and other display preferences) over a period of time, so you don't have to keep re-entering them whenever you come back to the site or browse from one page to another.

Types of Cookies We Use:

• Essential Cookies: These cookies are necessary for the operation of our services. They enable core functionality such as security, network management, and account access. You cannot opt out of these cookies as they are required for our services to function properly.
• Performance Cookies: These cookies collect information about how you use our services, such as which pages you visit most often and if you encounter error messages. This data helps us improve the performance and user experience of our services. These cookies do not collect personally identifiable information.
• Functionality Cookies: These cookies allow our services to remember choices you make (such as your username, language, or region) and provide enhanced, personalized features. They may also be used to provide services you have requested, such as watching a video or commenting on a blog.
• Targeting/Advertising Cookies: These cookies record your visit to our services, the pages you have visited, and the links you have followed. We use this information to make our services and advertising more relevant to your interests. We may also share this information with third parties for this purpose.

Other Tracking Technologies:

In addition to cookies, we use other tracking technologies, including:

• Web Beacons (Pixel Tags): Small graphic images embedded in web pages or emails that allow us to count users who have visited certain pages or opened emails, and to collect other related data.
• Local Storage: Mechanisms such as HTML5 local storage and browser web storage that allow data to be stored on your device similar to cookies but with larger capacity.
• Session Replay Scripts: Tools that record user sessions to help us understand how users interact with our services and identify usability issues. These recordings do not capture sensitive information such as passwords or payment details.
• Device Fingerprinting: Techniques that collect information about your device configuration (such as browser type, operating system, screen resolution) to create a unique identifier for fraud prevention and security purposes.

How We Use Cookies and Tracking Technologies:

We use these technologies to:

• Remember your preferences and settings
• Authenticate users and prevent fraudulent use of login credentials
• Analyze usage patterns and improve our services
• Deliver personalized content and product recommendations
• Measure the effectiveness of advertising campaigns
• Enable social media features and sharing capabilities
• Track conversions and attribute marketing efforts
• Prevent fraud and enhance security

Third-Party Cookies:

Some cookies and tracking technologies on our services are set by third parties, such as analytics providers, advertising networks, and social media platforms. These third parties may use cookies to collect information about your activities across different websites and services for purposes such as advertising, analytics, and social media integration. We do not control these third-party cookies, and this Privacy Policy does not cover their use. Please refer to the privacy policies of these third parties for more information.

Your Cookie Choices:

You can control and manage cookies through your browser settings. Most browsers allow you to:

• Block all cookies or only third-party cookies
• Delete existing cookies
• Set your browser to prompt you before accepting cookies
• Configure private browsing modes that delete cookies when you close the browser

However, blocking essential cookies may prevent our services from functioning properly. For more information about managing cookies, visit www.allaboutcookies.org.

Cookie Consent Manager:

When you first visit our services, you will see a cookie consent banner that allows you to accept or reject non-essential cookies. You can change your preferences at any time by clicking the "Cookie Settings" link in the footer of our website.

Do Not Track:

As mentioned in Section 6, our services do not currently respond to "Do Not Track" signals. However, you can use browser extensions or privacy-focused browsers that block tracking technologies.

Mobile Device Identifiers:

On mobile devices, we may use device identifiers (such as IDFA for iOS or Advertising ID for Android) for similar purposes as cookies. You can reset these identifiers or opt out of interest-based advertising through your device settings.

Analytics and Advertising Opt-Outs:

If you wish to opt out of analytics or advertising tracking, you can use the following tools:

• Google Analytics Opt-out Browser Add-on: https://tools.google.com/dlpage/gaoptout
• Network Advertising Initiative (NAI) opt-out: https://optout.networkadvertising.org
• Digital Advertising Alliance (DAA) opt-out: https://optout.aboutads.info

Our services integrate with or link to various third-party services, including payment processors, shipping carriers, social media platforms, analytics providers, and advertising networks. This section explains how these integrations work and your privacy considerations when using them.

Payment Processors:

SharkDeals uses third-party payment processors to handle transactions securely. When you make a purchase, your payment information is transmitted directly to these processors and is not stored on our servers. Current payment processors include:

• Flutterwave
• Paystack
• MTN Mobile Money
• Vodafone Cash
• AirtelTigo Money
• Visa, Mastercard, and other card networks

These processors have their own privacy policies and security practices. We encourage you to review their policies before providing your payment information.

Shipping and Logistics Partners:

We partner with various shipping carriers to deliver your orders. When you place an order, we share necessary shipping information with these partners to fulfill your delivery. Current shipping partners include:

• DHL
• GIG Logistics
• Ghana Post
• Kuda Delivery Services
• Other regional carriers as needed

These partners may collect additional information (such as delivery confirmation signatures) and have their own privacy practices. We require them to handle your information securely and only for delivery purposes.

Social Media Integrations:

Our services may include social media features, such as Facebook "Like" buttons, Twitter "Tweet" buttons, or Instagram sharing options. These features may collect information about your device and interactions, and are governed by the privacy policies of the respective social media platforms. When you connect your SharkDeals account to a social media account, you authorize us to access certain information from that platform (such as your profile picture or friend list) as permitted by your social media privacy settings.

Analytics and Advertising Services:

We use third-party analytics and advertising services to understand usage patterns and deliver targeted content. These services may collect information about your activities across our services and other websites. Current providers include:

• Google Analytics
• Facebook Pixel
• Twitter Analytics
• Hotjar (session recording and heatmaps)
• Segment (customer data platform)

These providers have their own privacy policies and may use your information for their own purposes (such as building audience profiles). We encourage you to review their policies and use available opt-out mechanisms.

Cloud Service Providers:

We use cloud infrastructure providers to host our services and store data. Current providers include:

• Amazon Web Services (AWS)
• Google Cloud Platform
• Microsoft Azure

These providers implement robust security measures and comply with industry standards. They process data only on our instructions and are contractually obligated to protect your information.

Customer Support Platforms:

We use third-party platforms to manage customer support interactions, including:

• Zendesk (ticketing system)
• Intercom (live chat and messaging)
• Twilio (SMS and voice communications)

These platforms may store communication records and user information necessary for support operations. They are required to maintain confidentiality and security of your data.

Marketplace Sellers:

SharkDeals operates as a marketplace platform where third-party sellers list and sell products. When you purchase from a seller, your order information (name, shipping address, product details) is shared with that seller to fulfill your order. Sellers have their own privacy policies and practices, and SharkDeals is not responsible for their handling of your information. We encourage you to review sellers' privacy policies before making purchases.

Links to Third-Party Websites:

Our services may contain links to third-party websites, applications, or services that are not operated by SharkDeals. This Privacy Policy does not apply to these third-party services. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the content or privacy practices of these third parties.

Third-Party Data Sharing Controls:

You can control some third-party integrations through your account settings, including:

• Disconnecting social media accounts
• Opting out of personalized advertising
• Managing communication preferences
• Controlling location sharing

For other third-party services, you may need to contact the provider directly or use their opt-out mechanisms.

SharkDeals is committed to protecting the privacy of children. Our services are not intended for children under the age of 13, and we do not knowingly collect personal information from children.

Age Restrictions:

You must be at least 13 years old to create an account or use our services. If you are between 13 and 18 years old, you may use our services only with the involvement and supervision of a parent or legal guardian who agrees to be bound by our Terms and Conditions and this Privacy Policy.

No Intentional Collection:

We do not intentionally collect personal information from children under 13. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete such information promptly. If you believe we may have collected information from a child under 13, please contact us immediately using the information provided in Section 13.

Parental Consent:

In some jurisdictions, we may allow children between 13 and 16 (or older, depending on local laws) to use certain features of our services with verifiable parental consent. If required by law, we will obtain parental consent before collecting, using, or disclosing personal information from children in this age group. Parents can review their child's information, request deletion, or revoke consent by contacting us.

Educational Services:

If we offer services specifically designed for educational institutions (such as student discounts or school programs), we will comply with applicable laws such as the Family Educational Rights and Privacy Act (FERPA) in the United States or equivalent regulations in other jurisdictions. We will obtain necessary consents and implement additional safeguards for student data.

Marketing to Children:

We do not direct advertising or marketing content to children under 13. We do not knowingly collect personal information from children for marketing purposes. If we discover that we have collected such information, we will delete it promptly and cease any marketing activities directed at that child.

Parental Rights:

Parents or guardians who believe their child has provided us with personal information can request access, correction, or deletion of that information by contacting us. We may require verification of identity and relationship to the child before processing such requests.

Monitoring and Enforcement:

We implement age verification measures during account registration and monitor our services for potential underage users. We train our staff to recognize and handle situations involving children's data appropriately. We also work with parents, educators, and child safety organizations to promote online safety and privacy awareness.

Reporting Concerns:

If you have concerns about a child's safety or privacy on our services, please contact us immediately. You can also report concerns to relevant authorities, such as the Ghana Data Protection Commission or the Federal Trade Commission (FTC) in the United States.

SharkDeals operates globally, and your personal information may be transferred to and processed in countries other than your country of residence. This section explains how we handle international data transfers and the safeguards we implement to protect your information.

Global Operations:

SharkDeals Technologies Ltd. is headquartered in Ghana, but we use service providers, cloud infrastructure, and business partners located around the world. Your personal information may be transferred to countries including but not limited to:

• United States (for cloud hosting, analytics, and advertising services)
• European Union (for payment processing and customer support)
• United Kingdom (for logistics and shipping services)
• Nigeria, Kenya, and South Africa (for regional operations and support)
• China and India (for manufacturing partners and supplier communications)

Data Protection Standards:

Countries outside your jurisdiction may have different data protection laws and standards. Some countries may not provide the same level of protection as your home country. When we transfer personal information internationally, we implement appropriate safeguards to ensure your information remains protected in accordance with this Privacy Policy and applicable laws.

Safeguards for International Transfers:

We rely on the following mechanisms to legitimize international transfers of personal information:

• Standard Contractual Clauses (SCCs): For transfers from the European Economic Area (EEA) or United Kingdom, we use the European Commission's Standard Contractual Clauses or the UK International Data Transfer Agreement, which impose data protection obligations on the recipient.
• Binding Corporate Rules (BCRs): For transfers within our corporate group, we are developing Binding Corporate Rules that provide a consistent level of protection across all entities.
• Adequacy Decisions: We transfer data to countries that the European Commission or other relevant authorities have deemed to provide an adequate level of protection (e.g., Canada, Japan, Switzerland).
• Privacy Shield Frameworks: For transfers from the EEA to the United States, we rely on the EU-U.S. Data Privacy Framework (when available) or alternative transfer mechanisms.
• Explicit Consent: Where required by law, we obtain your explicit consent for specific international transfers.
• Contractual Necessity: We transfer data when necessary to perform our contract with you (e.g., processing international orders).

Data Localization Requirements:

In some jurisdictions, local laws require certain types of personal information to be stored within the country. We comply with these data localization requirements where applicable. For example:

• In Ghana, we store customer data primarily on servers located within Ghana or the West African region.
• For Nigerian customers, we comply with the Nigeria Data Protection Regulation (NDPR) regarding data storage and transfers.
• For South African customers, we comply with the Protection of Personal Information Act (POPIA).

Your Rights Regarding International Transfers:

You have the right to request information about the safeguards we use for international transfers of your personal information. You can also request a copy of the relevant documents (such as Standard Contractual Clauses) by contacting us using the information in Section 13.

Onward Transfers:

When we transfer your personal information to third-party service providers or partners in other countries, we require them to implement appropriate safeguards and handle your information in accordance with this Privacy Policy. We enter into data processing agreements with these third parties that include obligations to protect your information and limit its use to specified purposes.

Security of International Transfers:

All international transfers of personal information are protected by encryption during transmission (using TLS 1.2 or higher) and appropriate security measures at rest. We conduct regular risk assessments of our international data transfer practices and update our safeguards as needed to address evolving threats and regulatory requirements.

Changes to Transfer Mechanisms:

International data transfer laws and mechanisms are evolving. We monitor legal developments and update our transfer practices accordingly. If changes to applicable laws affect our ability to transfer your information lawfully, we will implement alternative safeguards or notify you of any impact on our services.

SharkDeals retains your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. This section explains our data retention practices and the criteria we use to determine retention periods.

Retention Criteria:

We determine appropriate retention periods based on the following criteria:

• The purpose for which we collected the information and whether we still need it for that purpose
• Legal, regulatory, accounting, or reporting requirements (e.g., tax laws requiring retention of financial records for 5-7 years)
• Statutory limitation periods for potential legal claims (e.g., warranty claims, product liability)
• Our legitimate business interests (e.g., fraud prevention, security, service improvement)
• Your consent or preferences regarding data retention
• Industry standards and best practices

Specific Retention Periods:

Unless otherwise required by law, we generally retain personal information according to the following timeframes:

• Account Information: For active accounts, we retain information for as long as your account remains active. After account closure, we retain certain information for up to 7 years for legal, tax, and fraud prevention purposes.
• Order and Transaction Data: We retain order history, payment records, and related information for 7 years to comply with tax and accounting requirements and to handle potential warranty claims or disputes.
• Customer Support Records: We retain support tickets, chat transcripts, and email correspondence for 3 years after resolution to improve our services and handle potential follow-up issues.
• Marketing and Communication Preferences: We retain your communication preferences and consent records for as long as your account is active, plus 3 years after account closure or last interaction.
• Website and App Usage Data: We retain analytics and usage data in identifiable form for 26 months, after which it is anonymized or deleted.
• Cookies and Tracking Data: Most cookies expire after 12 months, though some essential cookies may persist longer. You can manage cookie retention through your browser settings.
• Security and Fraud Prevention Data: We retain information related to security incidents, fraud attempts, or prohibited activities for up to 10 years to prevent recurrence and comply with legal obligations.

Deletion and Anonymization:

When we no longer need to retain your personal information for the purposes described above, we either:

• Delete the information securely using industry-standard data erasure techniques
• Anonymize the information so it can no longer be associated with you, after which it may be used indefinitely for statistical or research purposes

For physical records, we use secure shredding or incineration services. For electronic data, we use cryptographic erasure or physical destruction of storage media.

Account Closure:

If you close your SharkDeals account, we begin the process of deleting or anonymizing your personal information within 90 days, except for information we are required to retain by law or for legitimate business purposes (as described above). Some information may remain in backup systems for up to an additional 90 days before complete deletion.

Legal Holds:

If we are subject to a legal hold (e.g., pending litigation, government investigation, or audit), we will preserve relevant information until the hold is lifted, even if our standard retention period has expired. We maintain a legal hold policy to ensure compliance with these obligations.

Your Right to Erasure:

As described in Section 6, you have the right to request deletion of your personal information in certain circumstances. Upon verification of your identity, we will delete your information without undue delay, except where we are required or permitted by law to retain it. For more information about exercising this right, see Section 6.

Data Portability:

If you wish to retain your personal information before it is deleted, you can exercise your right to data portability (as described in Section 6) to obtain a copy of your data in a structured, machine-readable format.

Retention of Aggregated Data:

After personal information is anonymized or aggregated, it is no longer considered personal information under this policy and may be retained indefinitely for business analytics, research, and reporting purposes.

SharkDeals reserves the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or technology. This section explains how we handle policy changes and notify users.

Reasons for Changes:

We may update this Privacy Policy for various reasons, including:

• Changes to our services, features, or business practices
• New legal or regulatory requirements
• Updates to industry standards or best practices
• Feedback from users, regulators, or other stakeholders
• Mergers, acquisitions, or other corporate transactions
• Security incidents or risk assessments requiring policy updates

Notification of Changes:

When we make significant changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this page
• Post a prominent notice on our website or in our mobile applications
• Send an email notification to users with verified email addresses
• Display a notification when you next access our services

For material changes that affect your rights or how we use your personal information, we will provide advance notice (typically 30 days) before the changes take effect, where feasible.

Types of Changes:

Changes to this Privacy Policy may include:

• Material Changes: Changes that significantly affect your privacy rights or how we handle your personal information (e.g., new purposes for processing, new categories of data shared with third parties). We will obtain your consent for material changes where required by law.
• Non-Material Changes: Minor updates, clarifications, or corrections that do not substantially affect your rights (e.g., updating contact information, clarifying existing practices). These changes take effect immediately upon posting.

Your Choices Regarding Changes:

If you do not agree with the changes to this Privacy Policy, you may:

• Stop using our services
• Close your account (note that some information may be retained as described in Section 11)
• Contact us to discuss your concerns

Your continued use of our services after the effective date of changes constitutes your acceptance of the updated policy.

Version History:

We maintain an archive of previous versions of this Privacy Policy. If you wish to review a prior version, please contact us using the information in Section 13 and specify the date or version you are interested in.

Translations:

This Privacy Policy may be translated into other languages for your convenience. In case of any discrepancy between the English version and a translated version, the English version shall prevail.

Interpretation:

Any ambiguity or uncertainty in the interpretation of this Privacy Policy shall be resolved in accordance with the principles of data protection law and in a manner that best protects your privacy rights.

If you have any questions, concerns, or requests regarding this Privacy Policy, our data practices, or your privacy rights, please contact us using the information below. We are committed to addressing your inquiries promptly and thoroughly.

Class Action Waiver:

Any disputes regarding our privacy practices will be resolved individually and not as part of a class action lawsuit, except where prohibited by law.

Thank you for trusting SharkDeals with your personal information. We are committed to protecting your privacy and continuously improving our data protection practices.