Skip to main content
    Legal · Privacy

    Privacy Policy

    Plain-English version: we collect only what we need to do our work, we don't sell your data, and you can reach out any time to see, correct, or delete what we hold.

    Effective 20 May 2026
    contact@qodetrust.com
    01

    Information We Collect

    We collect only what we need to deliver our services and run a small business responsibly.

    When you reach out through the contact form or by email, we collect the details you choose to share — typically your name, work email, company, project description, and any context you provide about budget or timeline.

    When you use our client portal, we collect basic account data (email, role) and the operational data tied to your engagement: project status, QA reports, security findings, deployment events.

    When you browse the site, we collect standard request metadata: IP address, browser type, device type, pages visited, and approximate location at the country level. This is used for diagnostics and aggregate usage analytics — never to build a profile of you as an individual.

    02

    How We Use Your Information

    We use the information you give us to respond to inquiries, scope projects, deliver agreed-upon services, send invoices, and provide support after launch.

    We use site analytics in aggregate to understand which content is useful, which pages have problems, and where to invest. We do not sell or rent personal data, and we do not share it with third parties for their own marketing.

    04

    Data Security

    We treat your data the way we'd want our own treated. That means encryption in transit (TLS) and at rest where supported by the storage provider, role-based access on internal systems, audit logs on production access, and a documented incident-response process.

    Security is central to our business — we apply the same discipline and practices we recommend to clients. No system is perfectly safe, but we take deliberate steps to keep risk low and to tell you quickly if something goes wrong.

    05

    Data Retention

    We keep personal data only as long as we need it for the purpose it was collected, plus any period required by law (typically tax and accounting records: up to 7 years).

    Project data is retained for the duration of the engagement and for a defined period afterwards as set out in your contract. After that, we delete or anonymise it on request or on our schedule, whichever comes first.

    06

    Your Rights

    Depending on where you live, you may have some or all of these rights:

    • Access the personal data we hold about you.
    • Correct anything that's wrong or out of date.
    • Ask us to delete data we no longer need to keep.
    • Receive a copy of your data in a portable format.
    • Object to certain types of processing, or restrict it.
    • Withdraw consent for any processing that depends on it.

    To exercise any of these rights, email us at contact@qodetrust.com. We respond within 30 days. We may need to verify who you are first — that's a feature, not a bug.

    07

    Cookies

    We use a small set of essential cookies that are required for the site to work — for example, to keep you signed in to the client portal.

    We may use optional analytics cookies to understand which pages and features are used. You can decline these in your browser or via the cookie controls when we surface them. Declining analytics doesn't affect your access to anything.

    08

    Third-Party Services

    We use a short list of vendors to run our business. Each is bound by their own contracts and privacy obligations:

    • Hosting and email — to serve this site and our work email.
    • Analytics — to understand site usage at an aggregate level.
    • Payments and accounting — for invoicing clients (no card data touches our servers).

    We're happy to share the current list on request — email contact@qodetrust.com.

    09

    International Data Transfers

    QodeTrust is based in Accra, Ghana, and we work with clients worldwide. Some of the providers we use to run the business store or process data outside Ghana — for example, in the European Union or the United States.

    Where personal data leaves Ghana, we rely on providers that offer appropriate safeguards (for example, EU Standard Contractual Clauses or equivalent). If you have questions about how a specific provider handles your data, contact us.

    10

    Changes to This Policy

    This is the MVP version of our privacy policy. As our services evolve, we may update this policy to reflect new practices or changes in applicable law. When we make material changes, we'll update the effective date and notify you directly where appropriate.

    11

    Contact Us

    Questions, requests, or concerns? Email contact@qodetrust.com.

    QodeTrust is operated from Accra, Ghana.

    Last updated: 20 May 2026

    Questions about your data?

    Email us at contact@qodetrust.com. We answer privacy and data-rights requests within 30 days.

    Email Privacy Team