How we handle your data.

What we commit to.

Before any framework or audit, these are the commitments the business operates by. They predate compliance work and they outlast it.

Where we actually stand.

Compliance frameworks are audits, not stickers. Below is the honest state for each one prospects ask about. Aligned means we operate in accordance with the framework's principles. In progress means formal work is underway. Planned means scheduled for a specific window. On request means we engage with it on a per-contract basis.

Privacy posture.

For client engagements, we act as a data processor — you remain the controller of your end users' data, and we process it on your instructions under a Data Processing Agreement. For our own marketing site and Connect workspace, we act as the controller.

Lawful basis. Contract performance (project work), legitimate interest (security logs, billing), and consent (marketing communications and any cookies beyond strictly necessary).

Data subject rights. Access, rectification, erasure, portability, restriction, and objection — exercised by emailing pako@ai-tech.africa. We respond within 30 days.

International transfers. Where personal data moves outside the EEA or Ghana, we rely on Standard Contractual Clauses or equivalent safeguards with the receiving sub-processor.

Retention. Project data is retained for the contract duration plus a short post-termination window, then deleted or returned at your request. Marketing data is retained until consent is withdrawn.

DPA. Our standard Data Processing Agreement is available on request. Email pako@ai-tech.africa.

How the stack is built.

Our own infrastructure runs on a single VPS with intentionally simple architecture. The fewer moving parts, the smaller the attack surface and the easier it is to reason about.

• Transport
  TLS on all endpoints, with certificates auto-renewed via Let's Encrypt. HTTP redirects to HTTPS at the proxy layer.
• Authentication
  Magic-link sign-in with single-use tokens scoped to one workspace and expiring after first use. No passwords are stored.
• Authorization
  Tenant data is isolated by workspace slug. Every query is workspace-scoped at the data layer, not just at the UI layer — cross-tenant reads are not possible by construction.
• Data at rest
  Application database access restricted to the server process via filesystem permissions. No remote database port is exposed to the public internet.
• Backups
  Nightly snapshots are taken automatically. Restore procedure is tested before each major release.
• Secrets
  Held in environment variables, never committed to source control. Rotated on any personnel change.
• Server access
  SSH keys only; password authentication disabled. Root login disabled. Per-person keys, revoked on offboarding.
• Process supervision
  Application is run under a process manager that restarts on failure and exposes structured logs. Failed authentication attempts are logged and rate-limited.
• Patching
  Operating system security updates are applied promptly. Application dependencies are reviewed regularly and on every release.

Who else touches the data.

Third parties that may process personal data on our behalf. Each is bound by their own data-protection terms and is used only for the purpose listed. We give written notice before adding new sub-processors that materially expand this list.

We do not use client-side analytics or third-party tracking pixels on this site. When AI features are deployed inside a client engagement, the LLM provider is named in the Statement of Work for that engagement and added to this list before processing begins.

What happens when something goes wrong.

Every system fails eventually. The question is what you do in the first 24 hours after it does.

Detection. Application crashes, repeated failed authentication, and integrity check failures trigger alerts to the on-call engineer. Reports from clients are treated with the same priority as automated alerts.

Containment. Affected services are isolated promptly once an incident is confirmed. If a credential is suspected of being compromised, it is rotated immediately, before further investigation.

Notification. Affected clients are notified in writing without undue delay — typically within 72 hours of confirmation, in line with GDPR Article 33. The notification states what is known, what is being investigated, and what is being done. Updates follow until resolution.

Post-mortem. Incidents with client impact receive a written post-mortem shared with affected clients, describing root cause, timeline, and the specific change made to prevent recurrence.

What our agents do with your data.

When we deploy AI agents into a client workspace — attendance summaries, customer-support triage, finance reconciliation — the agent operates on your data inside your environment. The LLM provider processes the conversation to generate a response, then returns it. Under the enterprise terms of the providers we use, client data is not retained by the provider for training.

Agent identity. Every agent action is logged with the agent name, timestamp, and inputs. Agents do not impersonate humans; their messages are labelled as such in your workspace.

The doctrine. Our agents absorb workload, not roles. They do not make terminal decisions on hiring, firing, payroll, or anything else with material consequence to a person — those remain with your team. The agent is the radar; your people still fly the aircraft.

Talk to a human.