Privacy Policy

Effective Date: September, 2025

We value your privacy, and we also seek to protect your personal data. This Policy explains how Global Secure Solutions collects, uses, and protects your personal data when you interact with us via our website, services, or communications. As a provider of Managed Security Services (MSSP) we process certain personal data to protect systems and respond to cyber threats. In this Policy, the data that shall be referred to shall be personal data that relates to an identified or identifiable natural person being the user of the website or client of any of our services we offer. Kindly be informed that we will treat your personal data in strict confidence and in accordance with the requirements of the provisions of the Ghana Data Protection Act, 2012 (Act 843) on the protection of the privacy of natural persons by regulating the processing of personal data and providing access to obtain, hold, use or disclose personal information.

 

What We Collect

 

As already mentioned, personal data relates to any information that identifies you as an individual or else that relates to an identifiable individual. Global Secure Solutions collects personal data such as the following:

  • Names, work email addresses, and IP addresses
  • Device and log data (e.g., login attempts, timestamps)
  • Communications submitted via support tickets or during investigations
  • Data involved in threat events or forensic cases

 

How We Collect It

 

  • When you use our services or request support
  • From systems we monitor (e.g., SIEM, endpoint tools)
  • Automatically via cookies on our website

 

When we collect personal data from third parties, we shall inform you about the source of such personal data as well as the categories of personal data we collect and process. The latter information shall not be provided to you if we are specifically prohibited from disclosing such activity from the law itself. It is very important to understand what data is specifically collected and more importantly which categories of personal data. Global Secure Solutions requires to receive your contact details such as your name, surname and email address when you contact us through the Contact Forms found on our website in order to reply back to your message. Global Secure Solutions shall also collect personal data when you fill in our Request-a-Demo, Report-an-Incident and Sign-me-Up Forms on our website. Indeed, we would collect your contact details such as your name, surname, email address, mailing address and phone number and information about your business such as your company name, registered address and the business type. As part of our website, you have the opportunity to subscribe to our newsletter. In order to subscribe to our newsletter, you shall provide us with your name and email address so as to send you non-transactional, promotional emails from time to time. If you displayed interest in our services and have submitted your name and email address to Global Secure Solutions, you may also be eligible to non-transactional, promotional emails. You can unsubscribe from this service whenever you want by clicking the ‘unsubscribe’ button found in these emails. We shall do our best efforts to keep the data on yourself as accurate and up to date as possible.

 

Why We Use It

 

It is very important to understand that we do not request any personal data with respect to your person other than that which we need in order to satisfy legal requirements and assist you in your needs or that data which you choose to provide us yourself when you request our services to:

  • Detect and respond to security incidents
  • Deliver managed security services (e.g. MSSP, SOC, DFIR, MSAT, MDR, GRC)
  • Comply with legal or contractual obligations
  • Enhance our services and ensure secure operations

 

Data Sharing & Storage

 

We may transfer your personal data (such as your name and email address) to third-party service providers located outside Ghana for the purpose of sending newsletters, updates, and other communications. These service providers are contractually obligated to protect your data and process it solely for the purposes we have specified. Where your data is transferred to a country that may not have data protection laws equivalent to those in Ghana, we ensure that appropriate safeguards are in place, including data processing agreements and technical measures such as encryption.

We only share data with:

  • Trusted service providers and technology partners
  • Law enforcement or regulators, where required
  • Incident recipients during responsible threat disclosures

 

If your data is transferred to a country without data protection laws equivalent to those in Ghana, we implement appropriate safeguards, including:

  • Data processing agreements
  • Encryption and access controls

 

By subscribing to our communications, you consent to this international transfer and processing of your personal data in accordance with this Policy.

 

Lawful Basis for Use

 

We collect and process data based on:

  • Our contract with you or your organization
  • Our legitimate interest in securing systems and preventing fraud
  • Your consent, where required (e.g., cookies, subscriptions)
  • Legal obligations in certain cases (e.g., breach notifications)

 

When Global Secure Solutions would need to process certain personal data and is unable to find any legal ground for the said processing, we shall request your consent before we proceed with the processing of the data. We shall never assume that we have your consent. In this respect, we shall obtain your consent in a clear and affirmative manner and we shall request your specific consent in an unambiguously manner. You shall have the right to withdraw your consent any time you want and the withdrawal shall occur in the same manner the consent has been given. When you decide to withdraw your consent, we can at that point in time, still continue to process your data if we determine another legal ground to process the data apart from your consent. Should we identify another legal basis, you shall be informed without undue delay of the said ground as well as of the fact that your data shall not be processed any more solely on your consent.

 

Your Rights

 

You have the right to request any of the rights below to which we shall reply within one month. However, before we proceed to look at your request, we would need to verify your identity. We can refuse any of your requests if we have a legal obligation that allows us to do so, such as when you request to delete your data and we are obliged by a legal obligation to keep that data as explained in more detail here below in the retention period section.

You can:

  • Access or request a copy of your data
  • Ask us to correct or delete your information
  • Object to or limit how your data is used
  • Contact the Data Protection Commission or us directly

 

You can file a complaint with the Data Protection Commission. We suggest to first try and contact us before the complaint is filed. Your requests should be directed to our Data Protection Supervisor who can be contacted at privacy@globalsecuresolutions.com

 

Data Retention & Security

 

We shall take into consideration the purpose for which the data shall be obtained in order to understand for how long we can retain your personal data. Data shall only be retained for as long as it is necessary. In order to determine the actual retention period, we shall look to see whether there is any law that puts an obligation on us to retain certain data for a certain period of time. In this case, we would keep the data for as long as that specific law says as there is a legal obligation on us to do so.

We retain personal data only as long as needed and protect it with:

  • Encryption and secure backups
  • Access controls and network security tools
  • Physical protection at our facilities

 

Updates to This Notice

 

We may update this notice from time to time. The latest version is always available on this page. If you are a user of our website, it is your responsibility to read our Privacy Policy every time you use our website. If you are a client with whom we have a business or professional relationship, we shall advise you if any amendments occur to our Policy.