Privacy Policy
Last Updated: May 25, 2026
01. Overview
Bunce Group ("we," "our," or "us") respects your privacy and is committed to protecting the personal data of our users, developers, and platform participants. This Privacy Policy details how we collect, process, secure, and disclose information when you interface with our digital compliance portals or fintech sandbox APIs.
02. Act 843 Data Protection Alignment
Our data management standards strictly align with the requirements of the Ghana Data Protection Act, 2012 (Act 843), monitored by the Data Protection Commission (DPC).
- Data Minimisation: We process only the minimum required metadata necessary to execute real-time transactions, VAT invoicing audits, and ledger reconciliations.
- Consent Frameworks: We operate strictly as a data processor for institutional clients, requiring all platform and fintech entities to maintain verified customer consent prior to data routing.
03. Information We Collect
Depending on your integration depth, we collect:
- Account Metadata: Names, corporate emails, telephone records, and organisation details during sandbox registration.
- Interface Analytics: API requests, payloads, response times, cryptographic handshake timestamps, and node status details.
- Transaction Records: Mock payload identifiers used to audit tax invoice structures and token settlement routing checks in the compliance sandbox.
04. Sharing of Information
We do not sell, trade, or rent personal data. We disclose collected metadata only to:
- Regulatory and tax authorities as required to comply with statutory auditing structures and legal mandates.
- Platform nodes designed to support secure transaction tracking and standardized data handling.
- Legal advisors or courts where required by law.
05. Cyber Security Measures
Our databases deploy robust physical, technical, and administrative controls. This includes ECDSA cryptographic payload verification, TLS 1.3 encryption in transit, strict access control policies, and continuous penetration testing to protect systems from intrusion.
06. Your Data Rights
In accordance with Act 843, users and customers hold rights to:
- Access and request copies of processed personal data records.
- Rectify inaccurate or outdated corporate registration profiles.
- Request erasure of credentials, subject to compliance timelines and settlement retention laws.
- File compliance disputes with the Data Protection Commission of Ghana.
07. Privacy Contacts
For requests or audits regarding data protection compliance, reach our privacy desk: