Legal
Privacy Policy
Last updated: 14 May 2026 · Ghana Data Protection Act, 2012 (Act 843) compliant
This policy explains what data we collect, why, and how to control it. Izzi Manager is operated by Izzikart Limited, registered with the Data Protection Commission of Ghana.
What we collect
- Account data: name, email, phone, company details you enter at signup.
- Business data: invoices, customers, employees, transactions you store inside the Service. You own this.
- Usage data: pages you visit, features you use, errors you encounter. Used to improve the product. Aggregated and anonymised.
- Payment data: handled by Paystack — we only store payment-method tokens, never card numbers.
Why we collect it
- To provide the Service you signed up for.
- To send transactional emails (invoices, alerts, billing).
- To improve the product (we look at aggregated patterns, never individual records).
- To comply with Ghana tax law (we may share VAT data with GRA on request).
Who we share it with
We do not sell your data. We share it only with sub-processors strictly necessary to run the Service:
- Neon — managed Postgres for data storage (eu-central-1).
- Vercel — application hosting and CDN.
- Hostinger — outbound email (SMTP).
- Paystack — payments processing.
- Meta — WhatsApp Business API (only if you connect WhatsApp).
Your rights
Under the Data Protection Act, you have the right to:
- Access your personal data (Settings → My profile)
- Correct or update it (Settings → My profile)
- Export it (Settings → Data → Export everything)
- Delete it (cancel your subscription; data is purged after 30 days)
Cookies
We use one session cookie (izzi_session) for authentication. No third-party advertising or tracking cookies.
Security
PII is encrypted at rest using AES-256-GCM. All traffic uses TLS 1.2+. Access requires authentication; finance roles require 2FA. We log every access for audit.
Contact
For privacy questions or DPA requests: privacy@izzimanager.com.
Changes
Material changes are emailed 30 days in advance.