How we collect, use and protect your data.
Last updated: March 15, 2026
Tshijuka RDP (“we”, “us”) is committed to protecting your personal data in line with the EU General Data Protection Regulation (GDPR), the Ghana Data Protection Act, 2012 (Act 843), and other applicable African and international data protection standards. This Privacy Policy explains what data we collect, why we collect it, how we use and protect it, and your rights.
Tshijuka RDP operates the platform. For data protection purposes we are the data controller. Contact: see footer and “Contact” section below.
We process your data on the following bases, as applicable: (a) Contract – to provide the platform and fulfil document requests; (b) Consent – where you have given clear consent (e.g. by accepting this Privacy Policy and our Terms of Service); (c) Legal obligation – where we must comply with law; (d) Legitimate interests – for security, fraud prevention, and improving the service, where not overridden by your rights. Under Ghana’s Data Protection Act we ensure lawful and fair processing and only collect data necessary for stated purposes.
We may collect: (a) Account data – name, email, contact (e.g. phone), role, password (stored hashed); (b) Document and request data – document types, descriptions, locations, uploaded files, institution selections, status and tracking information; (c) Payment data – payment references and transaction metadata (we do not store full card details; payment processing is handled by third parties such as Paystack); (d) Technical and usage data – IP address, browser type, device information, and logs necessary for security and operation; (e) Communications – messages sent through the platform (e.g. chat). We do not collect more than is necessary for the purposes described.
We use your data to: create and manage your account; process document requests and deliver services; communicate with you (e.g. MFA codes, status updates); process payments; improve security and prevent fraud; comply with legal obligations; and, where you have consented, send relevant service or marketing communications. We do not sell your personal data to third parties.
We may share data with: (a) document-issuing institutions and admissions offices (as needed to fulfil requests); (b) payment providers (e.g. Paystack); (c) hosting and technical service providers (under strict agreements); (d) authorities when required by law. Data may be stored or processed in Ghana, the EU, or other jurisdictions with adequate safeguards where required (e.g. GDPR Art. 44–50; Ghana Data Protection Act).
We retain your data only as long as necessary for the purposes above, including legal, tax, or regulatory requirements. Account and document data are retained while your account is active and for a period after closure as needed for disputes, legal compliance, or legitimate business purposes. You may request erasure where the law gives you that right.
We implement appropriate technical and organisational measures (e.g. encryption, access controls, secure storage) to protect your data against unauthorised access, loss, or alteration, in line with GDPR and Ghana data protection requirements.
Depending on your location, you may have the right to: Access – obtain a copy of your personal data; Rectification – correct inaccurate data; Erasure – request deletion in certain cases; Restriction – limit processing in certain cases; Portability – receive your data in a structured format (where applicable); Object – object to processing based on legitimate interests or for direct marketing; Withdraw consent – where processing is based on consent; Lodge a complaint – with a supervisory authority (e.g. in the EU or Ghana Data Protection Commission). To exercise these rights, contact us using the details below. We will respond within the timeframes required by applicable law.
We use session and essential cookies (and similar technologies where applicable) necessary for authentication, security, and basic operation. You can control cookies through your browser settings; disabling essential cookies may affect platform functionality.
The service is not directed at persons under the age of 18 (or the age of majority in your country). We do not knowingly collect data from children; if we become aware of such data we will delete it.
We may update this Privacy Policy from time to time. We will notify you of material changes where required by law (e.g. by email or a notice on the platform). Continued use after the effective date constitutes acceptance. We encourage you to review this policy periodically.
For privacy-related requests or questions: contact us at the phone number or contact details provided in the platform footer. For Ghana: you may also contact the Data Protection Commission where applicable. For the EU/EEA: you may lodge a complaint with your local data protection supervisory authority.