Introduction & Regulatory Compliance
Afro Ubuntu TradeNet Ltd ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and protect your data under:
- UK General Data Protection Regulation (UK GDPR)
- Data Protection Act 2018
- African Union Convention on Cyber Security and Personal Data Protection
- Local data protection laws in our operating countries
Ubuntu Commitment: Our data practices are guided by Ubuntu philosophy of "I am, because we are" - ensuring collective benefit while protecting individual rights.
Data Controller Information
Company Details
- Entity: Afro Ubuntu TradeNet Ltd
- Registration: UK Company House #16594596
- Address: 124 City Road, London, UK, EC1V 2NX
- Email: privacy@afroubuntutrade.co.uk
Data Protection Officer
- Contact: dpo@afroubuntutrade.co.uk
- Response Time: 48 hours
- Languages: English
Data We Collect
Personal Data
Registration Information
- • Full name and business name
- • Phone number and email address
- • Business location and type
- • Government ID (where required)
Business Profile
- • Trading patterns and preferences
- • Product categories and inventory
- • Financial information (for credit scoring)
- • Business relationships and networks
Technical & Usage Data
- • Device information and mobile OS
- • WhatsApp message metadata (not content)
- • Platform usage patterns and timestamps
- • Location data (with explicit consent)
- • Image metadata from uploaded photos
Special Category Data
We may process special category data only with explicit consent:
- • Biometric data (voice patterns for fraud prevention)
- • Health data (if selling health-related products)
- • Religious/cultural preferences (for appropriate product recommendations)
Legal Basis for Processing
Consent (Article 6(1)(a) UK GDPR)
For marketing communications, special category data, and optional features.
You can withdraw consent at any time via our platform or by emailing us.
Contract Performance (Article 6(1)(b))
To provide our trade intelligence services and fulfill our contractual obligations.
Legal Obligation (Article 6(1)(c))
For compliance with financial regulations, anti-money laundering, and tax requirements.
Legitimate Interest (Article 6(1)(f))
For fraud prevention, platform improvement, and research that benefits the informal trade community.
Balancing Test: We regularly assess that our processing doesn't override your rights and freedoms.
How We Use Your Data
AI-Powered Services
- Computer Vision: Analysing product images for inventory tracking (with explicit consent for each upload)
- Natural Language Processing: Understanding WhatsApp communications in local languages
- Predictive Analytics: Demand forecasting and market trend analysis
- Credit Scoring: Ethical assessment based on trading patterns, not traditional demographics
AI Transparency & Control
- Automated Decision-Making: We inform you when AI makes decisions affecting you
- Human Review: You can request human review of any AI decision
- Explanation Rights: We provide clear explanations of AI recommendations
- Opt-Out: You can opt out of AI processing while still using basic services
Data Sharing & International Transfers
Our Commitment
We never sell your personal data. We only share data in these specific circumstances:
Permitted Sharing
- • Service Providers: Cloud hosting, payment processing (under strict contracts)
- • Financial Partners: For credit scoring and lending (with explicit consent)
- • Research Partners: Anonymised data only for market research
- • Legal Compliance: When required by law or court order
International Transfers
- • Adequacy Decisions: Priority for countries with adequate protection
- • Standard Contractual Clauses: For other transfers with additional safeguards
- • Local Data Residency: Critical data stored in-country where required
- • Transfer Impact Assessments: Regular review of transfer risks
Your Data Rights
Access Your Data
Download a copy of all your data within 30 days
Rectification
Correct inaccurate or incomplete data
Erasure ("Right to be Forgotten")
Delete your data (subject to legal retention requirements)
Restrict Processing
Limit how we use your data
Data Portability
Export your data in machine-readable format
Object to Processing
Opt out of certain types of processing
How to Exercise Your Rights
Submit Request
Via platform or email
Identity Verification
Secure authentication
Response
Within 30 days (max)
Data Security & Breach Management
Technical Safeguards
- • Encryption: AES-256 at rest, TLS 1.3 in transit
- • Access Controls: Role-based with multi-factor authentication
- • Infrastructure: ISO 27001 certified cloud providers
- • Monitoring: 24/7 security monitoring and incident response
Organizational Measures
- • Staff Training: Regular data protection training
- • Background Checks: For all personnel with data access
- • Incident Response: 72-hour breach notification process
- • Third-Party Audits: Annual security assessments
Data Breach Response
If we experience a data breach that poses high risk to your rights and freedoms, we will notify you within 72 hours via email and platform notification, including details of the breach and steps you should take.
Data Retention
Retention Periods
- • Active Accounts: Data retained while account is active plus 3 years
- • Financial Records: 7 years (legal requirement)
- • Marketing Data: Until consent is withdrawn
- • Research Data: Anonymised data may be retained indefinitely
- • Backup Systems: Data purged from backups within 90 days of deletion
We regularly review and delete data that is no longer necessary for our legitimate business purposes. You can request early deletion of your data, subject to our legal obligations.
Children's Privacy
Our services are designed for adults (18+) engaged in trade activities. We do not knowingly collect personal data from children under 16 without parental consent.
If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at privacy@afroubuntutrade.co.uk.
Complaints & Regulatory Contact
File a Complaint With Us
- • Email: privacy@afroubuntutrade.co.uk
- • Response Time: 48 hours acknowledgment
- • Resolution: 30 days maximum
- • Escalation: Independent ombudsman available
Regulatory Authority
- • UK ICO: Information Commissioner's Office
- • Website: ico.org.uk
- • Phone: 0303 123 1113
- • Right: Lodge complaint without cost
Contact & Policy Updates
Questions about your privacy or data? We're here to help.
Policy Updates: We will notify you 30 days in advance of any material changes to this policy. Minor updates will be posted with version numbers and effective dates.