Privacy Infrastructure
Your data privacy is not just a feature—it's the foundation of our infrastructure. We've built Girdercore with privacy-preserving technologies at every layer.
Our Privacy Principles
Data Minimization
We only collect data that is strictly necessary for providing our services. No excessive data harvesting or unnecessary retention.
Transparency
Clear, plain-language explanations of what data we collect, why we collect it, and how it is used.
Security by Design
Privacy protections are built into our systems from the ground up, not added as an afterthought.
Data Sovereignty
African data stays in Africa. We maintain regional data centers to comply with local regulations.
Data Handling & Retention
Complete transparency on how we handle different types of data.
| Data Category | Retention Period | Purpose | Encryption |
|---|---|---|---|
| Transaction Data | 7 years | Regulatory compliance and dispute resolution | AES-256 at rest, TLS 1.3 in transit |
| Customer PII | Account lifetime + 2 years | Service provision and identity verification | Field-level encryption with customer-specific keys |
| Authentication Logs | 90 days | Security monitoring and fraud prevention | AES-256 with automatic key rotation |
| Analytics Data | 24 months | Service improvement (anonymized) | Aggregated and anonymized at collection |
Your Data Rights
We respect and uphold your rights under GDPR, POPIA, and other applicable data protection regulations. You have full control over your personal data.
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent
Exercise Your Rights
To make a data request or exercise any of your rights, contact our Data Protection Officer:
Email: privacy@girdercore.com
Response time: Within 30 days