Privacy Policy

1. Who we are and data controller

This Privacy Policy describes how Adisa HR (“we”, “us”) collects, uses, and protects your personal data when you use our website and the HR & Employee Portal. We are the data controller for the personal data processed through the Portal. Our processing is carried out in accordance with applicable data protection law, including the Data Protection Act, 2012 (Act 843) of Ghana where applicable.

This policy applies to use of our website and to job applications. If you are an employee, a separate Employee Privacy Notice applies to data we process about you in the employment context; you can find it in the Employee Portal after you log in.

2. Data we collect

Applicants. When you apply for a position, we collect information you provide, such as name, email, phone, address, CV, cover letter, employment history, qualifications, and any other information you submit with your application.

Employees. When you are employed, we collect and maintain data needed for the employment relationship, including: identification and contact details; emergency contacts; employment and role information; documents (e.g. ID, qualifications); and where required by law or policy, Ghana-specific compliance data such as SSNIT number, TIN, and Ghana Card number. We may also collect data related to benefits, payroll, and performance as part of HR operations.

Portal usage. We collect technical and usage data (e.g. IP address, browser, login activity) where necessary for security, support, and improving the Portal.

3. Purposes and legal basis

We process your data for: recruitment and hiring; managing the employment relationship; payroll, tax, and social security (e.g. SSNIT) compliance; benefits and HR administration; legal and regulatory compliance; security and audit; and operating and improving the Portal. Our legal basis is typically contract (employment), legal obligation (tax, labour, social security laws), or your consent where we ask for it. Where we rely on legitimate interests (e.g. fraud prevention, system security), we ensure those interests are balanced with your rights.

4. Retention

We retain your data only as long as necessary for the purposes above or as required by law. Unsuccessful application data may be retained for a defined period (e.g. 24 months for future vacancies or legal defence) and then anonymised. Employee data is retained for the duration of employment and for the periods required by law (e.g. tax and employment records). Sensitive compliance data (e.g. SSNIT, TIN, Ghana Card) is kept only as long as needed for employment and legal compliance and is stored securely.

5. Sharing and security

We do not sell your data. We may share it with: HR and management; payroll and benefits providers; IT and support providers; and regulators or authorities when required by law (e.g. Ghana Revenue Authority, SSNIT). We use technical and organisational measures (including encryption where appropriate) to protect your data against unauthorised access, loss, or misuse. Access to sensitive data is restricted to those who need it for their role.

6. Your rights

Under applicable law (including the Data Protection Act, 2012 (Act 843) in Ghana), you may have the right to: access your data; correct inaccurate data; request deletion or restriction of processing in certain cases; object to certain processing; and, where processing is based on consent, withdraw consent. To exercise these rights or ask questions about this policy, contact your HR representative or our data protection contact. You also have the right to lodge a complaint with the Data Protection Commission of Ghana or another competent supervisory authority.

7. International transfers

Your data is processed primarily within Ghana. If we transfer data outside Ghana, we will ensure appropriate safeguards are in place as required by applicable law.

8. Changes

We may update this Privacy Policy from time to time. We will indicate the last updated date above. Material changes may be communicated via the Portal or by email. Continued use of the Portal after changes constitutes acceptance of the updated policy.

9. Contact

For questions about this Privacy Policy or to exercise your data protection rights, contact your HR representative or the data controller/Data Protection Officer for Adisa HR.