Privacy Policy
Denkami Limited is committed to protecting the privacy and security of your data. This Privacy Policy explains how we collect, use, and safeguard information when you use our SaaS data collection platform.
PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND HOW DATA IS HANDLED WITHIN THE SYSTEM.
1. Our Role in Data Protection
Depending on how you interact with our platform, data protection laws (including the Zambia Data Protection Act No. 3 of 2021 and the EU GDPR) classify our relationship in two ways:
- As a Data Controller: We act as a Data Controller for the account metadata we collect directly from you to manage your subscription, process payments, and provide support.
- As a Data Processor: For any data, forms, records, or text that you collect, paste, or store within our platform, you are the Data Controller, and Denkami Limited is strictly the Data Processor. We operate blindly under your direction and do not monitor, read, or access your database content.
2. Information We Collect
We collect limited categories of information to maintain infrastructure operations:
- Account Data: When you register, we collect your name, email address, company name, and billing details.
- System Logs: We collect technical logs (IP addresses, browser types, and login timestamps) to maintain platform security and prevent unauthorized access.
- Subscriber-Hosted Data: We host the database infrastructure for the data you collect or paste into our system. We do not own, share, or analyze this data.
3. Data Infrastructure & International Transfers
All application databases, backups, and user workspaces are securely hosted and stored on cloud infrastructure operated by DigitalOcean located in Germany (European Union).
If you are a subscriber based in Zambia or any other jurisdiction outside the European Economic Area (EEA), utilizing our platform means you are executing an international transfer of data to Germany. As the Data Controller, you assume full legal responsibility for ensuring you have established the necessary lawful bases—including obtaining explicit cross-border consent from your respondents—before inputting or pasting personal data into our system.
If you are a subscriber based in Zambia or any other jurisdiction outside the European Economic Area (EEA), utilizing our platform means you are executing an international transfer of data to Germany. As the Data Controller, you assume full legal responsibility for ensuring you have established the necessary lawful bases—including obtaining explicit cross-border consent from your respondents—before inputting or pasting personal data into our system.
4. Data Security
We protect your data using industry-standard security frameworks. All data moving between your devices and our German cloud servers is protected using TLS/SSL network encryption in transit. All database clusters utilize automated volume-level AES-256 encryption at rest.
5. Retention and Deletion Rights
We store your account metadata and hosted database records for as long as your subscription is active. Following the expiration of a subscription, you have 30 days to export your datasets. After this period, all customer-hosted data is permanently deleted from our active production systems.
As a Data Controller, you are entirely responsible for fulfilling "Right to Erasure" or data access requests made by individuals whose data you have collected, uploaded, or pasted into our system.
As a Data Controller, you are entirely responsible for fulfilling "Right to Erasure" or data access requests made by individuals whose data you have collected, uploaded, or pasted into our system.