GDPR Compliance Policy

Last Updated: 04-Apr-2025

1. Introduction

This GDPR Compliance Policy explains how **Quantivo Inc.**, an IT consulting firm registered in Cameroon, complies with the **General Data Protection Regulation (GDPR) (EU) 2016/679** for handling the personal data of individuals in the European Economic Area (EEA).

2. Who We Are

Quantivo Inc. ("we", "us", "our") specializes in IT consulting, software development, cloud solutions, data science, cybersecurity, and emerging technology services. Our company operates in Cameroon and serves international clients, including those in the **European Union (EU)**.

3. Data We Collect

We collect personal data from users for business operations, product development, and service delivery. This may include:

  • Identity Data: Name, email, phone number, job title.
  • Technical Data: IP address, browser type, device information.
  • Transaction Data: Payment details, invoices, billing history.
  • Usage Data: Website interactions, preferences, login history.
  • Marketing Data: Preferences for receiving promotional content.

4. How We Use Your Data

We process your data in compliance with GDPR principles. Uses include:

  • Providing IT consulting and digital services.
  • Improving security, fraud detection, and risk management.
  • Complying with legal obligations and regulatory requirements.
  • Customizing user experience and marketing communications.

5. Legal Basis for Processing Data

We process personal data based on the following legal grounds:

  • Consent: When users voluntarily provide data (e.g., newsletter signup).
  • Contractual Necessity: To fulfill service agreements and customer contracts.
  • Legal Obligation: To comply with applicable laws and regulations.
  • Legitimate Interests: For business improvement, security, and fraud prevention.

6. Data Retention Policy

We retain personal data only for as long as necessary to fulfill its purpose. Retention periods are as follows:

  • Client records: Up to 5 years after service termination.
  • Transaction data: Retained for tax and compliance purposes.
  • Marketing data: Retained until the user opts out.

7. Data Security Measures

We implement industry-standard security protocols to protect personal data, including:

  • Encryption and secure data storage.
  • Regular security audits and penetration testing.
  • Access controls and multi-factor authentication.

8. User Rights Under GDPR

EU residents have the following data rights:

  • Right to Access: Request a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data.
  • Right to Restriction: Limit processing under certain conditions.
  • Right to Data Portability: Transfer your data to another provider.
  • Right to Object: Stop processing for direct marketing or legitimate interests.

9. Data Transfers Outside the EU

We store and process data in Cameroon and other locations where our infrastructure is based. When transferring EU user data, we ensure compliance via:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Secure cloud hosting with GDPR-compliant providers.

10. Contact & Complaints

If you have concerns about data privacy or GDPR compliance, contact us at:

Email: support@quantivo.com

Address: Douala, Cameroon