Mo-Nane
← Back to home

Legal/Privacy Policy

Privacy Policy

Version 1.2.0 · Last updated 6/14/2026

1. Data controller

The data controller responsible for your personal data is Mo-Nane ([email protected]), with a principal place of business at Greater Accra, Ghana.

One home office in Greater Accra, Ghana. No branch, liaison office, or representative office outside Ghana.

If you have questions about this policy or your personal data, contact us at [email protected].

We are working toward registration with the Data Protection Commission of Ghana where required by law. We do not claim DPC registration on this platform until that process is complete.

2. Personal data we collect

We collect only what we need to provide the Mo-Nane errand and verification service:

Account data: full name, email address, and password (stored as a bcrypt hash).

Errand data: task titles and descriptions, pickup and drop-off addresses, optional scheduled times, and operational status updates.

Location data: coordinates you or runners submit for pickup verification, runner arrival, or media capture metadata (where applicable).

Media: photos or videos uploaded as proof of task completion, plus optional capture timestamps and coordinates.

Messaging: messages you send within errand-scoped conversations (including end-to-end encrypted chat content where enabled).

Payments: transaction references, amounts, currency, and payment status processed via our payment provider (we do not store full card numbers on Mo-Nane servers).

Technical data: IP address and browser user agent when you register, accept policies, or when we record consent, for security and audit purposes.

3. Purposes and legal bases

We process personal data to perform our contract with you (providing errands, payments, notifications, and support).

We process certain data based on legitimate interests, such as fraud prevention, service security, and improving reliability—balanced against your rights.

Where required, we rely on your consent (for example, when you accept this policy and our terms at registration). You may withdraw consent where processing is consent-based, without affecting prior lawful processing.

4. Recipients and processors

We share data with service providers who help us run Mo-Nane, including our payment processor (Paystack) for deposits and charges, and hosting or infrastructure providers that store application and file data.

Runners receive the minimum errand information required to perform tasks (for example, addresses and instructions you provide).

We do not sell your personal data.

5. International transfers

Many of our clients are in the Ghanaian diaspora and may access Mo-Nane from outside Ghana. Where personal data is transferred outside Ghana, we use appropriate safeguards as required by applicable law.

Our infrastructure and subprocessors may process data in jurisdictions other than your own. We limit transfers to what is necessary to operate the service.

6. How we protect your data

We apply reasonable technical and organisational measures to reduce the risk of unauthorised access, loss, or misuse. No internet-connected system can be guaranteed completely secure.

Data in transit between your browser and our servers is protected using HTTPS/TLS.

Account passwords are stored using bcrypt hashing; we do not store your plain-text password.

Selected sensitive fields (such as email, phone number, addresses, consent IP metadata, and certain location fields) may be encrypted at the application layer using AES-256-GCM before storage, where field encryption is enabled in our deployment.

Optional end-to-end encrypted chat uses client-side keys; message plaintext is not readable by Mo-Nane when that mode is used correctly.

Production secrets and encryption keys are kept in environment variables or secure deployment stores, not in source code.

Administrative access to production systems is restricted to personnel who need it for operations, support, or security.

7. Your security responsibilities

You are responsible for keeping your login credentials, email account, devices, OTPs, magic links, and reset links secure.

Do not share your password or active login sessions with others. Use a strong, unique password for your Mo-Nane account.

Only upload documents and personal data you have legal authority to share, including respondent contact details for consented checks. Avoid uploading unnecessary sensitive information.

For item pickup errands, you are responsible for the lawfulness, authenticity, ownership, declared value, and condition of items you ask us to transport.

If you believe your account, email, device, or payment method has been compromised, notify us promptly at the contact details above.

To the extent permitted by Ghana law, Mo-Nane is not liable for data exposure, fraud, account takeover, or misuse caused by your own negligence, weak password, shared login, compromised email or device, or unlawful sharing of another person's data.

8. Security incidents

If we become aware of a personal data breach that is likely to result in risk to your rights, we will investigate, contain the incident, and preserve relevant logs and records.

Where required by law, we will notify affected users and the Data Protection Commission of Ghana or other competent authorities within applicable timeframes.

We may work with hosting, payment, and security providers to respond to incidents.

9. Retention

Account data is kept while your account is active. After you request deletion, we apply a 30-day grace period before permanent removal, unless a longer retention is required by law.

Chat messages may be retained for up to 730 days for dispute handling unless a longer period is justified.

Payment records may be retained for up to 2555 days to meet financial and regulatory obligations.

Completed errand media may be retained for up to 365 days unless deleted earlier as part of account closure or product rules.

10. Your rights

Depending on your location, you may have rights to: access your personal data; rectify inaccurate data; erase data in certain cases; restrict processing; object to processing; and receive a copy of your data in a portable format.

You can download a copy of your data from your profile (data export). You can request account deletion from your profile, subject to legal retention requirements.

To exercise rights, use in-app tools or email us at the contact above. We may need to verify your identity before fulfilling requests.

11. Complaints

You may lodge a complaint with the Data Protection Commission of Ghana if you believe our processing infringes applicable Ghana data protection law.

We encourage you to contact us first so we can try to resolve your concern.

12. Cookies

Mo-Nane uses a strictly necessary session cookie (mn_session) to keep you signed in. This cookie is HttpOnly and is required for authentication.

We do not use third-party advertising or analytics cookies in the core product. If we add optional cookies in the future, we will update this policy and, where required, ask for your consent before setting non-essential cookies.

13. Changes

We may update this policy from time to time. Material changes will be communicated through the product or by email where appropriate. Where required, we will ask you to accept the updated policy before continued use.

Data controller: Mo-Nane, Greater Accra, Ghana. Contact: [email protected].