Last updated: August 30, 2024
Effective date: March 30, 2024
Sarafa Ltd ("we," "us," or "our") is committed to protecting the privacy and confidentiality of our users' personal data. This policy outlines how we collect, use, and safeguard personal information in compliance with applicable laws in South Sudan, including any future regulations, and in accordance with international best practices such as the General Data Protection Regulation (GDPR) and the African Union Convention on Cybersecurity and Personal Data Protection (Malabo Convention).
This policy applies to all users of Sarafa’s services, including but not limited to customers, partners, and employees. It governs the collection, processing, and storage of personal data in the course of providing our services.
We process personal data based on:
We may collect the following types of personal data:
Sarafa collects and processes personal data for the following purposes:
Sarafa will not share or disclose personal data to third parties unless:
• We have obtained the user's explicit consent.
• It is necessary to comply with a legal obligation, such as cooperating with law enforcement agencies.
• It is required to fulfill the terms of service, such as sharing data with payment processors or financial institutions for completing transactions.
• All third-party partners and service providers are bound by contractual agreements to ensure the protection and confidentiality of personal data.
We implement appropriate technical and organizational measures to ensure the security and integrity of personal data. This includes encryption, secure servers, firewalls, and regular security audits to protect against unauthorized access, loss, or damage.
Sarafa will retain personal data for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, and resolve disputes. Data that is no longer needed will be securely deleted or anonymized.
Under South Sudanese law and applicable international standards, users have the following rights:
• Access: Users may request access to the personal data we hold about them.
• Rectification: Users have the right to correct any inaccuracies in their personal data.
• Erasure: Users may request the deletion of their personal data, subject to legal and contractual obligations.
• Restriction: Users may request the limitation of the processing of their personal data in certain circumstances.
• Portability: Users can request the transfer of their personal data to another service provider.
• Requests to exercise these rights should be directed to our Data Protection Officer.
Where necessary, Sarafa.io may transfer personal data to countries outside South Sudan. We ensure that any such transfer is conducted with adequate safeguards in place, including compliance with international data protection standards.
We use cookies and similar tracking technologies to enhance user experience, analyze platform performance, and customize content. Users can manage their cookie preferences through their browser settings.
Although South Sudan currently lacks a comprehensive data protection framework, Sarafa is committed to adhering to any applicable legal obligations related to privacy and data protection. Such as Article 22 of the transitional constitution of South Sudan which protects the right to privacy. We also follow international best practices to ensure the highest standard of user data security.
Sarafa reserves the right to update this Data Protection Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. Users will be notified of any significant updates through our platform.
If you have any questions or concerns regarding this policy or your personal data, please contact our Data Protection Officer at: - Email: admin@sarafa.ss - Address: Sarafa,Addis Ababa road, Juba, South Sudan.
