COPYGHANA DATA PROTECTION POLICY

  1. Introduction

This Data Protection Policy outlines the principles and guidelines governing the collection, use, storage, and protection of personal data by the Reproduction Rights Organisation of Ghana (CopyGhana) LBG (“We,” “Our,” or “Us”) in compliance with the data protection laws of Ghana and the rights of data subjects, including rightsholders. This policy is applicable to all personal data collected and processed by CopyGhana.

  1. Definitions

Personal Data: Any information relating to an identified or identifiable individual.

Data Subject: An identified or identifiable individual to whom personal data relates.

Rightsholder: An individual who holds legal rights, such as copyrights or intellectual property rights, over a piece of content or work.

Processing: Any operation performed on personal data, including collection, recording, organization, storage, alteration, retrieval, consultation, use, disclosure, dissemination, erasure, or destruction.

Consent: Freely given, specific, informed, and unambiguous indication of the data subject’s wishes.

Data Controller: An entity that determines the purposes and means of processing personal data.

Data Processor: An entity that processes personal data on behalf of the data controller.

  1. Principles of Data Protection

We are committed to upholding the following principles when processing personal data, particularly that of rightsholders and users:

Lawfulness, Fairness, and Transparency: We will process personal data lawfully, fairly, and in a transparent manner.

Purpose Limitation: We will only collect personal data for specified, explicit, and legitimate purposes.

Data Minimization: We will ensure that personal data collected is relevant, adequate, and limited to what is necessary for the intended purpose.

Accuracy: We will take reasonable steps to ensure that personal data is accurate and kept up to date.

Storage Limitation: We will retain personal data only for as long as necessary to fulfill the purposes for which it was collected.

Integrity and Confidentiality: We will implement appropriate technical and organizational measures to ensure the security, integrity, and confidentiality of personal data.

Accountability: We will be accountable for our data protection practices and demonstrate compliance with applicable laws and regulations.

  1. Data Collection and Use

We will collect and process personal data of rightsholders for the following purposes:

To establish and maintain contractual relationships.

To facilitate communication regarding licensing, royalties, and intellectual property matters.

To provide updates about relevant industry developments and opportunities.

To comply with legal and regulatory requirements.

  1. Consent

We will obtain explicit consent from rightsholders before processing their personal data, clearly explaining the purposes of processing, the types of data collected, and the rights they have.

  1. Data Security

We will implement appropriate technical and organizational measures to safeguard personal data against unauthorized access, loss, destruction, or alteration. We will regularly review and update our security practices to address emerging threats.

  1. Data Sharing and Disclosure

We will only share personal data with third parties if it is necessary for the fulfillment of contractual obligations, compliance with legal requirements, or with the explicit consent of the rightsholder. We will ensure that appropriate safeguards are in place when sharing data with processors or recipients outside of Ghana.

  1. Rights of Rightsholders

Rightsholders have the following rights regarding their personal data:

Right to access their personal data.

Right to rectification of inaccurate data.

Right to erasure of data under certain conditions.

Right to restrict processing under certain circumstances.

Right to data portability.

Right to object to processing in specific situations.

Right not to be subject to automated decision-making.

  1. Data Breach Notification

In the event of a personal data breach, we will promptly assess the risk to individuals and, if required, notify the relevant authorities and affected individuals in accordance with applicable laws.

  1. Warranties from Rightsholders

By providing their personal data to CopyGhana, rightsholders warrant that they have the legal right to disclose this data and that the data is accurate and up to date to the best of their knowledge.

  1. Updates to the Policy

This policy may be updated periodically to reflect changes in laws, regulations, or organizational practices. The most recent version of the policy will be made available on our website.

  1. Contact Information

For questions or concerns related to data protection or this policy, please us via email: info@copyghana.org.gh or via phone on +233 302 2915289.

By adhering to this Data Protection Policy, we aim to ensure the privacy and rights of rightsholders while maintaining the highest standards of data protection in accordance with Ghanaian laws and regulations..