Chango is required to comply with the Data Protection Act 2012 (Act 843). This Act mandates that organisations obtain explicit consent from individuals before collecting, processing and using their personal data.

The due diligence and/or Merchant KYC (Know Your Customer) processes involve the collection of personal information from individuals or businesses for various purposes, such as identity verification, risk assessment, compliance and the fulfilment of contractual obligations.

The Data Privacy Consent Clause aims to:

• Inform individuals about how their personal data will be collected, used and protected
• Obtain explicit consent from individuals for the processing of their personal data
• Ensure transparency and fairness in data handling practices
• Ultimately demonstrate compliance with the Data Protection Act 2012 (Act 843)

The clause outlines the purpose of data collection, the types of data collected, how the data will be processed, the security measures in place, data retention periods and the rights of individuals regarding their personal data.

Consent Statement

By continuing to engage with our services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, processing, and use of your personal data as described herein. I understand that:

1. Purpose of Data Collection: My personal data will be collected and processed for the purpose of conducting due diligence, verifying my identity, assessing risk and fulfilling contractual and statutory obligations.

2. Types of Data Collected: The types of personal data that may be collected include, but are not limited to, full name, date of birth, address, contact information, financial information, identification documents.

3. Data Processing Activities: My personal data may be processed for the following purposes: data entry, storage, verification, analysis, disclosure to third parties as necessary for IT Consortium’s business operations.

4. Data Security: IT Consortium will take appropriate technical and organisational measures to ensure the security and confidentiality of my personal data.

5. Data Retention: My personal data will be retained for as long as necessary to fulfill the purposes for which it was collected and as permitted by applicable law.

6. Data Subject Rights: I acknowledge that I have the right to:

   • Access: Request access to my personal data
   • Rectification: Request the correction of any inaccurate or incomplete personal data
   • Erasure: Request the deletion of my personal data under certain circumstances
   • Restriction of Processing: Request the restriction of processing of my personal data under certain circumstances
   • Data Portability: Request the transfer of my personal data to another organisation
   • Object to Processing: Object to the processing of my personal data under certain circumstances

7. Withdrawal of Consent: I understand that I have the right to withdraw my consent to the processing of my personal data at any time; however, I also understand that withdrawal of consent may affect my ability to engage in business with IT Consortium.

8. Contact Information: I can contact IT Consortium’s Data Protection Officer at dps@itconsortiumgh.com with any questions and/or concerns regarding the processing of my personal data.

I hereby confirm that I have read thoroughly and understood this Data Privacy Consent and freely and voluntarily consent to the collection, processing and use of my personal data as described above.