1. Purpose of This Policy
This Data Protection Policy explains how WOHO Solutions Ltd (“we”, “our”, “us”) protects personal data and ensures compliance with applicable data protection laws. The policy applies to clients, partners, and third parties whose data is processed in connection with our services.
2. Scope
This policy covers the processing of personal data related to:
- Client contact and billing information
- End user data processed through hosted or managed systems
- Support, ticketing, and service related communications
This policy does not apply to employee data, which is governed by separate internal policies.
3. Data Protection Commitment
We are committed to:
- Processing personal data lawfully, fairly, and transparently
- Collecting data only for specified and legitimate purposes
- Limiting data collection to what is necessary
- Ensuring data accuracy and security
- Retaining data only for as long as required by law or contractual obligations
4. Types of Data Processed
We may process the following types of personal data:
- Names, email addresses, phone numbers, and company details
- Billing and invoicing information
- End user data hosted or processed as part of cloud and managed services
- Support and ticketing related data
We do not handle, process, or store sensitive personal data, including health information, biometric data, or criminal records.
5. Legal Basis for Processing
Personal data is processed on one or more of the following legal bases:
- Performance of a contract
- Compliance with legal obligations
- Legitimate business interests related to service delivery
- Consent, where required
6. Data Retention
Personal data is retained only for periods permitted under the Mauritius Data Protection Act and applicable legal or contractual requirements. Data is securely deleted or anonymised when it is no longer required.
7. Access Control and Security Measures
Appropriate technical and organisational measures are in place to protect personal data, including:
- Role based access control
- Restricted access to authorised personnel only
- Monitoring and auditing of systems
- Secure authentication and access management
All personnel with access to personal data are subject to confidentiality obligations.
8. Use of Cloud and International Data Transfers
Personal data may be stored or processed using cloud infrastructure located in multiple regions. Where data is transferred outside Mauritius or the European Union, appropriate safeguards are applied to ensure compliance with applicable data protection laws.
9. Use of Third Parties
Third party service providers, such as cloud hosting and support systems, may be used solely for service delivery purposes. Data is not sold or shared for marketing purposes, and third parties are required to apply appropriate data protection measures.
10. Data Breaches
All data breaches or suspected security incidents are logged and assessed promptly. Where required by law, relevant authorities and affected clients will be notified in accordance with applicable regulations.
11. Data Subject Rights
Individuals have the right to:
- Access their personal data
- Request correction of inaccurate data
- Request deletion of data where applicable
- Object to or restrict processing
Requests will be handled in accordance with applicable data protection laws.
12. Contact for Data Protection Matters
All data protection related enquiries or requests should be directed to:
hello@woho.solutions
13. Policy Updates
This Data Protection Policy may be updated from time to time to reflect legal or operational changes. The latest version will always be made available.
