Skip to content
CliffSecurity
Talk to us
Legal

Privacy policy.

How we collect, use, and protect personal data — under the Zimbabwe Cyber and Data Protection Act 2021 and, where applicable, GDPR.

Who we are

CliffSecurity (Pvt) Ltd, Head Office Harare, Zimbabwe. Contact: privacy@cliffsecurity.co.zw.

What data we collect

  • Client contact data (name, email, phone, company).
  • Officer employment data (national ID, medical record, training records, biometric face-template for clock-in).
  • Operational data (CCTV footage, patrol records, incident logs) under client contract.
  • Site-visitor data (ID, photo, reason for visit) where the client has opted into visitor management.
  • Website analytics (page, referrer, country) — no personal identifiers stored.

Why we collect it

  • Delivery of contracted security services.
  • Employment administration for our officers.
  • Legal and regulatory compliance.
  • Improvement of our platform and services.

How we protect it

Self-hosted infrastructure in Zimbabwe. Encrypted at rest and in transit. Role-based access with audit logging. Annual internal review.

Your rights

  • Access: request a copy of the personal data we hold on you.
  • Correction: request that we correct inaccurate or outdated data.
  • Deletion: request deletion of data where we have no legal basis to retain it.
  • Complaint: lodge a complaint with the Data Protection Authority of Zimbabwe.

To exercise any of these, email privacy@cliffsecurity.co.zw. We respond within thirty days.

Updates

We update this policy when our data practices change. The date of last update is at the top of this file. Material changes will be notified to contracted clients directly.