Privacy Policy
1 Introduction
AIforMusic.org (“we, our, the Platform”) is an educational, community-driven portal that helps African music stakeholders discover and learn practical AI tools. Protecting your privacy is central to that mission. This policy explains what data we collect, why we collect it, how we use it, and the choices you have.
2 Who Controls Your Data?
-
Controller: Digital Music Innovation Lab, Department of Operations & Information Systems, University of Ghana Business School, Legon – Accra, Ghana.
-
Email: privacy@aiformusic.org
-
Telephone: +233 55 123 4567
We abide by Ghana’s Data Protection Act 2012 (Act 843) and, for visitors from the European Economic Area or UK, the GDPR / UK GDPR.
3 What This Policy Covers
It applies to:
- Website and sub-domains (tool directory, knowledge base, forum, learning modules).
- Emails we send or receive.
- Surveys or research studies linked from the Platform.
It does not cover external sites we link to (e.g., Taylor & Francis, Spotify). Check their policies separately.
4 Data We Collect & Why
|
Category |
Examples |
Why We Need It |
Legal Basis* |
|---|---|---|---|
|
Account Data |
Name, email, role (artist, producer …), hashed password |
Create your login, personalise content, send service notices |
Contract |
|
Community Content |
Forum posts, tool reviews, chat messages |
Publish your contributions for other users |
Consent |
|
Tool-Suggestion Forms |
Tool URL, description, optional contact |
Evaluate and add new resources |
Legitimate Interest |
|
Learning Records |
Course enrolment, quiz scores, badge progress |
Track your learning path, award certificates |
Contract |
|
Usage Analytics |
Page views, search terms, anonymised IP (truncated), device type |
Improve site layout; compile aggregated research metrics |
Legitimate Interest |
|
Cookies |
Session ID, language preference; Matomo analytics cookie |
Maintain login; remember settings; measure traffic (first-party only) |
Legitimate Interest / Consent |
*GDPR Article 6 bases. Where “Consent” applies, you can withdraw anytime in your profile settings.
5 Special-Category Data
We do not request nor intentionally process race, health, biometric, or other sensitive data.
6 How Long We Keep Your Data
|
Data Type |
Retention Period |
|---|---|
|
Account profile |
Until you delete the account or 24 months of inactivity, whichever is first |
|
Forum posts & tool reviews |
Indefinitely (they form part of the community knowledge base) unless you request deletion |
|
Analytics logs (Matomo) |
Raw logs 180 days → aggregated statistics kept indefinitely |
|
Research survey responses |
5 years (per university ethics guidelines), then anonymised |
7 Who Sees Your Data?
|
Recipient |
Purpose |
Safeguard |
|---|---|---|
|
Internal staff & research team |
Site maintenance, academic analysis |
Role-based access; signed confidentiality agreements |
|
Email delivery service (e.g. Mailgun) |
Send platform emails |
EU–US DPF or SCCs for GDPR compliance |
|
Payment gateway (only if you buy a paid course) |
Process transaction |
PCI-DSS compliant; we never store card numbers |
|
Lawful authorities |
Only if required by court order or to prevent fraud |
Disclosed case-by-case |
We never sell your personal data.
8 International Transfers
Primary servers are in Accra, Ghana. Some providers (email, backups) operate in the EU or United States. When we transfer data outside Ghana/EEA we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards.
9 Your Rights
Depending on your jurisdiction, you may:
-
Access a copy of your data.
-
Correct inaccuracies.
-
Erase data (“right to be forgotten”).
-
Restrict or object to certain processing.
-
Port data to another service.
-
Withdraw consent at any time.
-
Complain to the Ghana Data Protection Commission or your local authority.
Email privacy@aiformusic.org to exercise these rights. We will respond within 30 days.
10 Children’s Privacy
The Platform targets users aged 13 and above. If you believe a child under 13 has provided personal data without parental consent, contact us for immediate deletion.
11 Security Measures
-
Encryption in transit (HTTPS / TLS 1.3) and at rest (AES-256 on server disks).
-
Two-factor authentication available for admin accounts.
-
Daily off-site backups encrypted before transfer.
-
Regular vulnerability scans and dependency updates.
12 Research Use Statement
Aggregated, pseudonymised usage statistics may appear in academic journals, conference papers, or Jefferson Seneadza’s PhD thesis. Individual users are never identifiable in these outputs.
13 Changes to This Policy
We may update this notice to reflect legal or operational changes. When we do, we’ll post the new version here and—if changes are significant—email registered users 14 days before it takes effect.
14 Contact
Privacy Officer
Digital Music Innovation Lab
University of Ghana Business School
Legon Campus, Accra, Ghana
✉ privacy@aiformusic.org | ☎ +233 55 123 4567
Your trust powers our community. Thank you for reading.
General
Suggest tool
contribute@aiformusic.org
Research
research@aiformusic.org
Address
c/o Department of Operations & Information Systems
University of Ghana Business School
Legon Campus, Accra, Ghana