Privacy Policy

1. Scope and Purpose

This Privacy Policy explains how Palettes Business Solutions collects, uses, stores, and protects information when you visit our website, submit a form, request a quotation, or engage with our services. The policy applies to business contacts, representatives of client companies, vendor applicants, subcontractors, and website visitors. It also applies to communications made by email, web forms, and related project correspondence.

Because our services support critical industries such as Oil and Gas, Mining, Power and Energy, and Infrastructure, we treat confidentiality and information integrity as business-critical requirements. We process information only for clear business purposes, and we apply proportionate administrative and technical controls to reduce privacy and security risks.

2. Information We Collect

We collect information directly from you when you complete website forms, contact us by email, call our business phone numbers, request vendor onboarding, or exchange project documentation with our team. Typical information may include your full name, company name, role or title, business phone number, business email address, project location, service interests, procurement details, and technical specifications relevant to a quote or scope of work.

For quotation and project support, we may also collect operational information such as equipment requirements, project timelines, planned mobilization windows, desired certifications, compliance requirements, and logistics preferences. For vendor registration, we may collect business profile data, service categories, industry experience, certifications, and supporting documents required for qualification review.

When you use this website, we may collect limited technical information such as browser type, basic device details, referring pages, and interaction data required for site performance, security monitoring, and service improvement. We do not intentionally collect sensitive personal data unless it is submitted voluntarily and is strictly necessary for contract performance, legal compliance, or HSE-related project administration.

3. Legal Basis and Business Justification

We process information for legitimate business purposes, including responding to commercial inquiries, preparing and issuing quotations, assessing vendor suitability, managing contracts, delivering project services, maintaining quality standards, and complying with legal and regulatory obligations. Where required, we rely on consent, contractual necessity, legitimate interest, or legal obligation as the basis for processing.

If you provide information on behalf of a company, you confirm that you are authorized to share such information for business engagement purposes. If we request additional records for procurement, HSE, legal, or compliance reasons, we collect only what is reasonably required for the specific process.

4. How We Use Information

We use collected information to respond to inquiries and requests, issue quotations, evaluate technical and commercial requirements, schedule project support, coordinate mobilization, support procurement workflows, and communicate status updates. We also use information to maintain service quality, document project decisions, and improve operational delivery outcomes.

In practical terms, information may be used to assign internal owners for RFQ responses, verify equipment availability, evaluate HSE prerequisites, coordinate subcontracting interfaces, and prepare structured commercial proposals. For vendor applicants, information may be used to conduct prequalification checks, review capability fit, and communicate onboarding decisions.

We may also use information for internal reporting, quality assurance, risk management, audit readiness, and lawful dispute resolution. We do not sell personal information and we do not use form submissions for unrelated mass marketing activities.

5. Communication and Marketing

We may send service-related communications such as quote confirmations, onboarding updates, technical clarifications, and project coordination notices. These messages are considered operational communications and are necessary for business execution.

Where we share updates about capabilities, services, or company announcements, recipients may request removal from non-essential communication lists. You can opt out at any time by contacting us directly using the details provided in this policy.

6. Data Sharing and Third Parties

We may share relevant information with trusted service providers and project stakeholders only when necessary for legitimate business functions. Examples include hosting providers, form processing tools, email infrastructure providers, logistics partners, legal advisors, auditors, and client-authorized project interfaces.

All sharing is limited to the minimum information required for the task. Third parties engaged by us are expected to maintain appropriate confidentiality and security controls, and to use information only for agreed purposes. We may also disclose information where required by law, legal process, regulatory requirement, or to protect the safety and rights of our personnel, clients, and partners.

7. Data Retention

We retain information for as long as needed to fulfill the purpose for which it was collected, including service delivery, contract administration, legal compliance, and recordkeeping obligations. Retention duration may vary by data type and business context. For example, RFQ and quotation records may be retained for audit and commercial reference periods, while vendor records may be retained for procurement lifecycle needs.

Where information is no longer required, we take reasonable steps to delete, anonymize, or securely archive it according to operational and legal requirements. Backup retention schedules may apply for disaster recovery purposes.

8. Security Controls

We apply layered safeguards designed to reduce unauthorized access, misuse, loss, and disclosure. These measures may include access controls, account permissions, secure administrative practices, audit logs, endpoint protection, controlled backup processes, and practical data minimization. We regularly review operational procedures to improve reliability and resilience.

Despite reasonable controls, no system is completely risk-free. Users are encouraged to avoid transmitting unnecessary sensitive information through general contact forms and to use official project channels for controlled document exchange where required.

9. International and Regional Processing

Our operations support projects in Ghana and across West Africa. Information may be processed by internal teams and trusted partners located in different jurisdictions where project delivery requires cross-border coordination. In such cases, we apply contractual and operational safeguards to preserve confidentiality and lawful processing.

10. Cookies and Similar Technologies

This website may use essential cookies or similar technologies to support website functionality, session continuity, and basic analytics. We do not use tracking methods beyond what is reasonably needed for performance, reliability, and security unless explicitly stated.

You can manage cookie behavior through your browser settings. Disabling some cookies may affect website functionality.

11. Your Rights and Choices

Subject to applicable law, you may request access to your data, correction of inaccurate information, deletion where appropriate, restriction of processing, or clarification on how your data is used. You may also request updates regarding communication preferences.

To process requests efficiently, we may ask for identity verification and sufficient context to locate records. Certain requests may be limited where retention is required for legal, contractual, safety, financial, or audit reasons.

12. Children's Data

Our services and website are intended for business users and professional engagements. We do not knowingly collect personal data from children for marketing or general services.

13. Policy Updates

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. Updated versions become effective when published on this page. Continued use of the website or services after updates constitutes acceptance of the revised policy to the extent permitted by law.

14. Contact and Privacy Requests

For privacy inquiries, data requests, or concerns, contact us at info@palettesbsl.com or call +233 24 800 2966. You may also write to Palettes Business Solutions, Sekondi, Ghana. We will make reasonable efforts to respond within practical timelines based on request complexity.

Last Updated: February 20, 2026