How Pencil Kloden collects, uses, protects, shares, and retains personal information.
This Privacy Policy applies to Pencil Kloden, a fashion school, bespoke tailoring studio, and shop based in Accra, Ghana. It covers information collected through pencilkloden.com, account registration, enrollment forms, shop inquiries, WhatsApp conversations, admin management tools, email verification, and direct communications.
Last updated: June 4, 2026. This policy is written for transparency and business protection, but it is not a substitute for advice from a qualified lawyer in each region where the business operates.
Pencil Kloden is the business responsible for decisions about customer, student, and buyer data. Website developers, hosting providers, database providers, email services, WhatsApp/Meta, and other technical vendors may act as service providers or processors when they handle information only to operate the site or support the business.
When a user creates an account, we collect name, email address, phone number, password hash, verification status, account creation time, session information, and notifications. We do not store plain text passwords.
Course applications may include first name, last name, email, phone or WhatsApp number, date of birth, city or town, preferred course, preferred start date, experience level, how the applicant heard about Pencil Kloden, motivation text, application status, and submission date.
Shop inquiries may include product name, product image URL, price, selected item details, account email, status history, timestamps, and WhatsApp messages generated from the website.
Admins can update students, courses, products, settings, purchase status, and notifications. Admin login uses session cookies and password hashes.
The website may process IP address, browser type, device type, pages visited, timestamps, cookie preferences, error logs, security logs, and server logs. Some of this data is collected automatically by hosting infrastructure.
For Ghanaian users, Pencil Kloden aims to handle personal data consistently with Ghana's Data Protection Act, 2012 (Act 843), including fairness, transparency, purpose limitation, accuracy, security safeguards, and retention only as long as necessary.
Where GDPR or UK GDPR applies, data may be processed based on consent, performance of a contract or steps before a contract, legitimate interests, legal obligations, and protection of rights. Users may have rights to access, correction, erasure, restriction, portability, objection, and withdrawal of consent.
Where U.S. state privacy laws apply, users may have rights to know, access, correct, delete, and opt out of certain sharing or targeted advertising. Pencil Kloden does not intentionally sell personal information. If advertising or analytics tools are added later, cookie consent and opt-out controls should be updated before use.
Where local privacy laws apply, Pencil Kloden will aim to provide notice, collect data for legitimate business purposes, secure the data, and respond to valid user requests in line with applicable law.
When a user opens WhatsApp from the website, the message text may include enrollment or product details. That information is then processed by WhatsApp/Meta under their own terms and privacy practices. Users should review message contents before sending. Pencil Kloden uses WhatsApp to respond to applications, shop inquiries, fittings, bespoke orders, and customer support.
Hosting, database, email, and security providers may process data to run the website. These providers should be limited to the information needed to deliver their services.
Essential cookies and local storage are used for login sessions, security, theme preferences, cookie choices, cart/wishlist style preferences, and account functionality. Optional analytics, advertising, or marketing cookies should only be enabled after consent where required. See the Cookie Policy for more detail.
Enrollment records, purchase inquiries, and admin records are kept while needed for education services, customer support, accounting, dispute resolution, and business records. Account data is kept while an account remains active. Users may request deletion, but some records may be retained where required for lawful business, tax, safety, fraud prevention, or dispute reasons.
The website uses server-side sessions, password hashing for user accounts, admin access controls, restricted configuration files, and database-backed storage. No system is perfectly secure. Users should keep passwords private, verify WhatsApp recipients, avoid sending unnecessary sensitive information, and contact Pencil Kloden if they suspect unauthorized access.
Users may request access, correction, deletion, restriction, or portability of personal information by contacting Pencil Kloden. Requests may require identity verification. Contact: info@pencilkloden.com or the WhatsApp number listed on the website.
Developers and technical vendors should access production data only when necessary for maintenance, debugging, deployment, security, or requested business support. They should avoid copying personal data into insecure channels, should not disclose credentials, and should rotate credentials if exposed.
Important: This policy is a practical compliance baseline for the website. For regulated operations, cross-border data transfers, paid advertising, automated marketing, payment processing, minors, or school accreditation requirements, Pencil Kloden should obtain legal review.