SecureVerse. Ghana
Get in touch
Products
For Business For Family
How it works Features Security Pricing About
Security

Trust, in numbers.

Adjectives are easy. Specifics aren't. Here's exactly how your documents are protected, where they live, and who can touch them.

Our principles

Three rules we won't bend.

01

Your data does not leave the continent.

Stored in regional African data centres. Never replicated to any region outside Africa. We will share storage specifics with your DPO on request.

02

There are no "remember this device" shortcuts.

Every sign-in requires a TOTP code from your authenticator. Enterprise plans add hardware security keys. We don't ship convenience that breaks security.

03

The original document is sacred.

Originals are sealed, returned, or archived under chain of custody. They are never destroyed without your signed authorization.

The spec

Every number that matters.

We'll never give you adjectives where we should give you specifics. Here are the specifics.

Encryption (at rest)
AES-256-GCM with AWS-managed keys
Optional customer-managed KMS keys on Enterprise Compliance plans.
Encryption (in transit)
TLS 1.3 with HSTS preload
Certificate pinning on the mobile app. TLS 1.2 fallback disabled.
Storage region
Regional African data centres
Your data does not leave the continent. No cross-region replication.
Authentication
Email + password + TOTP on every login
Hardware security key (FIDO2 / WebAuthn) support on Enterprise plans.
Chain of custody
Sealed at pickup. Photographed at every handoff.
Logged in your dashboard within 24 hours with timestamp, location, and courier ID.
Facility
Monitored 24/7 in Accra
Background-checked staff. Biometric + key card access. Climate-controlled archive.
Audit
Quarterly external audit
Findings and remediation status shareable with your DPO on request.
Compliance
Ghana Data Protection Act (Act 843)
Registered data processor with GCDPS. SARs supported within 30-day SLA.
Backups
Daily encrypted backups, 30-day retention
Stored within Africa; recoverable via signed request only.
Incident response
24-hour notification commitment
Account holders contacted by phone and email for any incident involving their vault.
Compliance

Ghana DPA, in practice.

We are registered with the Ghana Cyber Security & Data Protection Service (GCDPS) as a data processor. What that means for you:

  • Data residency: on-continent only, with no cross-border replication.
  • Subject access requests (SARs) supported with a 30-day SLA.
  • DPO-friendly reporting: audit logs, access records, and processing breakdowns on demand.
  • Data Processing Agreements (DPAs) available for organisational customers.
Audit

Audit-ready by default.

Whether it's an internal audit, a regulator request, or a court order — your dashboard has the evidence ready.

  • Full access log per document: viewer, IP, timestamp, pages opened, download status.
  • Custody chain export — CSV or PDF — covering pickup through digitization.
  • External audit report available on request (quarterly, current calendar year).
  • Forensic preservation hold available for legal teams.

Want our DPA, audit summary, or pen-test letter?

Email us — we'll send the latest versions to your DPO or compliance team.

Request documents → Email us