Privacy Policy

Last updated: March 2025

Afrikabal Ltd. ("we", "us", "AXK Network") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, share, and protect information when you use the AXK Network platform.

1. Data We Collect

Account Information

When your organization administrator creates your account, we collect your full name, email address, phone number, organization affiliation, and assigned role.

Transaction Data

We record all platform activity including trade orders, escrow contracts, quality inspection results, shipment records, and payment transfers. This data forms the auditable trust layer of the platform.

Farm & Supply Chain Data

Depending on your role, we collect farm plot GPS coordinates, yield measurements, harvest dates, season plans, pre-harvest forecasts, and growth monitoring data.

Financial Data

Finance eligibility scores, credit history within the platform, insurance policy details, and claim records.

Technical Data

Browser type, IP address, device information, login timestamps, and session data for security and platform improvement.

2. How We Use Your Data

We use your data to:

  • Operate the Platform — process transactions, manage lots, coordinate shipments, and enable trade.
  • Verify identity and authorization — ensure only authorized users access relevant data and functions.
  • Generate compliance reports — produce EUDR compliance packages, traceability documentation, and audit trails.
  • Provide AI insights — power AXK AI's quality predictions, risk scoring, and anomaly detection.
  • Maintain security — detect unauthorized access, fraud, and system abuse.
  • Improve our services — analyze usage patterns to enhance platform performance and user experience.

3. Data Sharing

We share your data only with:

  • Your organization's authorized users — based on role-level permissions configured by your admin.
  • Transaction counterparties — buyers, sellers, and logistics providers involved in your trades see transaction-relevant data.
  • Regulatory authorities — when legally required for compliance, customs, or law enforcement purposes.
  • Blockchain networks (XRPL) — only cryptographic hashes of proofs are recorded on-chain. Your raw data is never published to the blockchain.

We do not sell your personal data to advertisers or third-party data brokers.

4. Data Storage & Security

We implement industry-standard security measures:

  • Encryption in transit — all connections use TLS 1.3.
  • Encryption at rest — database storage is encrypted.
  • Row-level access controls — each user sees only data relevant to their organization and role.
  • Regular backups — automated daily backups with encrypted off-site storage.
  • Access logging — all system access is logged and monitored for anomalies.

5. Data Retention

  • Transaction records: Retained for 7 years (regulatory and compliance requirement).
  • EUDR compliance data: Retained for the duration required by EU regulations.
  • Account data: Deleted 90 days after account closure, except where retention is legally required.
  • Technical logs: Retained for 12 months for security analysis.

6. Your Rights

You have the right to:

  • Access — request a copy of all personal data we hold about you.
  • Correction — request correction of inaccurate personal data.
  • Deletion — request deletion of your personal data (subject to legal retention requirements).
  • Export — receive your data in a portable, machine-readable format.
  • Restriction — request restricted processing while a dispute is resolved.

Important: Transaction records that have been shared with counterparties (buyers, sellers, inspectors) or anchored to blockchain cannot be unilaterally deleted, as they form part of the shared trust record.

To exercise your rights, contact privacy@axk.org.

7. Cookies

We use only essential cookies for:

  • Session management (maintaining your login state).
  • Security (CSRF protection, rate limiting).

We do not use third-party tracking cookies, advertising cookies, or analytics cookies that track individuals across websites.

8. International Transfers

Your data may be processed in data centers located outside your home country. When transferring data internationally, we ensure adequate protection through standard contractual clauses and appropriate technical safeguards.

9. Changes to This Policy

We will notify users of material changes to this Privacy Policy at least 30 days in advance via email and platform notification. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact & Data Protection

For privacy inquiries, data requests, or complaints:

Terms of Service · FAQ · Contact Us