Legal
Privacy Policy
How we handle personal data when you browse the registry, create an account or contact us.
Last updated: 5 July 2026
1. Introduction
MARATTO AFRICA LTD ("we", "us", "our") operates SEZ Africa at sez.africa. This Privacy Policy explains how we collect, use, store and share personal data when you use our website, create an account or contact us.
We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data controller
MARATTO AFRICA LTD is the data controller for personal data processed through SEZ Africa.
Registered office: 3rd Floor, 45 Albemarle Street, Mayfair, London W1S 4JL, United Kingdom. Company number: 17169961.
Privacy enquiries: hello@sez.africa.
3. Data we collect
We may collect the following categories of personal data depending on how you use the platform:
- Account data: email address, name, chosen role and authentication identifiers.
- Profile and onboarding data: organisation details, professional links, phone number and other information you submit during onboarding.
- Usage data: pages viewed, searches, interactions with registry content and technical logs generated when you use the site.
- Communications: messages you send to us and records of support or introduction requests.
- Technical data: IP address, browser type, device information and cookie identifiers (see our Cookie Policy).
4. How we use your data
We use personal data to:
- Provide, secure and maintain your account and the registry platform.
- Complete onboarding and route you to the appropriate dashboard experience.
- Send authentication codes, service notifications and responses to your enquiries.
- Improve registry accuracy, product performance and user experience.
- Comply with legal obligations and enforce our Terms of Use.
5. Legal bases for processing
We rely on the following legal bases under UK GDPR:
- Contract: to provide the services you register for.
- Legitimate interests: to operate, secure and improve the registry, prevent misuse and communicate with users.
- Consent: where required for non-essential cookies or optional marketing communications.
- Legal obligation: where we must retain or disclose information to comply with applicable law.
7. International transfers
Some of our service providers may process data outside the United Kingdom. Where this occurs, we use appropriate safeguards such as UK adequacy regulations, standard contractual clauses or equivalent protections.
8. Data retention
We keep personal data only for as long as necessary for the purposes described in this policy, including to meet legal, accounting or reporting requirements. Account data is generally retained while your account remains active and for a reasonable period afterwards unless deletion is requested earlier.
9. Your rights
Under UK data protection law, you may have the right to access, rectify, erase, restrict or object to processing of your personal data, and to data portability where applicable. You may also withdraw consent at any time where processing is based on consent.
You have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data has been handled unlawfully.
10. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure or destruction. No online service can guarantee absolute security, and you are responsible for keeping your login credentials confidential.
11. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated date. Continued use of the platform after changes take effect constitutes acceptance of the revised policy.