YELLOW PRIME LTD-GROUP PRIVACY FRAMEWORK

Last Updated: 19th January, 2026

  1. Introduction

Yellow Prime Ltd (“Yellow Prime”, “YP”, “Yellow”, “We”, “Us”, “Our”) is the operating company for the yellow ecosystem of products and services, including but not limited to:

  • Yellow package, courier, logistics, transportation, postal, mobility, marketplace services etc.
  • Future digital and physical services operated under the “Yellow” brand

This Group Privacy Framework explains how personal data is collected, used, shared, retained, and protected across all Yellow Prime services and platforms.

The framework is designed to comply with the following:

  • the Ghana Data Protection Act, 2012 (Act 843)
  • the EU General Data Protection Regulation (GDPR) where applicable
  • Google Play User Data & Data Safety Policies
  • the Apple App Store Privacy Requirements

Ensuring privacy, transparency, and trust are core to Yellow Prime’s operating philosophy and culture.

Dear user, by using any Yellow Prime service, application, website, or platform, you acknowledge and agree to this Privacy Framework, subject to your rights under applicable laws.

  1. The Scope of Our Privacy Framework

Our framework applies to all personal data processed by Yellow Prime and its operating brands through any of the following channels:

  • Mobile apps
  • Websites
  • APIs and integrations
  • Customer support
  • Authorized agents, partners, and vendors

This privacy framework applies to the following user segments:

  • Customers or end users
  • Couriers (Riders, Droppers, Drivers etc.)
  • Merchants, vendors, and corporate entities
  • Agents, contractors, partners etc.

In addition, each “Yellow” service may publish a service-specific Privacy Notice that supplements (but does not override) this Group Framework.

  1. Types of Personal Data We Collect

At Yellow Prime Ltd, we apply the principle of data minimization and collect only what is necessary.

  • Identity & Contact Data

A user’s Full name, Phone number, Email address, Physical address, National ID or equivalent (where legally required), may be collected.

  • Transaction & Service Data
  • Orders, bookings, and delivery details
  • Shipment and service history
  • Tracking numbers and references
    • Location & Device Data
  • Pickup, delivery and drop-off locations
  • GPS data (only when required for service delivery)
  • Device identifiers, IP address, app version
    • Payment & Financial Data
  • Mobile money or bank account numbers
  • Payment transaction references

Important Note: Even in situations where debit or credit card payments may be done, Yellow Prime does not store full card details. Payments are processed via licensed providers.

  • Onboarding & Compliance Data (Riders / Drivers / Partners)
  • Identification documents
  • Driver’s license
  • Usage history of vehicle, motorcycle, equipment etc.
  • Guarantor or Contact person details
  • Photographs
  • Insurance details etc.
    • Usage & Technical Data
  • App activity logs
  • Performance and diagnostic data
  1. Use of Cookies & Tracking Technologies

Our platforms may use cookies and similar technologies strictly for the following reasons:

  • User authentication and login
  • Preferences and settings
  • Fraud prevention and security
  • Analytics and service improvement
  • Limited marketing only where explicit consent is provided
  1. Legal Basis for Processing User Data

User personal data may be processed based on one or more of the following grounds:

  • Where User consent is established
  • For the performance of a contract
  • Legal and regulatory compliance
  • Legitimate business interests that do not override user rights
  1. How We Use Personal Data

Yellow Prime may use personal data to perform any of the following activities:

  • Provide and operate services
  • Enable booking, tracking, and co-ordination
  • Process payments, claims and refunds
  • Verify users, riders, drivers, droppers and partners
  • Provide excellent customer support
  • For the prevention of fraud and abuse
  • To improve products and user experience
  • Send service-related notifications
  • Conduct analytics and reporting
  • Carry out limited marketing as may be permitted by law or user
  1. Data Sharing & Disclosure

We may share personal data only where necessary with:

  • Riders, drivers, droppers, and delivery partners
  • Merchants and vendors
  • Licensed payment service providers
  • Cloud, IT, analytics, and fraud-prevention vendors
  • Regulators and law enforcement where legally required

All our partners or third parties are bound by contractual and legal data protection obligations.

  1. Data Retention

Personal data is retained only for as long as necessary to:

  • Provide excellent services
  • Fulfill contractual obligations
  • Meet legal, tax, audit, and regulatory requirements

For Example:

  • Basic delivery data may be deleted or anonymized after service completion
  • Transaction records may be retained for audit and dispute resolution
  • Inactive accounts may be anonymized or deleted after statutory periods
  1. Account & Data Deletion

We make it easy for users to be able to have their personal data removed from our platforms

9.1 In-App Account Deletion

Users of our platforms may permanently delete their account within supported apps:

Settings → Profile → Delete Account

This action results in:

  • Removal of personal profile data
  • Revocation of platform access
  • Deletion of preferences and usage data

In-app deletion is irreversible.

9.2 Data Deletion Requests

Users can also request deletion of specific data via:

Such a requests is:

  • Acknowledged within 2 days
  • Completed within 7 working days

Note: Certain data may be retained as established by law or as regulatory necessity.

  1. Security Measures

We implement appropriate technical and organizational safeguards, including:

  • Encryption in transit and at rest
  • Role-based access controls
  • Staff confidentiality obligations
  • Incident response and breach management
  1. User Rights

All Users have the right to:

  • Access personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Withdraw consent
  1. Children’s Data

Yellow Prime’s services are not directed at children under 18. Any unintentionally collected child data is deleted promptly.

  1. Data Breaches

In the event of a breach, Yellow Prime will immediately:

  • Notify the affected users where required
  • Notify regulators as mandated by law
  • Take immediate mitigation steps to prevent future occurence
  1. Policy Updates

This policy framework may be updated periodically. Updates will be published on Yellow Prime’s platforms with revised effective dates.

  1. Relationship With Terms of Service

This Privacy Framework forms an integral part of Yellow Prime’s Terms of Service.

In the event of conflict:

  • This Privacy Framework governs personal data processing
  • Terms of Service govern platform usage, liability, and commercial terms

By using Yellow Prime services, users agree to both documents collectively.

Scroll to Top