Privacy Notice

Last updated: October 24, 2025

This privacy notice for MG Digital Media Limited ('we', 'us', or 'our'), describes how and why we might collect, store, use, and/or share ('process') your information when you use our services ('Services'), such as when you:

Visit our website at https://adesaplus.com, or any website of ours that links to this privacy notice
Download and use our mobile application (adesa+), or any other application of ours that links to this privacy notice
Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@mg.com.gh or our Data Protection Officer at dpo@mg.com.gh.

SUMMARY OF KEY POINTS

This summary provides key points from our privacy notice, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use. Learn more about personal information you disclose to us.

Do we process any sensitive personal information? We do not process sensitive personal information.

Do we receive any information from third parties? We may receive information from public databases, marketing partners, social media platforms, and other outside sources. Learn more about information collected from other sources.

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so. Learn more about how we process your information.

In what situations and with which parties do we share personal information? We may share information in specific situations and with specific third parties. Learn more about when and with whom we share your personal information.

How do we keep your information safe? We have organisational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Learn more about how we keep your information safe.

What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. Learn more about your privacy rights.

How do you exercise your rights? The easiest way to exercise your rights is by submitting a data subject access request, or by contacting us. We will consider and act upon any request in accordance with applicable data protection laws.

Want to learn more about what we do with any information we collect? Review the privacy notice in full.

WHAT INFORMATION DO WE COLLECT?
HOW DO WE PROCESS YOUR INFORMATION?
WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?
DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
HOW DO WE HANDLE YOUR SOCIAL LOGINS?
HOW LONG DO WE KEEP YOUR INFORMATION?
HOW DO WE KEEP YOUR INFORMATION SAFE?
DO WE COLLECT INFORMATION FROM MINORS?
WHAT ARE YOUR PRIVACY RIGHTS?
CONTROLS FOR DO-NOT-TRACK FEATURES
DO GHANA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?
DO WE MAKE UPDATES TO THIS NOTICE?
HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

1. WHAT INFORMATION DO WE COLLECT?

We collect different categories of personal information depending on whether you are signed in to your adesa+ Account or browsing without signing in.

Personal information you disclose to us

In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.

Categories of personal data when you are signed-in to your adesa+ Account:

Registration and Account Information:

Names (first and last name)
Phone numbers
Email addresses
Usernames
Passwords
Date of birth (for age verification)
Gender (optional)
Contact preferences
Account settings and preferences

Subscription and Payment Information:

Billing addresses
Payment method details (credit/debit card last 4 digits, mobile money account reference)
Subscription plan type and duration
Payment history and transaction records
Voucher redemption history
Billing cycle information

Viewing History and Preferences:

Content watched or interacted with
Watch progress and bookmarks
Search queries and history
Content ratings and reviews (if provided)
Viewing duration and frequency
Preferred content categories and genres
Stream quality preferences

Technical and Usage Information (Events):

How, when, and for how long you access our Services
Pages viewed and features used
Navigation paths and click patterns
Error logs and performance data
Session duration and frequency
Platform type (web, mobile app, smart TV)

Device and Browser Information:

Device type, model, and manufacturer
Operating system and version
Browser type and version
IP address
Device identifiers (IDFA, GAID)
Screen resolution and display settings
Language preferences
Time zone settings

Location Information:

Geographic location based on IP address
Country and region for content availability
Time zone for scheduling features

Support Services Information:

Support ticket content and history
Communication transcripts (chat, email)
Complaint details and resolutions
User feedback and suggestions

Marketing and Communications:

Marketing preferences
Email open and click rates
SMS delivery confirmations
Push notification interactions
Contest and promotion participation

Social Media Information:

Information from social login (if used)
Social media profile data (name, email, profile picture)
Content shared to social platforms
Social interactions with our content

Categories of data when you are not signed in to adesa+ Service:

When browsing without signing in, we collect:

Technical and Usage Information (Events)
Device and Browser Information
Location Information (IP-based)
Cookie and tracking data

Information from Third Parties

We may receive information about you from:

Payment processors (transaction confirmations)
Social media platforms (when you use social login)
Marketing partners (for targeted advertising)
Analytics providers
Business partners who offer joint services

Sensitive Information. We do not process sensitive information such as racial or ethnic origin, religious beliefs, sexual orientation, or health information.

Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number, and the security code associated with your payment instrument. All payment data is stored by Paystack and Hubtel. You may find their privacy notice link(s) here: https://paystack.com/gh/privacy and https://explore.hubtel.com/legal/privacy-policy/.

Application Data. If you use our application(s), we also may collect the following information if you choose to provide us with access or permission:

Mobile Device Data. We automatically collect device information (such as your mobile device ID, model, and manufacturer), operating system, version information and system configuration information, device and application identification numbers, browser type and version, hardware model Internet service provider and/or mobile carrier, and Internet Protocol (IP) address (or proxy server).
Push Notifications. We may request to send you push notifications regarding your account or certain features of the application(s). If you wish to opt out from receiving these types of communications, you may turn them off in your device's settings.

This information is primarily needed to maintain the security and operation of our application(s), for troubleshooting, and for our internal analytics and reporting purposes.

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:

To facilitate account creation and authentication

To create and maintain your adesa+ Account
To verify your identity and age
To enable secure login and password management
To prevent unauthorized account access

To deliver and facilitate delivery of services

To provide streaming access to content
To process and manage subscriptions
To enable content playback across devices
To maintain viewing history and progress
To provide customer support

To process payments and financial transactions

To process subscription payments
To verify payment methods
To send payment confirmations
To manage billing cycles
To handle refunds when applicable

To personalize user experience

To recommend content based on viewing history
To customize interface based on preferences
To remember language and quality settings
To create personalized content collections
To improve content discovery

To communicate with you

To send service-related announcements
To respond to support inquiries
To send billing and account notifications
To provide technical updates
To send marketing communications (with consent)

To improve and optimize our Services

To analyze usage patterns and trends
To identify and fix technical issues
To develop new features
To optimize streaming performance
To conduct A/B testing

To ensure security and prevent fraud

To detect and prevent unauthorized access
To identify and block fraudulent payments
To enforce geographic restrictions
To monitor for terms of service violations
To protect intellectual property rights

To comply with legal obligations

To respond to legal requests
To comply with applicable laws
To enforce our terms and policies
To protect rights and safety

For marketing and advertising

To send promotional offers (with consent)
To deliver targeted advertisements
To measure advertising effectiveness
To conduct market research
To promote new content and features

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

In Short: We process your information when we have a valid legal reason to do so.

We process your personal information under the following legal bases:

Contract Performance: We process information necessary to:

Fulfill our subscription agreement with you
Provide access to streaming content
Process payments
Deliver customer support

Legitimate Interests: We process information for our legitimate business interests, including:

Improving and personalizing our Services
Marketing our Services (where consent is not required)
Preventing fraud and ensuring security
Analyzing usage to improve performance
Enforcing our terms and policies

You have the right to object to processing based on legitimate interests.

Legal Obligations: We process information to comply with:

Tax and accounting requirements
Court orders and legal proceedings
Regulatory requirements
Law enforcement requests (where legally required)

Consent: We process information based on your consent for:

Marketing communications
Cookies and tracking technologies
Social media integrations
Optional data collection

Vital Interests: In rare cases, we may process information to protect vital interests, such as preventing harm.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following third parties.

We may share your personal information with:

Service Providers

Hosting and infrastructure providers (cloud services)
Payment processors (Paystack, Hubtel)
Analytics providers (Google Analytics, Mixpanel)
Customer support tools
Email and SMS service providers
Content delivery networks (CDNs)

Business Partners

Content providers and licensors
Marketing and advertising partners
Co-promotion partners
Technology partners

Affiliated Companies

Parent company (MultiChoice Group Limited)
Subsidiaries and affiliates
Joint venture partners

Legal and Regulatory Bodies

Law enforcement (when legally required)
Courts and regulatory authorities
Government agencies (for compliance)
Legal advisors

Business Transfers

In connection with mergers or acquisitions
During bankruptcy or dissolution
As part of asset sales

With Your Consent

When you direct us to share information
For features requiring third-party access
For social media integrations

Aggregated or Anonymized Data

We may share aggregated statistics
Industry insights and trends
Non-identifiable usage data

5. WHAT IS OUR STANCE ON THIRD-PARTY WEBSITES?

In Short: We are not responsible for the safety of any information that you share with third parties that we may link to or who advertise on our Services, but are not affiliated with, our Services.

The Services may link to third-party websites, online services, or mobile applications and/or contain advertisements from third parties that are not affiliated with us and which may link to other websites, services, or applications. We do not guarantee the safety and privacy of data you provide to any third parties. This privacy notice does not address, and we are not responsible for, the privacy, information, or other practices of any third parties. You should review the applicable third-party privacy policies before using such services.

6. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We use cookies and similar tracking technologies to access or store information. For detailed information about our cookie use and how to manage your preferences, please see our Cookie Policy at https://adesaplus.com/cookies.

Types of cookies we use:

Essential cookies: Required for basic site functionality
Performance cookies: To understand how you use our Services
Analytics cookies: To improve our Services
Advertising cookies: To deliver relevant advertisements
Social media cookies: For social sharing features

Managing cookies: You can manage your cookie preferences through:

Your browser settings
Our cookie consent tool
Your account preferences

7. HOW DO WE HANDLE YOUR SOCIAL LOGINS?

In Short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you.

Our Services offer you the ability to register and log in using your third-party social media account details (like your Facebook or Google logins). Where you choose to do this, we will receive certain profile information about you from your social media provider. The profile information we receive may vary depending on the social media provider concerned, but will often include:

Your name
Email address
Profile picture
Friends list (if permitted)
Public profile information

We will use the information we receive only for the purposes described in this privacy notice or that are otherwise made clear to you on the relevant Services. We do not control, and are not responsible for, other uses of your personal information by your third-party social media provider.

8. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law. Our data retention periods are:

Active Account Data:

Account information: Retained while account is active
Viewing history: 24 months from last view
Payment information: As required for tax purposes (typically 7 years)
Support communications: 24 months from resolution

Inactive Account Data:

Accounts inactive for 24 months may be deleted
Essential records retained for legal compliance
Anonymized data may be retained indefinitely

Post-Termination:

Account data: 90 days after termination (for reactivation)
Financial records: As legally required
Legal compliance data: As required by applicable laws
Aggregated/anonymized data: Indefinitely

Marketing Data:

Consent records: Indefinitely
Marketing preferences: Until withdrawn
Campaign interaction data: 12 months

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

9. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We implement appropriate and reasonable technical and organisational security measures to protect your personal information, including:

Technical Measures:

Encryption of data in transit (SSL/TLS)
Encryption of sensitive data at rest
Secure password storage (hashing and salting)
Regular security audits and penetration testing
Firewalls and intrusion detection systems
Access logging and monitoring

Organisational Measures:

Limited access on need-to-know basis
Employee training on data protection
Confidentiality agreements
Regular security awareness programs
Incident response procedures
Vendor security assessments

Payment Security:

PCI DSS compliance through payment providers
No storage of full payment card details
Tokenization of payment methods
Fraud detection systems

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. We cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.

10. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age without parental consent.

We do not knowingly solicit data from or market to children under 18 years of age without parental consent. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent's use of the Services. If we learn that personal information from users less than 18 years of age has been collected without parental consent, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18 without parental consent, please contact us at privacy@mg.com.gh.

11. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: You have certain rights regarding your personal information.

You have the following rights regarding your personal information:

Access Right

Request a copy of your personal information
Understand how we use your data
Verify the accuracy of your data

Rectification Right

Correct inaccurate information
Complete incomplete information
Update outdated information

Erasure Right (Right to be Forgotten)

Request deletion of your personal information
Subject to legal retention requirements
May result in account termination

Restriction Right

Limit how we process your information
During dispute resolution
When accuracy is contested

Portability Right

Receive your data in machine-readable format
Transfer data to another service provider
Applies to data you provided

Objection Right

Object to processing based on legitimate interests
Object to direct marketing
Object to automated decision-making

Withdrawal of Consent

Withdraw consent at any time
Does not affect prior processing
May limit service functionality

To exercise your rights:

Submit a request at https://app.termly.io/notify/b2d9d5d1-aa6b-4da3-a2d0-3fdf2216cf0a
Email us at privacy@mg.com.gh
Contact our DPO at dpo@mg.com.gh

Account Information If you would like to review or change the information in your account or terminate your account, you can:

Marketing Communications You can unsubscribe from our marketing communications by:

Clicking the unsubscribe link in emails
Replying STOP to SMS messages
Updating preferences in account settings
Contacting us directly

12. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ('DNT') feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.

13. DO GHANA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: Yes, Ghana residents have specific rights under the Data Protection Act.

As a Ghanaian company, we comply with Ghana's Data Protection Act, 2012 (Act 843) and any subsequent amendments. Under this law, you have the right to:

Access your personal data
Correct inaccurate personal data
Request deletion of your personal data
Object to processing of your personal data
Data portability where applicable
Be informed about data breaches
Lodge complaints with the Data Protection Commission

Data Protection Commission Contact:

Website: https://www.dataprotection.org.gh
Email: info@dataprotection.org.gh
Phone: +233 302 244 045

14. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?

In Short: You may have additional rights based on your country of residence.

Nigeria

If you are a resident of Nigeria, you have rights under the Nigeria Data Protection Regulation (NDPR), including the right to access, rectify, and request deletion of your personal data.

South Africa

If you are a resident of South Africa, you have rights under the Protection of Personal Information Act (POPIA). You can contact the Information Regulator at:

Email: inforeg@justice.gov.za
Website: https://inforegulator.org.za

Kenya

If you are a resident of Kenya, you have rights under the Data Protection Act, 2019, including rights to access, correction, and deletion of your personal data.

European Economic Area (EEA)

If you access our services from the EEA, you have rights under the General Data Protection Regulation (GDPR), including enhanced rights to access, rectification, erasure, and data portability.

15. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We may update this privacy notice from time to time. The updated version will be indicated by an updated 'Last updated' date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

16. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO) by:

Data Protection Officer:
Richard Quashie
Email: dpo@mg.com.gh
Phone: +233 302 763 458

Company Contact:
MG Digital Media Limited
Adesa We, Kanda
Greater Accra, Ghana
Email: privacy@mg.com.gh

17. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please:

Submit a data subject access request at https://app.termly.io/notify/b2d9d5d1-aa6b-4da3-a2d0-3fdf2216cf0a
Email us at privacy@mg.com.gh
Log into your account settings to update information
Contact our Data Protection Officer at dpo@mg.com.gh

We will respond to your request within 30 days of receipt.