OUR SOCIAL CHANNELS
Home News About Contact
𝕏 in
← Back to Legal

Compliance

Last Updated: 2025-10-07

Our Commitment to Compliance

ARK PORTAL is committed to maintaining the highest standards of compliance with applicable laws, regulations, and industry standards. We continuously monitor and update our practices to ensure we meet all legal and regulatory requirements.

Data Protection Compliance

GDPR Compliance

For users in the European Union, we comply with the General Data Protection Regulation (GDPR):

  • Lawful Processing: We process data based on legitimate grounds
  • Data Minimization: We collect only necessary information
  • Purpose Limitation: Data is used only for stated purposes
  • Accuracy: We maintain accurate and up-to-date records
  • Storage Limitation: Data is retained only as long as necessary
  • Security: Appropriate technical measures protect your data
  • Accountability: We document our compliance efforts

POPIA Compliance

We comply with South Africa's Protection of Personal Information Act (POPIA):

  • Accountability for data processing
  • Processing limitation principles
  • Purpose specification
  • Further processing limitation
  • Information quality
  • Openness and transparency
  • Security safeguards
  • Data subject participation

Zimbabwe Data Protection

We adhere to Zimbabwe's data protection regulations and best practices:

  • Lawful and fair processing
  • Specified and legitimate purposes
  • Adequate, relevant, and not excessive data collection
  • Accurate and up-to-date information
  • Appropriate security measures

Security Standards

ISO 27001

We align our information security management with ISO 27001 standards:

  • Risk assessment and management
  • Security policies and procedures
  • Access control measures
  • Cryptographic controls
  • Physical and environmental security
  • Incident management
  • Business continuity planning

SOC 2 Compliance

Our service organization controls meet SOC 2 criteria:

  • Security: Protection against unauthorized access
  • Availability: System availability for operation and use
  • Processing Integrity: Complete, valid, accurate, and timely processing
  • Confidentiality: Protection of confidential information
  • Privacy: Collection, use, retention, and disclosure of personal information

Industry-Specific Compliance

Financial Services

For financial sector clients, we maintain:

  • PCI DSS compliance for payment processing
  • Anti-money laundering (AML) controls
  • Know Your Customer (KYC) procedures
  • Financial data encryption standards

Healthcare

For healthcare applications, we support:

  • HIPAA compliance frameworks
  • Health data encryption
  • Access controls and audit logs
  • Business Associate Agreements (BAA)

Cloud Security

Infrastructure Security

Our cloud infrastructure includes:

  • Multi-factor authentication
  • Encryption at rest and in transit
  • Regular security audits
  • Vulnerability assessments
  • Penetration testing
  • DDoS protection

Data Centers

Our data centers feature:

  • Physical security controls
  • Redundant power and cooling
  • Fire suppression systems
  • 24/7 monitoring
  • Disaster recovery capabilities

Compliance Certifications

We maintain or work towards the following certifications:

  • ISO 27001 (Information Security Management)
  • SOC 2 Type II (Service Organization Controls)
  • PCI DSS (Payment Card Industry Data Security Standard)
  • Cloud Security Alliance (CSA) STAR

Third-Party Audits

We undergo regular third-party audits to verify:

  • Security controls effectiveness
  • Compliance with stated policies
  • Data protection measures
  • Incident response capabilities

Employee Training

All ARK PORTAL employees receive training on:

  • Data protection principles
  • Security best practices
  • Compliance requirements
  • Incident response procedures
  • Ethical conduct

Vendor Management

We ensure our vendors and partners:

  • Meet our security standards
  • Comply with relevant regulations
  • Sign appropriate agreements (DPA, BAA, etc.)
  • Undergo regular assessments

Incident Response

Our incident response program includes:

  • 24/7 security monitoring
  • Defined escalation procedures
  • Incident investigation protocols
  • Notification procedures
  • Post-incident reviews

Transparency and Reporting

We maintain transparency through:

  • Regular compliance reports
  • Security documentation
  • Privacy notices
  • Terms of service
  • Cookie policies

Regulatory Cooperation

We cooperate with regulatory authorities:

  • Respond to lawful requests
  • Participate in investigations
  • Implement required changes
  • Report data breaches as required

Continuous Improvement

Our compliance program includes:

  • Regular policy reviews
  • Security assessments
  • Risk evaluations
  • Technology updates
  • Process improvements

Compliance Contacts

For compliance-related inquiries:

Data Protection Officer

Security Team

General Compliance

Reporting Concerns

If you have concerns about our compliance practices:

  1. Contact our compliance team
  2. Use our confidential reporting hotline
  3. Submit a written complaint
  4. Contact relevant regulatory authorities

We take all compliance concerns seriously and investigate them promptly.

Updates to Compliance Practices

We regularly review and update our compliance practices. Material changes will be communicated through:

  • Email notifications
  • Website announcements
  • Updated documentation

Contact Information

ARK PORTAL
3 George Edwin Rd Fourwinds
Bulawayo, Zimbabwe

Get Started with Ark Portal

Ark Portal

Our mission is to bridge the gap between speech and structured knowledge, empowering users with tools to save time, improve efficiency, and achieve more.