Data Protection

Infinity Business Dynamics ("IBD") is committed to protecting your personal and business data and respecting your privacy. We process data in accordance with applicable laws in Lesotho and recognised international best practice.

• Lawfulness, fairness and transparency.
• Purpose limitation: only for stated service and compliance objectives.
• Data minimisation: we collect only what we need.
• Accuracy: kept up to date with your participation.
• Storage limitation: retained only as long as required.
• Integrity and confidentiality: secured at every layer.

• Identification and contact information for clients and authorised users.
• Company, billing and tax registration details for service delivery.
• Transaction, invoicing and compliance records processed through Motheo POS.
• Support tickets, consultation notes and project documentation.
• System telemetry for the client portal and hosted platforms.

• Right to access your personal data.
• Right to correction and deletion.
• Right to object to or restrict processing.
• Right to data portability where applicable.
• Right to lodge a complaint with the relevant authority.

We retain personal and business data only for as long as necessary to fulfil the purposes for which it was collected, plus a defined post-engagement period to satisfy legal, regulatory, tax and audit obligations.

Where data is transferred outside Lesotho (for example, to cloud providers or ERP platforms in Southern Africa), we ensure appropriate safeguards including contractual protections and lawful processing bases.

• TLS encryption in transit.
• Encryption at rest for sensitive records.
• Role-based access control and multi-factor authentication.
• Audit logs and access reviews.
• Documented incident response procedures.

We engage trusted technology, cloud and document storage providers under written agreements that align with applicable data protection standards and IBD security policies.

For data protection queries or requests, contact services@ibd.co.ls.