Effective date: 5 June 2026 · Thatayotlhe Tsenang, trading as Monolith · Gaborone, Botswana

This Privacy Policy explains what personal information Monolith collects when you use this website or engage us for web design and development services, how we use it, the legal grounds we rely on, and the rights you have over your data. Monolith operates from Botswana and serves clients both locally and internationally; this policy is written to comply with Botswana's Data Protection Act (Act No. 18 of 2024) and, where applicable, the EU/UK General Data Protection Regulation (GDPR).

01 Who we are

Monolith is a web design and development practice operated by Thatayotlhe Tsenang. For the purposes of data protection law, Monolith is the data controller — meaning we decide how and why your personal data is processed.

• Full name: Thatayotlhe Tsenang, trading as Monolith
• Physical address: Gaborone, Botswana
• Telephone: +267 77 625 997
• Email: tsenangthatayotlhe04@gmail.com

02 Information we collect

We collect only what we need to respond to you and deliver our work:

• Information you give us — your name, business name, email address, phone number, and the project details you submit through our quote form, by email, phone, or messaging.
• Project materials — content, images, logos, and credentials you share with us so we can build your website.
• Basic technical data — standard information your browser sends when you visit, such as your IP address, device and browser type, and pages viewed. This data is collected through server logs and, where you have given consent, through analytics tools.

We do not collect sensitive personal data (such as health, political, or biometric data).

03 Lawful bases for processing

Under Botswana's Data Protection Act and the GDPR, we process your personal data only where we have a lawful basis to do so. The bases we rely on are:

• Performance of a contract: to deliver web design and development services you have engaged us for, manage invoicing, and fulfil project obligations.
• Consent: when you submit a form on this site, you consent to us receiving and processing that submission. You may withdraw this consent at any time (see Section 08).
• Legitimate interests: to respond to enquiries, prepare proposals, prevent misuse of the site, and maintain routine business communications — provided these interests do not override your fundamental rights.
• Legal obligation: to comply with tax, corporate, and financial record-keeping requirements under Botswana law.

04 How we use your information

• To respond to your enquiry and prepare a proposal or quote.
• To deliver, support, and maintain the website or services you have engaged us for.
• To communicate with you about your project, invoices, and payment.
• To meet our legal, tax, and record-keeping obligations.

We do not sell your personal information. We do not use it for advertising, profiling, or automated decision-making.

05 Third-party processors and cross-border transfers

To operate the site and deliver our services, we use a limited number of third-party processors. These include our email delivery provider (for sending quote confirmations and notifications) and our hosting provider. These processors act on our instructions and have their own privacy and security terms.

Some of these processors store and process data on servers located outside of Botswana (for example, in the United States or the European Union). In compliance with Section 48 of the Data Protection Act, we ensure that any cross-border transfer of personal data is safeguarded by standard contractual clauses or equivalent measures, and we maintain local record-retention protocols as required by Botswana law.

We share your information with third parties only as necessary to operate the site and fulfil your request. We do not sell or rent your data to anyone.

06 Cookies and analytics

This site uses only essential cookies necessary for basic functionality (such as remembering form state). Essential cookies do not require consent.

Non-essential tracking cookies (such as analytics or advertising scripts) are disabled by default and are only activated if you give explicit opt-in consent through a cookie banner. You can withdraw that consent at any time by clearing your cookies or adjusting your browser settings. As of the effective date, this site does not use Google Analytics, Facebook Pixels, or any third-party advertising trackers.

07 How long we keep your data

We retain personal data only as long as necessary for its stated purpose, then delete or anonymise it. Specific retention periods are:

• Unconverted enquiries and quotes: deleted or anonymised within 12 months of the last communication.
• Active client project files and communications: retained for the duration of the project and for 12 months after final delivery, unless you request earlier deletion.
• Financial, invoice, and tax records: retained for a minimum of 8 years to comply with Botswana's financial and tax regulations.
• Server logs and technical data: retained for no more than 90 days.

08 Your rights

Under Botswana's Data Protection Act and, where applicable, the GDPR, you have the following rights over your personal data:

• Right of access: request a copy of the personal data we hold about you.
• Right to rectification: ask us to correct inaccurate or incomplete data.
• Right to erasure: ask us to delete your personal data where there is no compelling reason for us to continue processing it.
• Right to restrict processing: ask us to limit how we use your data in certain circumstances (for example, while a complaint is being resolved).
• Right to data portability: request your data in a structured, commonly used, machine-readable format so you can transfer it to another provider.
• Right to object: object to processing based on legitimate interests, or to any automated decision-making or profiling (though we do not engage in either).
• Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time without penalty. Withdrawal does not affect the lawfulness of processing carried out before it.

To exercise any of these rights, email tsenangthatayotlhe04@gmail.com. We will respond within 30 days.

09 Right to lodge a complaint

If you believe Monolith has not handled your personal data in accordance with the law, you have the right to lodge a complaint with the relevant supervisory authority:

• Botswana: the Information and Data Protection Commission (IDPC) — www.idpc.org.bw
• EU/UK: your local Data Protection Authority (for example, the Information Commissioner's Office in the UK — ico.org.uk)

We encourage you to contact us first so we can try to resolve the matter directly.

10 Security

We take reasonable technical and organisational measures to protect your information, including encrypted connections (HTTPS) on this site and secure server-side handling of form submissions. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we take it seriously and act promptly on any identified risk.

11 Children

This site and our services are intended for businesses and adults. We do not knowingly collect personal information from anyone under the age of 18. If you believe we have inadvertently collected data from a minor, please contact us and we will delete it.

12 Changes to this policy

We may update this policy from time to time to reflect changes in our practices or in applicable law. The effective date above reflects the latest version. Where changes are material, we will make reasonable efforts to notify affected individuals.

13 Contact

Questions about this policy, your data, or how we handle it? Contact Monolith at tsenangthatayotlhe04@gmail.com or +267 77 625 997.