Overview
G Online Sites ("we", "us", "our") operates the G Online SMS gateway at sms.gonlinesites.com and the associated WordPress plugin. This Privacy Policy explains what personal data we collect, how we use it, and your rights regarding that data.
We are committed to handling your data responsibly and in compliance with applicable data protection laws, including Ghana's Data Protection Act, 2012 (Act 843).
Data We Collect
We collect data in two contexts: account data you provide directly, and transmission data generated when messages are sent.
| Data Type | What It Is | When Collected |
|---|---|---|
| Account Information | Name, email address, country | When you register |
| API Key | Unique authentication token | Generated at registration; transmitted with every API request |
| Sender ID | The name or number shown to SMS recipients | Configured by you; sent with each message |
| Recipient Phone Numbers | Phone numbers you send messages to | Each time an SMS is dispatched |
| Message Content | The text body of each SMS | Each time an SMS is dispatched |
| Message Logs | Delivery status, timestamp, credit deducted | Automatically after each send attempt |
| Balance & Usage | Credit balance, top-up history | Ongoing as you use the Service |
| Technical Logs | IP address, request timestamps | With every API request for security purposes |
How We Use Your Data
We use the data we collect for the following purposes:
- Service delivery โ routing and delivering SMS messages to the correct recipients
- Authentication โ verifying your identity via API key on every request
- Billing & credits โ calculating and deducting message credits accurately
- Customer support โ diagnosing delivery issues and responding to your queries
- Security & fraud prevention โ detecting abuse, spam, and unauthorised API usage
- Legal compliance โ meeting obligations under applicable law or regulatory authority requests
- Service improvement โ understanding aggregate usage patterns to improve reliability
We will not use your data for any purpose beyond those listed above without your explicit consent.
Third-Party Disclosure
To deliver SMS messages, we transmit recipient phone numbers and message content to telecommunications carriers and network operators. This is strictly necessary to route messages to their destination.
We do not share your data with any other third parties except:
- When required by law, court order, or government authority
- To protect the rights, property, or safety of G Online Sites, our users, or the public
- In the event of a business merger or acquisition (you will be notified in advance)
Any third-party carriers we work with are bound by their own privacy obligations and applicable telecommunications regulations.
WordPress Plugin Data Flows
The G Online SMS WordPress plugin connects your WordPress website to our gateway. When installed and configured, the following data flows occur:
- On every SMS send event โ the recipient's phone number, message text, and your Sender ID are sent to our API endpoint at
http://sms.gonlinesites.com/app/sms/api - On dashboard load โ your API key is sent to retrieve your current credit balance
- No data is collected from your website visitors โ the plugin only transmits data that you or WordPress events (e.g. an order being placed) explicitly trigger
As a WordPress site administrator using this plugin, you are the data controller for your customers' phone numbers. You are responsible for ensuring you have obtained appropriate consent before sending SMS messages to your users.
Data Retention
We retain your data for as long as your account is active or as needed to provide the Service:
- Account data โ retained while your account is active and for 12 months after closure
- Message logs โ retained for up to 12 months for billing and dispute resolution purposes
- Technical/security logs โ retained for up to 90 days
You may request deletion of your data at any time (see Your Rights below). Some data may be retained longer where required by law.
Security
We take reasonable technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction, including:
- API key authentication on every request
- Access controls limiting staff access to data on a need-to-know basis
- Regular review of our security practices
However, no method of data transmission or storage is 100% secure. You are responsible for keeping your API key confidential and for securing your WordPress installation.
If you discover a security vulnerability, please contact us immediately using the details in the Contact section below.
Your Rights
Under Ghana's Data Protection Act 2012 and applicable regulations, you have the following rights regarding your personal data:
Request a copy of the personal data we hold about you.
Ask us to correct inaccurate or incomplete data.
Request deletion of your data where there is no compelling reason for its continued processing.
Object to processing of your data for certain purposes.
Receive your data in a structured, commonly used format.
Request we limit how we process your data in certain circumstances.
To exercise any of these rights, please contact us using the details in the Contact section. We will respond within 30 days.
Children's Privacy
The Service is not directed at children under the age of 18. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.
Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will make reasonable efforts to notify registered users via the email address on file.
Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
- Website: www.gonlinesites.com
- SMS Platform: sms.gonlinesites.com/app