Privacy Policy and Procedures for CampusMaster

1. Introduction CampusMaster (“we,” “us,” or “our”) is committed to protecting the privacy and personal data of its users in compliance with the Personal Data Protection Act, Chapter 44 and the Personal Data Protection (Personal Data Collection and Processing) Regulations, 2023 of Tanzania. This document outlines our policies and procedures for collecting, processing, storing, and protecting personal data while ensuring transparency and fairness.

2. Scope This Privacy Policy applies to all personal data collected and processed by CampusMaster from users of the SaaS application within the United Republic of Tanzania.

3. Key Definitions

• Data Controller: CampusMaster, which determines the purpose and means of processing personal data.
• Data Processor: Any entity authorized by CampusMaster to process personal data on its behalf.
• Data Subject: Users whose personal data is collected and processed.
• Personal Data: Any information relating to an identified or identifiable individual.
• Sensitive Personal Data: Data that includes details such as racial origin, political ideology, religious beliefs, health information, and biometric data.

4. Principles of Personal Data Protection We adhere to the following principles:

4.1 Lawfulness, Fairness, and Transparency Personal data is collected and processed lawfully, fairly, and transparently.

4.2 Specific Purpose Personal data is collected for explicit, legitimate, and specified purposes only.

4.3 Data Minimization We collect only the data necessary for the purposes specified.

4.4 Accuracy Personal data is kept accurate and up-to-date.

4.5 Storage Limitation Personal data is stored for no longer than necessary for the specified purposes.

4.6 Integrity and Confidentiality Personal data is processed securely to prevent unauthorized access, alteration, or destruction.

5. Types of Data Collected CampusMaster collects the following types of data:

• User Information: Name, contact details, identification numbers, and academic information.
• Sensitive Data: If applicable, such as health information or biometric data, collected with explicit consent.

6. Purpose of Data Collection The purposes include:

• User account management
• Academic record storage and access
• Payment processing
• Analytics to improve the app’s functionality
• Compliance with legal requirements

7. User Rights Users have the following rights:

7.1 Access Users can request access to their personal data.

7.2 Rectification Users can request corrections to inaccurate or incomplete data.

7.3 Erasure Users can request the deletion of personal data when it is no longer required.

7.4 Restriction Users can request to restrict processing under certain conditions.

7.5 Data Portability Users can request a copy of their data in a portable format.

7.6 Objection Users can object to the processing of their data, including for marketing purposes.

8. Security Measures CampusMaster employs robust security measures, including:

• Encryption of personal data in transit and at rest
• Role-based access control to limit access to authorized personnel only
• Regular audits and assessments of data protection mechanisms
• Incident response protocols to address data breaches

9. Data Protection Officer We have appointed a Data Protection Officer (DPO) to oversee compliance with the Personal Data Protection Act and respond to user inquiries.

10. Data Transfer and Storage CampusMaster ensures compliance with regulations when transferring personal data outside Tanzania. Transfers are made only with user consent and when adequate data protection measures are in place in the receiving country.

11. Complaints and Dispute Resolution Users can lodge complaints regarding data processing practices by contacting our DPO. If unsatisfied, users may escalate complaints to the Personal Data Protection Commission.

12. Retention Policy Personal data is retained only as long as necessary for the specified purposes or as required by law. Backup and log data are retained per security and compliance standards.

13. Updates to the Privacy Policy CampusMaster reserves the right to update this Privacy Policy. Users will be notified of any significant changes through the app or email.

14. Contact Information For inquiries or complaints regarding this policy, please contact: Data Protection Officer CampusMaster [contact-email] [contact-phone] [contact-address]

15. Legal Framework This Privacy Policy aligns with the Personal Data Protection Act (Chapter 44) and its accompanying regulations in Tanzania.

16. Acknowledgment and Consent By using CampusMaster, users acknowledge that they have read, understood, and agreed to this Privacy Policy.