New ✨ Nzura Business OS is now live — 19 apps, one platform.Nzura Business OS iko live — programu 19, jukwaa moja. Start free →Anza bure →
Nzura

Privacy and data handlingFaragha na usimamizi wa data

Privacy PolicySera ya Faragha

This page explains how Nzunda Technologies Limited handles information in connection with Nzura App.Ukurasa huu unaeleza jinsi Nzunda Technologies Limited inavyoshughulikia taarifa zinazohusiana na Nzura App.

1. What we collect

Nzura App may process account details, company profiles, staff records, customer and supplier data, invoice and payment data, social channel metadata, messages, uploaded documents, audit logs, connected provider credentials, device and access logs, and operational content that a tenant chooses to place into the platform.

2. Why we process data

We process data to provide the service, authenticate users, secure access, support required integrations, generate records and reports, improve reliability, comply with lawful requests, investigate abuse, and maintain auditability across modules.

3. Tenant control and lawful basis

Each tenant is responsible for ensuring it has a lawful basis to collect, use, upload, and process personal data through Nzura App. Where a tenant acts as a controller or business owner for that data, the tenant remains responsible for notices, permissions, and compliance with applicable law.

4. Provider and integration data

When you connect payment gateways, AI providers, SMS providers, or social media channels, Nzura App stores and processes the minimum connection information needed to operate those integrations. Sensitive credentials are intended to be protected with encryption at rest and restricted operational access.

5. Security measures

Nzura App applies role-based access controls, audit trails, tenant scoping, transport security, environment-based secret handling, and verification workflows for connected providers. No system is guaranteed to be risk-free, so tenants must also apply their own operational security, user management, and review controls.

6. Data sharing

We may share data with infrastructure providers, communication providers, payment gateways, social networks, AI providers, regulators, auditors, or professional advisers when needed to provide the service, comply with law, investigate misuse, or enforce our terms. We do not treat tenant data as public information.

7. Retention

We retain information for as long as needed for service delivery, auditing, legal obligations, backup continuity, dispute handling, abuse prevention, and lawful recordkeeping, subject to applicable agreements and law.

8. Cross-border and provider-side processing

Some connected providers may process data in jurisdictions outside Tanzania. By enabling those integrations, the tenant acknowledges that provider-side processing may be governed by the provider's own infrastructure footprint and contractual terms.

9. Your rights, requests, and complaints

In line with Tanzania's Personal Data Protection Commission guidance for website privacy notices, data subjects should be able to request information, access, correction, deletion, restriction, objection, withdrawal of consent, and direct-marketing preferences through a clear channel. Nzura provides a public request page for that purpose at /consent/.

Privacy and data protection requests may be sent to info@nzura.co.tz or info@nzundatech.co.tz. Where the request relates to tenant-controlled customer or employee data, we may direct the request to the relevant tenant or require verification of authority.

10. Privacy & consent request form

If you want to exercise a privacy right or withdraw a consent you previously gave, use the Privacy & Consent Request Form. The form helps us capture the minimum details needed to verify and route the request correctly.

11. Policy updates

We may update this privacy policy as the product, integrations, or legal requirements evolve. Material updates may be reflected through platform notices, updated legal pages, or contractual updates.