Privacy Policy

At MAUZO POS, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and share your information when you use our services.

1. Information We Collect

1.1 Information You Provide

1.2 Information Automatically Collected

1.3 SMS and Communication Data

• Phone numbers for SMS verification
• SMS delivery logs
• Verification codes (temporarily stored)
• Communication preferences

2. How We Use Your Information

2.1 Service Provision

• Account Management: Create and maintain your account
• System Operation: Provide POS and inventory functionality
• Security: Verify identity and prevent fraud
• Support: Respond to inquiries and provide assistance
• Data Processing: Generate reports and analytics

2.2 Communications

• Account Notifications: Important system updates
• SMS Verification: Account and password recovery
• Staff Notifications: New account credentials
• Support Messages: Technical assistance
• Marketing: Product updates (with your consent)

2.3 System Improvement

• Analytics: Understand system usage patterns
• Performance: Optimize speed and reliability
• Development: Build new features
• Bug Fixes: Identify and resolve issues

3. Data Security

3.1 Security Measures

We implement industry-standard security practices:

• Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
• Password Protection: Passwords hashed using bcrypt
• Access Control: Role-based permissions
• SMS Verification: Two-factor authentication via phone
• Regular Backups: Automated daily backups
• Monitoring: 24/7 security monitoring
• Audit Logs: Activity tracking and logging

3.2 Your Responsibilities

• Keep your password confidential
• Use strong, unique passwords
• Log out after use on shared devices
• Report suspicious activity immediately
• Keep your verified phone number current

4. Data Sharing and Disclosure

4.1 We DO NOT Sell Your Data

Important: We never sell, rent, or trade your business data or personal information to third parties for marketing purposes.

4.2 When We May Share Data

• Service Providers: Hosting, SMS delivery, payment processing
  • Africa's Talking (SMS services)
  • Hosting providers (data storage)
• Legal Requirements: When required by law or legal process
• Business Transfers: In case of merger, acquisition, or sale
• Your Consent: With your explicit permission

4.3 Multi-Tenant Isolation

• Each business account is completely isolated
• Your data is never visible to other users
• Staff can only access data for assigned stores
• Admin access is strictly controlled and logged

5. Data Retention

5.1 Active Accounts

• Your data is retained while your account is active
• You can export data at any time
• You can delete specific records

5.2 Account Termination

• Data retained for 30 days after account closure
• You can request data export during this period
• After 30 days, data is permanently deleted
• Backups may retain data for an additional 90 days

5.3 Legal Requirements

• Financial records retained as required by law
• Audit logs retained for 1 year
• Security logs retained for 90 days

6. Your Rights

6.1 Access and Control

You have the right to:

• Access: View all data associated with your account
• Export: Download your data in CSV/Excel format
• Correct: Update inaccurate information
• Delete: Request deletion of your account and data
• Object: Opt-out of marketing communications
• Portability: Transfer data to another service

6.2 How to Exercise Rights

Contact us at:

• Email: privacy@mauzo.habaritechnology.com
• Support: support@mauzo.habaritechnology.com

We will respond within 30 days.

7. Cookies and Tracking

7.1 Cookies We Use

• Essential Cookies: Required for system operation (login, sessions)
• Functional Cookies: Remember preferences
• Analytics Cookies: Understand usage patterns

7.2 Managing Cookies

You can control cookies through your browser settings, but note that disabling essential cookies may affect system functionality.

8. Children's Privacy

MAUZO POS is not intended for individuals under 18. We do not knowingly collect information from children. If you become aware of any data collected from children, please contact us immediately.

9. International Data Transfers

Your data is primarily stored in Tanzania. If data is transferred internationally, we ensure:

• Adequate protection measures are in place
• Compliance with applicable data protection laws
• Secure transmission protocols

10. SMS Privacy

10.1 Phone Number Usage

Your verified phone number is used for:

• Account verification during signup
• Password reset via SMS code
• Staff account notifications
• Security alerts

10.2 SMS Security

• Verification codes are single-use and expire after 10 minutes
• SMS logs are encrypted and stored securely
• Phone numbers are never shared with third parties for marketing
• You can update your phone number at any time

11. Changes to Privacy Policy

We may update this Privacy Policy to reflect:

• New features or services
• Legal or regulatory changes
• Improved security practices

Changes will be:

• Posted on this page
• Notified via email for material changes
• Effective 30 days after posting

12. Contact Us

For privacy-related questions or concerns:

• Privacy Officer: privacy@mauzo.habaritechnology.com
• General Support: support@mauzo.habaritechnology.com
• Phone: +255 XXX XXX XXX (Business hours: Mon-Fri, 8 AM - 6 PM EAT)
• Address: Habari Technology, Dar es Salaam, Tanzania

13. Compliance

We comply with:

• Tanzania Data Protection Act
• Industry best practices for data security
• International data protection standards