FeezBridge Privacy Policy
We are committed to protecting the privacy and security of the personal data entrusted to us by educational institutions.
1. Introduction and Scope
TechTip (Pvt) Ltd ("TechTip", "we", "us", or "our") operates the FeezBridge educational management and financial platform (the "Platform"). We are committed to protecting the privacy and security of the personal data entrusted to us.
This Privacy Policy explains how we collect, use, process, and protect personal data in strict compliance with the Zimbabwe Data Protection Act [Chapter 11:22] (DPA) and aligned global privacy standards.
Understanding Our Legal Role
Under the DPA, the legal responsibility for data processing is divided as follows:
-
Data Controller: The educational institution (the "School") that subscribes to FeezBridge is the Data Controller. The School legally determines the purpose and means of processing the personal data of its students, parents, and staff.
-
Data Processor: TechTip acts exclusively as a Data Processor. We only process personal data on behalf of, and strictly under the documented instructions of, the School via our Master Services Agreement and Data Processing Agreement (DPA).
If you are a parent, guardian, or student, your primary legal relationship is with the School. Requests regarding your data rights must be directed to the School's administration.
2. Information We Process
To provide the FeezBridge services, we process information across isolated, tenant-specific environments. We explicitly do not cross-reference, pool, or aggregate personal data between independent schools.
A. Information Provided by the School (Data Controller)
- Student Data (Minors): Full names, auto-generated admission numbers, class designations, and enrollment history.
- Parent/Guardian Data: Full names, physical addresses, email addresses, mobile and WhatsApp numbers, and relational links to specific enrolled students.
- Financial Data: Fee structures, multi-currency invoices generated in supported ledgers such as USD and ZIG, payment receipts, unallocated credit balances, and historical financial ledgers.
- Staff Data: Names, email addresses, and assigned system access roles including Administrator or Master Admin.
B. Information Collected Automatically
- System Telemetry & Audit Logs: IP addresses, browser types, device identifiers, login timestamps, and immutable audit trails of administrative actions, including invoice generation, receipt creation, and profile modifications.
- Mobile Application Data: Device tokens utilized via Firebase strictly for the purpose of transmitting encrypted school broadcasts and financial push notifications to the authorized FeezBridge mobile application.
3. Special Notice Regarding Minors
FeezBridge processes the personal data of children strictly for educational administration and financial billing purposes as instructed by the School. TechTip does not independently collect data directly from children. It remains the strict legal obligation of the School, acting as the Data Controller, to obtain explicit, verifiable consent from parents or legal guardians prior to enrolling a minor into the FeezBridge system, as mandated by the Zimbabwe Data Protection Act.
4. How We Use the Information
We process personal data solely to operate, maintain, and secure the FeezBridge platform. Authorized uses include:
- Educational Administration: Facilitating student rosters, managing academic year rollovers, and processing class promotions or alumni transitions.
- Financial Processing: Generating invoices, recording receipts, managing advance credits via First-In-First-Out (FIFO) methodology, and rendering official PDF financial statements.
- Communication: Transmitting school announcements, broadcast messages, and automated fee reminders to parents via email, WhatsApp, or mobile push notifications.
- Security & Diagnostics: Monitoring infrastructure health, authenticating authorized users, preventing unauthorized access, and maintaining audit logs of financial transactions.
6. Data Security and Infrastructure
We implement enterprise-grade Technical and Organizational Measures (TOMs) to protect personal data against unauthorized access, alteration, or destruction:
Architectural Isolation
FeezBridge utilizes a strict multi-tenant architecture. Each School's database is logically segregated.
Encryption
Data in transit is encrypted using TLS 1.2/1.3. Passwords and credentials are cryptographically hashed.
Access Controls
Tenant environments feature Role-Based Access Control (RBAC) and support optional 2FA.
Incident Mitigation
We maintain a Global Maintenance Lock to instantly sever external access during threat investigations.
7. Retention & 8. Data Subject Rights
TechTip retains data solely for the duration of the School's active subscription, or as legally mandated. Financial ledgers are retained permanently within the system audit trail to comply with ZIMRA tax regulations.
Under the Zimbabwe Data Protection Act, individuals possess specific rights regarding their personal data.
How to Exercise Your Rights
Because TechTip is the Data Processor, all data subject requests must be directed to your School's administration. FeezBridge provides the tools for the School to fulfill these requests. If we receive a direct privacy request, we will forward it to the respective School within 72 hours.
9. Contact Information
For inquiries regarding this Privacy Policy or our architectural data protection practices, please contact our designated Data Protection Officer: