Translate

Privacy Policy

Last Updated: January 6, 2026

Your privacy is important to us. This policy explains how Saafi Systems collects, uses, and protects your personal information.

1. Introduction

Welcome to Saafi Systems ("Company," "we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our software systems, or engage with our services.

This policy applies to all information collected through our School Management Systems, Hospital Electronic Medical Records (EMR) Systems, Human Resources & ERP Portals, Mobile Applications, and any related services, sales, marketing, or events (collectively referred to as "Services").

Important: By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.

2. Information We Collect

We collect several types of information from and about users of our Services, including:

2.1 Personal Information

Personal information is data that can be used to identify you. We may collect the following types of personal information:

  • Identity Data: Full name, username, title, date of birth, gender, and photographs
  • Contact Data: Email address, telephone numbers, physical address, and emergency contact information
  • Account Data: Username, password, security questions, and other authentication information
  • Financial Data: Payment card details, bank account information, billing address, and transaction history
  • Educational Data: Student records, grades, attendance, enrollment information, academic performance, and disciplinary records
  • Employment Data: Job title, department, employee ID, salary information, performance reviews, and employment history
  • Medical Data: Health records, medical history, treatment information, prescriptions, lab results, and insurance information (for EMR systems)
  • Technical Data: IP address, browser type, device information, operating system, and access times

2.2 Automatically Collected Information

When you access our Services, we automatically collect certain information about your device and usage patterns:

  • Log files and usage data (pages visited, time spent, features used)
  • Device information (hardware model, operating system version, unique device identifiers)
  • Location data (with your permission for mobile applications)
  • Cookies and similar tracking technologies
  • Analytics data about how you interact with our Services

2.3 Information from Third Parties

We may receive information about you from third parties, including:

  • Educational institutions or employers who subscribe to our Services on your behalf
  • Payment processors and financial institutions
  • Government agencies for verification purposes
  • Third-party authentication services
  • Public databases and social media platforms (with your consent)

3. How We Use Your Information

We use the information we collect for various purposes, including:

3.1 Service Provision and Management

  • To provide, operate, and maintain our Services
  • To create and manage user accounts
  • To process transactions and send related information
  • To provide customer support and respond to inquiries
  • To send administrative information, updates, and security alerts
  • To manage student records, grades, and academic information
  • To facilitate employee management and HR processes
  • To maintain electronic medical records and facilitate healthcare delivery

3.2 Service Improvement and Development

  • To understand how users interact with our Services
  • To develop new features, products, and services
  • To conduct research and analysis to improve user experience
  • To test new features and functionalities
  • To troubleshoot technical issues and optimize performance

3.3 Communication and Marketing

  • To send promotional communications about new features, products, or services (with your consent)
  • To conduct surveys and gather feedback
  • To send newsletters and educational content
  • To inform you about events, webinars, and training opportunities

3.4 Legal and Security Purposes

  • To comply with legal obligations and regulatory requirements
  • To enforce our terms and conditions
  • To protect against fraud, unauthorized access, and security threats
  • To respond to legal requests from authorities
  • To protect the rights, property, and safety of Saafi Systems, our users, and the public

4. How We Share Your Information

We may share your information in the following circumstances:

4.1 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

4.2 Service Providers

We may share your information with third-party service providers who perform services on our behalf, including:

  • Cloud hosting and data storage providers
  • Payment processors and financial institutions
  • Customer support and communication platforms
  • Analytics and performance monitoring services
  • Security and fraud prevention services

4.3 Educational Institutions and Employers

If you access our Services through an educational institution or employer, we may share relevant information with authorized personnel, including:

  • Teachers and administrators (for student information)
  • HR personnel and managers (for employee information)
  • Healthcare providers (for medical information in EMR systems)
  • Parents and guardians (for student information, with appropriate permissions)

4.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including:

  • To comply with legal processes (court orders, subpoenas, warrants)
  • To respond to government or regulatory inquiries
  • To protect our legal rights and interests
  • To investigate potential violations of our terms of service
  • To protect the safety and security of our users and the public

4.5 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and provide choices regarding your information.

Important: We do not sell, rent, or trade your personal information to third parties for their marketing purposes without your explicit consent.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

5.1 Technical Safeguards

  • Encryption of data in transit using SSL/TLS protocols
  • Encryption of sensitive data at rest
  • Secure authentication mechanisms and password policies
  • Regular security assessments and vulnerability testing
  • Firewalls and intrusion detection systems
  • Secure backup and disaster recovery procedures

5.2 Organizational Safeguards

  • Access controls and role-based permissions
  • Employee training on data protection and security
  • Confidentiality agreements with employees and contractors
  • Regular security audits and compliance reviews
  • Incident response and breach notification procedures

5.3 Physical Safeguards

  • Secure data centers with restricted access
  • Environmental controls and monitoring
  • Physical security measures (surveillance, access logs)

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we continuously work to improve our security measures and respond promptly to any security incidents.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

6.1 Retention Periods

  • Account Information: Retained for the duration of your account plus 7 years for legal and compliance purposes
  • Student Records: Retained according to educational regulations and institutional policies (typically 5-10 years after graduation)
  • Employee Records: Retained according to labor laws and regulations (typically 7-10 years after employment termination)
  • Medical Records: Retained according to healthcare regulations (typically 10-25 years depending on jurisdiction)
  • Financial Records: Retained for 7 years for tax and accounting purposes
  • Technical Logs: Retained for 90 days to 2 years depending on the type of data

6.2 Deletion and Anonymization

When information is no longer needed, we will:

  • Securely delete or destroy the information
  • Anonymize the data so it can no longer identify you
  • Archive the data in a secure, restricted environment if required by law

7. Your Privacy Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

7.1 Access and Portability

  • Right to Access: You can request a copy of the personal information we hold about you
  • Right to Data Portability: You can request your data in a structured, commonly used format

7.2 Correction and Update

  • Right to Rectification: You can request correction of inaccurate or incomplete information
  • Right to Update: You can update your account information at any time through your account settings

7.3 Deletion and Restriction

  • Right to Erasure: You can request deletion of your personal information (subject to legal obligations)
  • Right to Restriction: You can request that we limit how we use your information

7.4 Objection and Consent

  • Right to Object: You can object to certain types of processing, including marketing communications
  • Right to Withdraw Consent: You can withdraw consent for processing based on consent at any time

7.5 Exercising Your Rights

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within 30 days. Please note that we may need to verify your identity before processing your request.

Note: Some rights may be limited by applicable laws or our legitimate business interests. For example, we may need to retain certain information for legal compliance or to complete transactions you have requested.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and track information about your use of our Services.

8.1 Types of Cookies We Use

  • Essential Cookies: Required for the operation of our Services (authentication, security)
  • Performance Cookies: Help us understand how visitors interact with our Services
  • Functionality Cookies: Remember your preferences and personalize your experience
  • Analytics Cookies: Collect information about how you use our Services to help us improve
  • Marketing Cookies: Track your activity to deliver relevant advertisements (with your consent)

8.2 Managing Cookies

You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Services. Most browsers allow you to:

  • View and delete cookies
  • Block third-party cookies
  • Block all cookies
  • Delete cookies when you close your browser

9. Children's Privacy

Our Services may be used by educational institutions to manage student information, including information about children under 13 years of age. We are committed to protecting the privacy of children and comply with applicable children's privacy laws, including the Children's Online Privacy Protection Act (COPPA) and similar regulations.

9.1 Parental Consent

When our Services are used by schools to collect information from children under 13:

  • We rely on the school to obtain parental consent as required by law
  • We collect only information necessary for educational purposes
  • We do not use children's information for marketing purposes
  • Parents have the right to review, correct, or delete their child's information

9.2 Parental Rights

Parents and guardians have the right to:

  • Review their child's personal information
  • Request correction or deletion of their child's information
  • Refuse further collection or use of their child's information
  • Contact us with questions or concerns about their child's privacy

10. International Data Transfers

Your information may be transferred to and maintained on servers located outside of your country, state, or other governmental jurisdiction where data protection laws may differ. We take appropriate measures to ensure that your information receives adequate protection wherever it is processed.

10.1 Safeguards for International Transfers

  • Standard contractual clauses approved by relevant authorities
  • Adequacy decisions recognizing equivalent data protection
  • Binding corporate rules for transfers within our organization
  • Your explicit consent for specific transfers

11. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services before providing your information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending an email notification to registered users
  • Displaying a prominent notice within our Services
  • Requesting your consent if required by applicable law

We encourage you to review this Privacy Policy periodically. Your continued use of our Services after any changes indicates your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Saafi Systems

Hayat Building, Floor 1, Saylada Road, Burao, Somaliland

Barsame Business Center, Floor 3, Room 307, 26 June Avenue, Hargeisa, Somaliland

Phone: 710020

Email: privacy@saafisystems.com

Website: www.saafisystems.com

We will respond to your inquiry within 30 business days. For urgent privacy concerns, please mark your communication as "Urgent Privacy Matter."