Contipay Donate Privacy Policy
(In compliance with the Cybersecurity and Data Protection Act [Chapter 12:07], Zimbabwe)
Effective Date:
1. Introduction
Contipay Donate (“we”, “our”, “us”) is committed to protecting the privacy and personal data of our customers, employees, suppliers, and partners in compliance with Zimbabwe’s Cybersecurity and Data Protection Act [Chapter 12:07] (“CDPA”).
This Privacy Policy explains how we collect, use, disclose, store, and safeguard personal data, and outlines the rights of data subjects under the CDPA.
2. Personal Data We Collect
We may collect and process the following categories of personal data:
Identification data: name, date of birth, national ID, passport number.
Contact information: phone number, email, physical address.
Financial data: bank account details, payment history.
Employment data: CVs, references, contracts, performance records.
Digital data: IP addresses, device information, cookies, browsing activity.
Other information: any data provided to us voluntarily (e.g., through forms, customer service, surveys).
3. Lawful Basis for Processing
We only process personal data when there is a lawful basis under the CDPA, including:
Consent of the data subject.
Performance of a contract.
Compliance with a legal obligation.
Protection of vital interests.
Legitimate business interests (provided they do not override fundamental rights and freedoms).
4. How We Use Personal Data
We use personal data for the following purposes:
To provide and improve our products and services.
To manage customer relationships and respond to inquiries.
For billing, payments, and account management.
For recruitment, HR management, and employee welfare.
For marketing and communications (with consent).
For compliance with regulatory and legal obligations.
To enhance cybersecurity and prevent fraud.
5. Data Sharing and Disclosure
We may share personal data with:
Regulatory authorities where required by law.
Service providers and business partners under strict confidentiality agreements.
Auditors, legal advisors, or insurers for compliance and protection.
In case of mergers, acquisitions, or restructuring (with safeguards in place).
We do not sell or trade personal data.
6. Cross-Border Transfers
Where personal data is transferred outside Zimbabwe, we ensure compliance with the CDPA by:
Transferring only to countries with adequate data protection laws; or
Implementing binding agreements that safeguard data.
7. Data Retention
We retain personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Once retention periods expire, data will be securely deleted or anonymised.
8. Data Security
We apply appropriate technical and organisational measures to protect personal data, including:
Encryption and secure storage.
Restricted access to authorised personnel only.
Regular system monitoring and audits.
Incident response and breach notification procedures.
9. Data Subject Rights
Under the CDPA, you have the following rights:
Right to be informed about how your data is used.
Right of access to your personal data.
Right to rectification of inaccurate or incomplete data.
Right to erasure (“right to be forgotten”), subject to legal limits.
Right to object to processing for certain purposes (e.g., direct marketing).
Right to data portability.
Right to withdraw consent at any time.
To exercise your rights, contact us at: [Insert Contact Information].
10. Cookies and Digital Tracking
Our website may use cookies or similar technologies to improve user experience. You will be informed and given the option to consent before such tracking is enabled.
11. Changes to This Privacy Policy
We may update this policy from time to time. Any changes will be posted on our website with a revised effective date.
12. Contact Information
For questions, requests, or complaints regarding this Privacy Policy or the handling of your personal data, contact:
Data Protection Officer (DPO)
[Full Name]
[Company Address]
Email: [Insert] | Phone: [Insert]