Privacy & Security

Privacy Policy

How we collect, use, and protect your data in the E-Voucher System

Last Updated: February 23, 2026
Applies to all users

Introduction

INFI-TECH Solutions ("we", "our", or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the INFI-TECH e-Voucher System.

Your Privacy Matters

We are committed to protecting your privacy and handling your personal information with the highest standards of security and confidentiality.

Information We Collect

Personal Information

We collect the following types of personal information:

Farmer Information

  • Name, National ID, date of birth, gender
  • Contact details (phone number, address)
  • Farm location, farm size, crop information
  • Biometric data (with explicit consent)

Dealer Information

  • Business name, license number, registration details
  • Contact details, business location
  • Authorized personnel information

User Account Information

  • Username, email address, phone number
  • Role and access permissions
  • Authentication credentials (encrypted)

Transaction Information

  • Voucher issuance and redemption records
  • Payment transaction details and mobile money information
  • Geolocation data for redemption validation
  • OTP verification records and timestamps

Technical Information

  • Device information (type, model, operating system)
  • IP addresses and network information
  • System logs and audit trails
  • Usage analytics and performance data

How We Use Your Information

We use collected information for the following purposes:

Processing and managing agricultural subsidy vouchers
Verifying farmer eligibility and preventing fraud
Facilitating voucher redemption and payment processing
Generating reports and analytics for policy decisions
Ensuring system security and preventing unauthorized access
Complying with legal and regulatory requirements
Improving system functionality and user experience
Sending important notifications and updates

Data Protection & Security

We implement robust security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.

Encryption

  • End-to-end encryption for data transmission (TLS 1.3)
  • AES-256 encryption for data at rest
  • Encrypted database storage with key rotation

Access Controls

  • Role-based access control (RBAC) for system users
  • Multi-factor authentication (MFA) for sensitive operations
  • Regular access reviews and permission audits

Monitoring & Auditing

  • Comprehensive audit logging of all system activities
  • Regular security audits and vulnerability assessments
  • Real-time intrusion detection and prevention

OTP & SMS Data Handling

We use One-Time Passwords (OTP) sent via SMS for secure farmer verification during voucher redemption.

  • OTP Generation: 6-digit codes generated using cryptographically secure random number generators
  • Storage: OTPs are hashed before storage and automatically expire after 10 minutes
  • SMS Delivery: We use secure SMS gateways with encrypted transmission
  • Phone Numbers: Stored encrypted and used only for authentication and system notifications
  • Retry Limits: Maximum 3 OTP attempts per 24-hour period to prevent abuse

Payment Information Security

We integrate with trusted mobile money providers (Airtel Money and TNM Mpamba) for secure co-payment processing.

  • We do not store credit card or mobile money PIN information
  • All payment transactions are processed through PCI-DSS compliant gateways
  • Payment phone numbers are validated and encrypted before transmission
  • Transaction records include only masked payment information
  • Automatic reconciliation with comprehensive audit trails

Payment Provider Security

Our payment partners (Airtel Money and TNM Mpamba) maintain their own security standards and privacy policies. Please review their policies for information on how they handle your data.

Data Retention Policy

We retain your personal information for as long as necessary to fulfill the purposes outlined in this policy and to comply with legal, regulatory, and audit requirements.

Data TypeRetention Period
Farmer registration data7 years after program end
Voucher transaction records7 years after redemption
Payment transaction data7 years (regulatory requirement)
Audit logs10 years (compliance)
OTP records30 days
System logs1 year

Your Rights

You have the following rights regarding your personal information:

Right to Access

Request a copy of your personal information held in the system

Right to Correction

Request correction of inaccurate or incomplete information

Right to Deletion

Request deletion of your information (subject to legal requirements)

Right to Withdraw Consent

Withdraw consent for biometric data collection at any time

Right to Object

Object to processing of your data for specific purposes

Right to Complain

File a complaint with the data protection authority

Exercise Your Rights

To exercise any of these rights, please contact our Data Protection Officer atprivacy@infi-tech.net

Data Sharing Policy

We may share your information with the following parties:

Partner Organizations

We may share data with authorized partner organizations as required by agreement or for program coordination purposes.

Payment Providers

Airtel Money and TNM Mpamba receive necessary payment information to process co-payment transactions.

Authorized Personnel

Field officers, district officers, and system administrators with appropriate access levels can view relevant information for their roles.

Auditors

Internal and external auditors may access data for compliance verification and audit purposes.

No Third-Party Marketing

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Cookies & Tracking

The E-Voucher System uses essential cookies for authentication and session management.

  • Essential Cookies: Required for login, session management, and security
  • No Third-Party Cookies: We do not use advertising or tracking cookies
  • Analytics: Basic usage analytics for system improvement (anonymized)

Government Compliance

The INFI-TECH e-Voucher System complies with all relevant data protection laws and regulations, including:

General Data Protection Regulation (GDPR)
Data Protection and Privacy Laws
Electronic Transactions Security Standards
Financial Data Protection Requirements
Industry Security Standards

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

  • We will notify users of significant changes via email or system notification
  • The "Last Updated" date at the top of this page indicates when changes were made
  • Continued use of the system after changes constitutes acceptance of the updated policy

Contact for Privacy Concerns

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Data Protection Officer:

Data Protection Officer
INFI-TECH Solutions
Address
INFI-TECH Solutions
Business District
Global Operations

Your Privacy is Our Priority

We are committed to protecting your privacy and handling your personal information with the highest standards of security and confidentiality. If you have any concerns about how your data is being used, please don't hesitate to contact us.

View Terms of ServiceContact Us