Benevofy Benevofy
Sign In

Privacy Policy

Last updated: April 22, 2026

1. Introduction

Benevofy ("we", "us", "our") is a SaaS association management platform operated by Waesta Enterprises Ltd. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

By accessing or using Benevofy, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the platform.

2. Information We Collect

2.1 Personal Information

When you register or are registered by your association administrator, we collect:

  • Full name, email address, phone number, WhatsApp number
  • Date of birth, gender, marital status
  • Profile photo (optional)
  • Next of kin details (name, phone, relationship)
  • Employment information (employer, job title — optional)
  • Address information (country, city — optional)
  • Cohort, chapter, or membership group

2.2 Financial Information

  • Mobile money phone numbers used for payments
  • Transaction amounts, references, and payment history
  • Wallet balances and deposit/withdrawal records

We do not store mobile money PINs, bank account numbers, or card details. Payments are processed through Relworx, a PCI-compliant payment gateway.

2.3 Usage Data

  • IP address, browser type, device information
  • Login timestamps and session data
  • Pages visited and features used

3. How We Use Your Information

  • Service delivery: To manage your membership, process payments, issue event tickets, and provide association services
  • Communication: To send payment confirmations, event reminders, and important notifications via in-app, SMS, and email
  • Accounting: To maintain GAAP-compliant financial records for your association
  • Security: To detect fraud, prevent unauthorized access, and maintain audit logs
  • Improvement: To analyze usage patterns and improve the platform

4. Data Sharing & Disclosure

We do not sell your personal information. We may share data with:

  • Your association administrators: Admins, treasurers, and secretaries can view member data, payment records, and reports within their tenant
  • Payment processors: Relworx (for mobile money transactions) receives only the data necessary to process payments
  • Legal compliance: When required by law, regulation, or legal process

5. Multi-Tenancy & Data Isolation

Benevofy operates a multi-tenant architecture. Each association (tenant) has its own isolated data space. Members of one association cannot access data from another association. Tenant administrators can only view and manage data within their own tenant.

6. Data Security

  • Passwords are hashed using bcrypt (one-way encryption)
  • All data transmission is encrypted via HTTPS/TLS
  • Database access is restricted and parameterized queries prevent SQL injection
  • Session management includes timeout, IP tracking, and failed login monitoring
  • Role-based access control limits data visibility by user role

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Financial transaction records are retained for a minimum of 7 years for accounting and regulatory compliance. You may request account deletion by contacting your association administrator or our support team.

8. Your Rights

Subject to applicable data protection laws (including Uganda's Data Protection and Privacy Act, 2019 and Kenya's Data Protection Act, 2019), you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Export your data in a portable format (CSV)
  • Object to processing of your data
  • Withdraw consent at any time

9. Cookies & Local Storage

We use session cookies for authentication and localStorage for UI preferences (e.g., dismissed help tips, onboarding tour completion). We do not use third-party tracking cookies.

10. Children's Privacy

Benevofy is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes via in-app notification. Continued use of the platform after changes constitutes acceptance.

12. Contact Us

For privacy-related inquiries, contact:

Waesta Enterprises Ltd

Email: privacy@benevofy.com

Website: www.waestaltd.com