Dues Management System

1. Purpose of this policy

This Privacy Policy explains how Dues Management System collects, uses, stores, and protects student and administrative information used for dues management, payment tracking, receipts, notifications, and account access.

The platform is intended for authorized students, administrators, and approved institutional users. It is not designed for public social networking, marketing to children, or unrelated data collection.

2. Age and child privacy

Users under 13 years old should not create an account or submit personal information unless the account is created or authorized by a parent, guardian, school, department, or other authorized administrator.

Where a user is a minor, the platform should only collect information needed for student identification, dues assignment, payment confirmation, receipts, and official communication. If an account for a user under 13 is discovered without proper authorization, an administrator may suspend or remove the account and related access.

3. Information we collect

Depending on how the system is configured, the platform may collect:

• Student name, index number, programme, level, academic year, phone number, and email address.
• Login credentials, authentication tokens, and account status.
• Dues assigned to a student, payment amount, balance, receipt number, and payment status.
• Manual payment proof uploaded by a student, where manual payment is enabled.
• SMS or email delivery records for payment confirmations, receipt notices, reminders, or credential resets.
• Administrative activity logs used for security, accountability, and audit purposes.

4. How we use information

Information is used to:

• Create and manage student accounts.
• Assign, track, approve, and verify dues payments.
• Generate digital receipts and maintain payment history.
• Send payment confirmations, receipt notices, reminders, and login reset details.
• Help administrators manage reports, reconciliation, and audit logs.
• Protect the platform from unauthorized access, fraud, misuse, or errors.

5. Payment information

Online payments may be processed through a third-party payment provider such as Paystack. The platform does not store full card details. Payment references, transaction status, amount, and receipt information may be stored for reconciliation and proof of payment.

For manual payments, students may upload proof of payment. Administrators should review uploaded proof only for official payment verification.

6. SMS and email notifications

The platform may send SMS or email messages for payment confirmations, receipts, reminders, account notices, and credential resets. Users are responsible for providing accurate phone numbers and email addresses.

Sensitive login reset messages should be treated as confidential. Students should change temporary passwords after login.

7. Sharing of information

Information may be accessible to authorized administrators, treasurers, financial secretaries, technical support personnel, payment processors, SMS/email providers, and service providers needed to operate the system. Information should not be sold or used for unrelated advertising.

8. Data protection and security

The platform should use reasonable administrative, technical, and organizational safeguards to protect personal information. These include password hashing, access controls, audit logs, secure payment processing, and limited administrator access.

No online system is completely risk-free. Users should keep passwords private and report suspicious account activity to an administrator.

9. Data retention

Student, payment, receipt, and audit information may be kept for as long as needed for dues administration, accounting, dispute resolution, audits, compliance, and institutional records. Administrators may delete or archive information where appropriate and lawful.

10. User rights and corrections

Students may request correction of inaccurate profile information, subject to administrator verification. Requests about access, correction, or deletion of personal information should be directed to the system administrator or responsible institution.

11. Contact

For privacy-related requests, contact the institution, department, or administrator responsible for operating Dues Management System.