Privacy Policy
This Privacy Policy explains how Zanziholics Digital Agency Company Limited ("we", "us", "Zanziholics") collects, uses, shares, and protects personal data through the UhuruPMS property management platform (the "Service").
This policy is aligned with the European Union General Data Protection Regulation (GDPR), the Tanzania Personal Data Protection Act 2022, and where applicable the California Consumer Privacy Act (CCPA). UhuruPMS is operated from Zanzibar and serves accommodation providers in Tanzania who routinely host guests from across the world. Where these regimes differ, we apply the more protective standard.
1. Who We Are & Our Roles
Zanziholics Digital Agency Company Limited is the controller of personal data we collect about hotel staff who use UhuruPMS, billing contacts, and visitors to our marketing website.
For data about guests of the hotels using UhuruPMS (including reservation, check-in and identity-document data), Zanziholics acts as a processor on behalf of the hotel ("Tenant"). The hotel is the controller of its guest data. We process that data only on documented instructions from the hotel and as required by Tanzanian fiscal law.
Zanziholics Digital Agency Company Limited
P.O Box 3564, Phase 1A Fumba Town, Nyamazi, Zanzibar
Email: build@uhurupms.app
2. Data We Collect
2.1 From hotel staff using the Service
- Name, email address, phone number, role, password hash
- Sign-in records, IP addresses, browser/device metadata, audit log of actions taken in the Service
- Tenant business details — business name, address, ZRA registration number, TIN, VRN, ZRA Integration ID and Token (encrypted at rest)
2.2 From hotel guests (processed on the hotel's behalf)
- Full name, nationality / country, contact details (email, phone)
- Identity document type and number (passport, NIDA, etc.) — required by ZRA for fiscal receipts
- Reservation details — dates, room, rate, payment package, services consumed
- Payment records (we do not store full card numbers — see §6)
2.3 Automatically collected
- Server logs (IP address, request path, response code, timing)
- Error reports (via Sentry)
- Aggregated usage analytics (via Google Analytics, where applicable)
- Strictly-necessary session cookies for authentication; no third-party advertising or behavioural-tracking cookies
3. Why We Process Your Data
| Purpose | Legal basis |
|---|---|
| Operating the Service for tenants and their staff | Contract |
| Issuing fiscal receipts via ZRA VFMS | Legal obligation (tax law) |
| Billing and account administration | Contract / legitimate interest |
| Security monitoring, abuse detection, audit logging | Legitimate interest |
| Product improvement (aggregated, de-identified) | Legitimate interest |
| Direct customer support | Legitimate interest / contract |
| Legal compliance and dispute resolution | Legal obligation |
4. Who We Share Data With
We share personal data only with the following categories of recipients, and only to the extent necessary for the stated purpose:
| Recipient | Purpose |
|---|---|
| Zanzibar Revenue Authority (ZRA VFMS) | Fiscal receipt issuance — legal obligation. Data sent: guest name, document type/number, country, room, rates. |
| Pesapal, DPO, Stripe | Payment processing — only when those connectors are enabled by the tenant. |
| Cloudbeds, Booking.com, Expedia Rapid | Reservation synchronisation when the tenant connects an external PMS or OTA. |
| Google (Analytics) | Aggregated, de-identified usage analytics on the marketing website only. |
| Sentry | Error tracking. Sensitive fields are scrubbed from error reports before transmission. |
| Hosting and infrastructure providers | Hosting in European Tier-3 data centers under standard processor agreements. |
| Professional advisors (auditors, lawyers) | When strictly necessary for compliance, due diligence, or legal claims. |
| Authorities | Where required by Zanzibar / Tanzania law, court order, or to defend a legitimate legal claim. |
We do not sell personal data, and we do not use guest data for marketing without explicit consent.
5. International Transfers
The Service is hosted in European Tier-3 data centers, which means data is transferred from Tanzania to and from Europe. We rely on the European Commission's adequacy frameworks and / or Standard Contractual Clauses with our subprocessors, and we apply technical safeguards (encryption in transit and at rest, role-based access, audit logging) to all international data flows.
6. Payments
We do not store full credit-card or debit-card numbers. Payment data submitted to Pesapal, DPO, or Stripe is sent directly to those processors over TLS; we retain only payment metadata (amount, currency, last-4 digits, transaction reference) for reconciliation.
7. Security
We protect personal data with measures appropriate to its sensitivity, including:
- TLS 1.2+ encryption in transit
- Encryption at rest for tenant ZRA credentials and other secrets
- Per-tenant database isolation (every tenant has its own database)
- Role-based access control with least privilege
- Audit logs for sensitive actions
- Daily encrypted backups, retention policies, tested restore
- Regular review of code and dependencies for vulnerabilities
No system is perfectly secure. If we become aware of a breach affecting your personal data, we will notify you and the relevant authorities in accordance with applicable law (within 72 hours where required).
8. How Long We Keep Data
- ZRA fiscal records (receipts, tax submissions, receipt numbers, z-numbers): five (5) years in line with Tanzanian tax record-keeping law.
- Tenant operational data (reservations, guests, rooms, staff accounts) after subscription end: deleted within ninety (90) days unless the tenant requests earlier deletion or extended retention in writing.
- Server logs and security audit data: 90 days hot, 12 months archived, then deleted.
- Billing records: 7 years (Tanzanian companies-law requirement).
9. Your Rights
Subject to applicable law, you have the right to:
- Access the personal data we hold about you
- Have inaccurate data corrected
- Have your data deleted (subject to overriding legal obligations such as the 5-year ZRA retention)
- Restrict or object to certain processing
- Receive your data in a portable format
- Withdraw any consent you have given (this does not affect prior lawful processing)
- Lodge a complaint with the supervisory authority — in Tanzania, the Personal Data Protection Commission
To exercise any of these rights, write to build@uhurupms.app. Requests by hotel guests should normally be directed to the hotel where the data was collected; we will assist the hotel in responding.
10. Children
The Service is not intended for use by children under 13. Where a child is a registered guest at one of our tenant hotels, the hotel collects only the minimum data necessary for compliant fiscal record-keeping (typically document type set to CHILD per ZRA convention).
11. Cookies
We use only strictly-necessary cookies — login session, CSRF protection, and language preference. We do not set advertising or behavioural-tracking cookies. The marketing website at uhurupms.app may set Google Analytics cookies for aggregate visitor counting; these are de-identified and do not target individuals.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect new features, legal requirements, or operational changes. Material changes will be communicated by email to tenant administrators at least 30 days before they take effect. The current version is always available at this URL.
13. Contact
For privacy questions, data subject requests, or complaints, write to build@uhurupms.app. For full contact details see our Contact page.