Privacy & Data Policy

This Privacy Policy applies to the Smart Duuka operating system, SmartServe POS, our mobile applications, and associated services provided by Digi-volve Technologies Limited. It governs how we collect, process, and safeguard the data of our tenants (businesses) and their end-users (employees and customers).

By utilizing our suite of tools, you consent to the data practices described in this comprehensive policy.

To provide a robust multi-tenant environment, we collect several categories of data:

• Registration & Account Data: Company name, tax identification numbers, physical addresses, and primary administrator contact details (email, phone).
• Authentication Data: Encrypted passwords, active session tokens, and 2-Factor Authentication (2FA) verification logs.
• Operational Data: Real-time inventory levels, supply chain records, human resource files (including employee payroll data), and systemic cash flow movements.
• Customer Data (Processed on your behalf): Names, contact details, and purchase histories of your clients entered into the CRM and receipting modules.
• Device & Diagnostic Data: IP addresses, browser types, and crash reports to help us maintain system stability.

We do not sell your data. We utilize the information collected strictly for the following purposes:

• To provide, maintain, and improve the Smart Duuka and SmartServe POS infrastructure.
• To process transactions and generate accurate financial and operational reports.
• To authenticate users and prevent fraudulent activity.
• To send critical system alerts, maintenance updates, and administrative communications.
• To comply with legal obligations and regulatory requirements.

We retain your account and operational data for as long as your tenant account is active.

Upon account termination, operational data can be exported. We will securely purge non-financial data within 90 days of termination, though certain fiscal records may be retained longer to comply with local tax laws.

We implement enterprise-grade security to protect your multi-tenant environment:

• Infrastructure: Hosted on secure Virtual Private Servers (VPS) with stringent Nginx firewall rules and restricted port access.
• Encryption: All data in transit is encrypted using modern TLS protocols. Passwords and sensitive tokens are heavily hashed.
• Automated Backups: To guarantee data survival, Smart Duuka employs high-frequency cron-based rotations. Databases are securely offloaded to cloud storage every two hours.

Depending on your jurisdiction, you retain the following rights concerning your data:

• The Right to Access: Request a full export of your tenant data.
• The Right to Rectification: Correct inaccurate operational or profile data (excluding immutable financial logs).
• The Right to Restrict Processing: Request a temporary pause on specific data processing activities.

To exercise these rights, the primary tenant administrator must contact our support team.

Smart Duuka uses essential cookies and local storage mechanisms necessary for the platform to function. These are strictly used for maintaining secure sessions, remembering user UI preferences (like dark mode and custom scrollbar states), and optimizing system performance. We do not use third-party tracking cookies for advertising purposes.