Privacy Policy

How JenAir Systems collects, uses, and protects your information

🗓️ Last updated: May 2026 · Effective immediately

        Summary: JenAir Systems
        collects only what is necessary to provide
        the service. We do not sell your data.
        Each school and business operates in a
        completely isolated environment. Your data
        belongs to you.
    

1. Who We Are

JenAir Systems ("we", "us", "our") is a software company providing the JenAir SMS, JenAir POS, and JenAir HMS platforms via jenairsystems.com. We are the data controller for information collected through our platforms.

2. Information We Collect

Account Information

Email address and password (hashed — never stored in plain text)
Portal type (SMS or POS) selected at registration
School or business profile information (name, address, phone, logo) that you provide

School Data (SMS Portal)

Student records — name, admission number, class, academic results
Staff/teacher records and login credentials
Academic session, term, and result data
Wallet transaction records for billing

Business Data (POS Portal)

Product catalogue — item names, prices, stock levels
Sales transactions — items sold, amounts, dates, payment methods
Stock movements — GRNs, adjustments, issues, transfers
Accounts — journal entries, expenses
Staff/cashier records and login credentials

Payment Information

We do not store card numbers or bank details
Payments are processed by Paystack — a PCI-DSS compliant payment processor
We store only: payment reference numbers, amounts, and timestamps

Technical Information

Browser type and version
Device type (desktop/mobile)
Pages visited and time spent
IP address (for security purposes)

3. How We Use Your Information

To provide and operate the platform you registered for
To process payments and manage subscriptions
To send account-related notifications (payment confirmations, important updates)
To provide customer support when you contact us
To detect and prevent fraud or unauthorised access
To improve the platform based on usage patterns

We do not use your data for advertising. We do not sell your data to third parties. We do not use your student or business data for any purpose other than providing the service.

4. Data Isolation & Security

Each school and each business operates in a completely isolated data environment. A school can only see its own students, results, and staff. A business can only see its own products, orders, and accounts. No cross-tenant data access is possible.

All passwords are hashed using BCrypt — irreversibly
Data is transmitted over HTTPS (encrypted in transit)
Database access is restricted to the application server only
Accounts can be suspended or deleted by the account owner or our team

5. Data Sharing

We share data only with the following third parties, and only as necessary to provide the service:

Paystack — payment processing. Paystack receives your email address and payment amount to process transactions. Paystack is PCI-DSS Level 1 certified. See Paystack's Privacy Policy .
Hosting Provider — our servers store your encrypted data. The hosting provider has no access to your application data.
Legal Requirements — we may disclose data if required by law, court order, or to protect our rights and the safety of users.

6. Data Retention

We retain your data for as long as your account is active. If you request account deletion, we will permanently delete all your data within 30 days, except where we are required by law to retain certain records.

Payment records — retained for 7 years for accounting compliance
Account logs — retained for 90 days for security purposes
All other data — deleted within 30 days of account deletion request

7. Your Rights

You have the right to:

Access — request a copy of the data we hold about you
Correction — correct any inaccurate data (most data can be edited directly in the platform)
Deletion — request permanent deletion of your account and all associated data
Portability — request your data in a machine-readable format
Objection — object to how we process your data in certain circumstances

To exercise any of these rights, contact us at info@jenairsystems.com . We will respond within 30 days.

8. Cookies

JenAir Systems uses only essential cookies:

Authentication cookie — keeps you logged in during your session
Anti-forgery token — protects forms from CSRF attacks
TempData cookie — displays one-time success/error messages

We do not use tracking cookies, analytics cookies, or advertising cookies.

9. Children's Privacy

The JenAir SMS platform is used by schools and may contain data about students who are minors. This data is entered and controlled exclusively by the school (the data controller for their students). JenAir Systems processes student data only on behalf of the school and has no independent relationship with students. Schools are responsible for obtaining any necessary consents from parents or guardians in accordance with applicable law.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify account holders via email or an in-app notice. The "Last Updated" date at the top of this page will always reflect the most recent revision. Continued use of the platform after changes constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions, requests, or concerns: