Privacy Policy

Privacy Policy

Effective Date: 5 March 2025

ICFERems is an electronic management system operated for the Islamic Centre For Education & Research. This Privacy Policy explains how information is collected, used, stored, protected, and shared when authorized users access ICFERems through the web application, desktop application, and mobile application.

ICFERems is designed for authorized staff, administrators, and approved users of the Islamic Centre For Education & Research. By using ICFERems, you agree to the practices described in this Privacy Policy.

1. Information We Collect

ICFERems may collect and process the following categories of information.

Account and Profile Information

We collect information required to create, authenticate, and manage user accounts, including:

• Name
• Email address
• Staff profile information
• Department or role
• User permissions and access level
• Login credentials or authentication details
• Account status and system preferences

Operational and Work-Related Information

ICFERems processes information entered, uploaded, generated, or managed through the system, including:

• Project records
• Requests and approvals
• Tasks and assignments
• Notifications and reminders
• Reports and documents
• Procurement records
• Accounting and finance records
• Fleet records
• HR profile information
• Administrative records
• Audit and activity records
• Other organization-related operational data

Device and Technical Information

When you use ICFERems, we may collect technical information such as:

• Device type
• Operating system
• Browser type
• App version
• IP address
• Login time and access history
• Error logs
• Crash reports
• Feature usage information
• Network and security logs

Location Information

The ICFERems mobile app may request access to your device location to support location-based features such as:

• Showing nearby projects
• Calculating distance to project locations
• Displaying project locations on maps
• Opening road directions to project sites
• Sending project proximity alerts when you are near an accessible project location

Location data is used only for operational features of ICFERems. ICFERems does not use location data for advertising.

Notification Information

ICFERems may collect and use push notification tokens to deliver system notifications to the correct logged-in user. Notifications may relate to requests, approvals, tasks, projects, reminders, system updates, or project proximity alerts.

2. How We Use Information

ICFERems uses collected information to:

• Provide secure access to the ICFERems system
• Authenticate users and manage sessions
• Apply role-based permissions and access controls
• Display dashboards, menus, requests, tasks, notifications, reports, and modules according to user access
• Support project tracking, request management, procurement, accounting, HR, fleet, and administrative workflows
• Show project locations and provide directions
• Send relevant notifications to authorized users
• Maintain system security and prevent unauthorized access
• Monitor system performance and diagnose technical issues
• Maintain audit logs and operational records
• Provide support, maintenance, backup, and recovery
• Comply with organizational policies, legal obligations, audit requirements, and regulatory requirements

1. Legal and Organizational Basis for Processing

ICFERems processes information for legitimate organizational, administrative, operational, security, and compliance purposes of the Islamic Centre For Education & Research.

Information is processed only where necessary for authorized work, system operation, user support, security, reporting, audit, or legal compliance.

4. Location Data

The ICFERems mobile app may request foreground and background location permissions.

Foreground location may be used while the app is open to:

• Show your current position on the Projects Map
• Calculate distance to accessible project locations
• Open directions to a project site

Background location may be used, where permitted by the user and device settings, to:

• Support project proximity alerts
• Notify you when you are within a configured distance of an accessible project location

Users can allow, deny, or disable location permissions at any time through device settings. If location permission is disabled, some map, nearby project, distance, directions, and proximity alert features may not function correctly.

ICFERems does not sell location data and does not use location data for advertising or unrelated tracking.

5. Push Notifications

ICFERems may send push notifications for relevant system events, including:

• Requests requiring action
• Approval updates
• Task assignments or changes
• Project updates
• System notifications
• Reminders
• Project proximity alerts

Notifications are intended to be delivered only to the authenticated user or authorized users who are permitted to receive the related information.

Users may disable notifications through device settings. Disabling notifications may affect timely receipt of important work-related alerts.

6. User Access and Permissions

ICFERems uses role-based access controls. This means users should only see menus, modules, records, requests, tabs, notifications, projects, and reports that they are authorized to access.

Access permissions may be configured by system administrators based on role, responsibility, department, assignment, or organizational policy.

Users must not attempt to access, copy, modify, share, or disclose information for which they are not authorized.

7. How We Share Information

ICFERems does not sell personal information.

Information may be accessed or shared only where necessary for legitimate system, organizational, operational, or legal purposes, including:

• Access by authorized staff and administrators
• System hosting and infrastructure support
• Technical support and maintenance
• Backup and disaster recovery
• Security monitoring and incident response
• Audit, reporting, and compliance
• Approved third-party services required for system functions
• Legal, regulatory, or lawful organizational requirements

Third-party service providers may only access information as necessary to provide approved services, such as hosting, email delivery, maps, push notifications, authentication, analytics, security, backup, or technical support.

8. Third-Party Services

ICFERems may use or integrate with third-party services to support system functionality. These may include:

• Hosting and server infrastructure providers
• Email and messaging services
• Push notification services
• Map and directions services
• Authentication services
• Analytics, logging, and crash reporting tools
• Backup and security services

Use of third-party services is limited to what is necessary for the relevant feature or system operation.

When using map or directions features, some information may be processed by the map provider in order to display maps, calculate routes, or open directions.

9. Data Security

ICFERems applies administrative, technical, and organizational safeguards to protect information from unauthorized access, loss, misuse, alteration, or disclosure.

Security measures may include:

• User authentication
• Password protection
• Role-based access controls
• Secure communication protocols
• Server security controls
• Audit logs
• Backup processes
• Access monitoring
• Security updates and maintenance

No digital system can guarantee absolute security. Users are responsible for keeping their login credentials confidential and for reporting suspected unauthorized access, suspicious activity, or data errors promptly.

10. Data Retention

ICFERems retains information for as long as necessary to support organizational operations, system continuity, audit requirements, legal obligations, reporting, dispute resolution, security, and record management.

Retention periods may vary depending on the type of record, operational need, and applicable organizational or legal requirements.

When information is no longer required, it may be archived, anonymized, securely deleted, or retained according to approved organizational policies.

11. User Responsibilities

Users of ICFERems are responsible for:

• Using the system only for authorized organizational purposes
• Keeping login credentials secure
• Not sharing accounts or passwords
• Entering accurate and appropriate information
• Accessing only information they are authorized to view
• Protecting confidential and sensitive information
• Reporting suspected security incidents
• Reporting incorrect, outdated, or unauthorized data
• Complying with applicable organizational policies

1. User Rights and Requests

Depending on applicable laws and organizational policies, authorized users may request:

• Access to personal information held in ICFERems
• Correction of inaccurate information
• Review of account or profile information
• Clarification about how information is used
• Assistance with privacy or security concerns

Requests should be submitted through the appropriate ICFERems administrator or the Islamic Centre For Education & Research contact listed below.

Some records may need to be retained for operational, legal, audit, or compliance reasons even after a correction or removal request.

13. Children’s Privacy

ICFERems is intended for authorized organizational users. It is not intended for use by children and does not knowingly collect personal information from children.

14. International Access and Hosting

ICFERems may be accessed from different locations depending on user authorization and operational need. Data may be stored or processed on servers or services used to operate, secure, maintain, and support the system.

Where third-party infrastructure or services are used, information may be processed according to the service provider’s applicable security and privacy practices.

15. Changes to This Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in:

• ICFERems features
• Mobile app functionality
• Security practices
• Organizational requirements
• Legal or regulatory obligations
• Third-party service usage

When updated, the revised Privacy Policy will be posted on the ICFERems privacy policy page with a new effective date.

Continued use of ICFERems after an update means you accept the revised Privacy Policy.

16. Contact Information

For questions, requests, or concerns about this Privacy Policy or how information is handled in ICFERems, please contact:

Islamic Centre For Education & Research
Website: https://www.icfer.ug
ICFERems System: https://ems.icfer.ug
Email: info@icfer.ug