Legal

Privacy Policy

Last updated: February 24, 2026

At LoanTrack, your privacy is critically important to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our multi-tenant loan management platform. As a platform handling sensitive financial data, we are committed to the highest standards of data protection and security.

This policy applies to all users of LoanTrack, including tenant owners, administrators, staff members, and any person whose data is processed through the platform (such as loan borrowers). Please read this policy carefully to understand our practices regarding your data.

1 Information We Collect

Account & Registration Information

When you create an account, we collect:

  • Personal details: full name, email address
  • Company information: company name, business type, phone number, email, physical address, country
  • Authentication credentials (passwords are encrypted and never stored in plain text)

Customer & Borrower Data

Through the platform, tenants may enter data about their loan customers, including:

  • Personal identification: names, NRC/ID numbers, phone numbers, addresses
  • Financial information: loan amounts, repayment records, interest rates, collateral details
  • Employment and income details, next-of-kin information
  • Uploaded documents: ID copies, pay slips, contracts, collateral photos

Automatically Collected Information

  • IP address and browser type
  • Device information and operating system
  • Usage patterns, pages visited, features used
  • Audit logs: login timestamps, actions performed, records modified

2 How We Use Your Information

We use the collected information for the following purposes:

Service Delivery

To provide, maintain, and improve the LoanTrack platform and its features.

Security

To detect, prevent, and respond to fraud, abuse, and security incidents.

Support

To respond to your inquiries, provide technical support, and communicate updates.

Analytics

To analyze usage trends and improve the user experience (aggregated, anonymized data only).

3 Data Sharing & Disclosure

We do NOT sell, rent, or trade your personal information or Customer Data to third parties.

We may share your information only in the following limited circumstances:

  • Service Providers: With trusted third-party vendors who assist in operating the platform (e.g., hosting, payment processing), bound by strict confidentiality agreements.
  • Legal Requirements: When required by law, regulation, court order, or governmental authority.
  • Safety: To protect the rights, safety, or property of LoanTrack, our users, or the public.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with prior notice to affected users).

4 Data Security

We implement industry-standard security measures to protect your data:

Encryption

All data encrypted in transit (TLS/SSL) and at rest (AES-256)

Access Control

Role-based access with multi-tenant data isolation

Audit Trails

Comprehensive logging of all data access and modifications

Additional security measures include:

  • Passwords hashed using bcrypt with strong salting (never stored in plain text)
  • Regular security assessments and vulnerability testing
  • Automatic session timeout after periods of inactivity
  • CSRF protection, XSS prevention, and SQL injection safeguards

5 Multi-Tenant Data Isolation

As a multi-tenant platform, LoanTrack employs strict data isolation measures to ensure that each organization's data remains completely separate and confidential:

  • Each tenant's data is logically segregated at the database level using tenant-scoped queries.
  • Users can only access data belonging to their assigned tenant(s).
  • Role-based permissions restrict access within each tenant to authorized personnel only.
  • All API endpoints and queries are automatically scoped to the authenticated user's tenant context.

6 Data Retention

We retain your data according to the following policies:

Data Type Retention Period
Active account data Duration of the subscription
Post-cancellation data 30 days for export, then deleted
Audit logs 12 months from creation
Billing records 7 years (legal requirement)
Anonymized analytics Indefinitely

7 Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Right to Access

Request a copy of the personal data we hold about you.

Right to Correction

Request correction of inaccurate or incomplete data.

Right to Deletion

Request deletion of your personal data (subject to legal obligations).

Right to Portability

Export your data in a structured, machine-readable format.

Right to Object

Object to processing of your data for specific purposes.

Right to Restrict

Request restriction of processing in certain circumstances.

To exercise any of these rights, please contact us at privacy@loantrack.io. We will respond to your request within 30 days.

8 Cookies & Tracking

We use cookies and similar technologies to:

  • Essential Cookies: Maintain your authentication session, CSRF protection, and remember your preferences. These are strictly necessary for the Service to function.
  • Analytics Cookies: Help us understand how users interact with the platform to improve our service. These are anonymized and aggregated.

We do not use advertising cookies or sell cookie data to third parties. You can manage cookie preferences through your browser settings.

9 Children's Privacy

LoanTrack is a business platform and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we discover that we have inadvertently collected data from a child, we will promptly delete it.

10 International Data Transfers

Your data may be stored and processed on servers located in different countries. When transferring data across borders, we ensure adequate protections are in place through:

  • Contractual agreements with data processors that include standard data protection clauses.
  • Selection of hosting providers with recognized security certifications.
  • Compliance with applicable data protection laws in each jurisdiction.

11 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes:

  • We will notify you via email or through a prominent notice on the Platform.
  • The "Last updated" date at the top of this page will be revised.
  • We will provide at least 30 days' notice before changes take effect.

12 Contact Us

If you have any questions about this Privacy Policy, or wish to exercise your data protection rights, please contact us:

privacy@loantrack.io
Lusaka, Zambia
https://loantrack.link
Back to Home Read Terms of Service