Schoolmia Privacy & Cardholder Data Security Policy
1. Purpose & Scope
This policy explains how Schoolmia collects, processes, and protects personal and cardholder data in line with PCI-DSS standards.
2. Data We Collect
Name, email address, phone number, institution details
Cardholder data processed through PayFast and PayPal (Schoolmia does not store this data)
3. Security Measures
4. Payments
All transactions are processed through PCI-DSS-compliant providers: PayFast and PayPal.
5. Data Usage
Used for account setup, payment handling, academic communication, and technical support.
6. Data Retention
Personal data is retained for up to 24 months. Payment data is retained by PayFast/PayPal.
7. Breach Notification
Users will be notified within 72 hours if a data breach occurs.
8. Contact
For privacy or support queries: support@kzdsolutions.co.za