Data Privacy Charter

This policy explains how Heritage Pro handles personal data across its school management platform and the services around it: implementation and migration, hosting, backups, integrations, reporting, communications, customer support, and product administration. It is written for the schools, councils, ministries, and public education bodies that use Heritage Pro, and for the students, parents, sponsors, guardians, and staff whose data those organisations record in the system.

Heritage Pro handles personal data in line with the Botswana Data Protection Act, 2024 (Act No. 18 of 2024), in operation since 14 January 2025. The Act distinguishes data controllers from data processors, requires a lawful basis for processing, mandates appropriate security, governs processor contracts and sub-processors, restricts cross-border transfers, sets breach-notification duties, grants rights to data subjects, and is overseen by the Information and Data Protection Commission.

This public charter is a summary. It is read together with each customer's contract, data processing terms, service descriptions, and any lawful instructions issued by the relevant controller; where they differ on a specific point, the contract governs.

To keep the rest of this charter clear, we use the following terms as defined under the Act:

• Personal data — information about an identified or identifiable person, such as a learner, parent, sponsor, or member of staff.
• Sensitive personal data — higher-risk categories such as health, biometric, disability, religious, financial, or safeguarding information that attract extra protection.
• Data controller — the organisation that decides why and how personal data is processed. For school records, this is the school or its parent education body.
• Data processor — an organisation that processes personal data on a controller's behalf. For school records, this is Heritage Pro.
• Data subject — the individual the personal data is about, including students, applicants, parents, sponsors, guardians, and staff.
• Processing — any operation on personal data, including collecting, storing, viewing, editing, sharing, exporting, or deleting it.

For school operational records, Heritage Pro acts as a data processor. The school, council, ministry, or authorised education body is the data controller: it decides why the data is collected, which learners and staff are recorded, what school processes are run, who receives school communications, and how long official education records must be kept. We do not decide those things on our own account.

Heritage Pro acts as a data controller only for its own business and service administration data — for example sales enquiries, customer contracts, billing records, support tickets, licence management, website usage, product security logs, staff access administration, supplier records, and procurement correspondence. Article 16 covers that business data separately.

The exact data in any school's system depends on the modules that school has switched on. Across the platform, the records we may process on a controller's behalf include:

• Student and applicant data — names, dates of birth, gender, nationality, ID or passport numbers, photographs, grades, classes, application status, attachments, and enrolment information.
• Parent, sponsor, guardian, emergency-contact, and billing-responsibility information.
• Academic data — subjects, assessments, marks, report cards, comments, attendance, progression, activities, documents, and learning records.
• Staff and user data — accounts, roles, permissions, departments, employment-related school records, attendance, and system activity.
• Sensitive records — health, welfare, safeguarding, conduct, disability, counselling, and medical information, where a customer uses the relevant modules.
• Finance, fees, transport, library, assets, communications, audit logs, uploaded files, and other operational records needed to run the school.

Heritage Pro processes school data only to provide, secure, support, and improve the services the customer has asked for. In practice this means:

• Hosting and operating the Heritage Pro platform and the staff, sponsor, and student portals.
• Running admissions, student records, assessments, attendance, welfare, fees, transport, communications, documents, reporting, and administration workflows.
• Migrating data, configuring schools, managing users, troubleshooting issues, and providing customer support.
• Generating the reports, exports, notifications, emails, SMS messages, and integrations the customer has configured.
• Maintaining backups, audit logs, security monitoring, product reliability, and incident response.
• Helping customers meet their own education, audit, procurement, and data-protection obligations.

We do not use school data for unrelated purposes, and we do not sell it or use it for advertising.

As the controller, each school is responsible for ensuring it has a lawful basis under the Act for the personal data it records — for example performing a public task or contract, meeting a legal obligation, protecting a person's vital interests, or, where required, obtaining consent. The school is also responsible for telling its own learners, parents, sponsors, and staff how and why it uses their data.

As the processor, Heritage Pro processes that data only on the controller's documented instructions — whether in the customer contract, implementation scope, a support request, configuration choices, or lawful written direction from an authorised customer contact. If we believe an instruction is unlawful or creates a material data-protection risk, we will say so rather than simply carry it out.

Where Heritage Pro acts as a processor, we commit to the following toward every controller:

• We process personal data only on documented instructions, and never sell it or use it for unrelated advertising.
• We limit access to the personnel and approved support providers who need it to deliver the service, on a least-privilege basis.
• We bind personnel who may access customer data to confidentiality.
• We engage sub-processors only where needed for service delivery, and place appropriate data-protection obligations on them.
• We assist controllers, so far as reasonably possible, with data-subject requests, security duties, breach response, audits, and data protection impact assessments.
• At the end of a service, we return, delete, anonymise, archive, or retain data according to the contract, lawful instructions, and applicable legal requirements.
• We make available the information a controller reasonably needs to demonstrate compliance with its own obligations under the Act.

Heritage Pro applies technical and organisational measures designed to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. The specific measures depend on the service, deployment model, customer configuration, and assessed risk, and include:

• Role-based access controls, user permissions, authentication, and least-privilege administration.
• Audit logs and activity records for key actions, where supported by the module.
• Backups, recovery procedures, and availability controls appropriate to the deployment.
• Secure file handling, controlled support access, and separation of customer environments where applicable.
• Encryption in transit, transport security, hosting controls, and infrastructure safeguards where appropriate.
• Staff confidentiality expectations, internal access governance, incident review, and supplier due diligence.

School records routinely include children's data and sensitive personal data — health, welfare, disability, safeguarding, disciplinary, financial, and family information. Heritage Pro treats these as high-care records and processes them only for configured school purposes, authorised support, security, compliance, or lawful instructions from the controller.

Each customer is responsible for ensuring its collection and use of children's and sensitive data has an appropriate lawful basis and meets the additional conditions the Act sets for sensitive personal data. Heritage Pro supports that responsibility through access controls, auditability, module configuration, and secure processing practices.

Heritage Pro may use trusted service providers to deliver the platform — for example hosting, storage and backup, email and SMS delivery, payment or accounting integrations, support tooling, monitoring services, and implementation partners. These providers may access personal data only where needed to provide their service to Heritage Pro or the customer, and only under appropriate confidentiality and data-protection terms.

Where Heritage Pro engages a sub-processor for school data, we remain responsible to the controller for that sub-processor's relevant data-protection obligations, subject to the customer contract and applicable law. Controllers can request the current list of sub-processors relevant to their service.

Some infrastructure, support, backup, email, SMS, or integration services may process or store data outside Botswana. Heritage Pro will make a cross-border transfer only where it is authorised by the controller, required to deliver the contracted service, or otherwise permitted by law — and only subject to the safeguards the Botswana Data Protection Act, 2024 requires for transfers outside Botswana.

For school data, the controller decides retention periods and official record-keeping requirements. Heritage Pro keeps data for as long as needed to provide the service, meet contractual support obligations, maintain backups and audit records, resolve disputes, comply with law, or follow documented customer instructions.

When a service ends, Heritage Pro will return, delete, anonymise, archive, or retain school data as set out in the contract, lawful customer instructions, backup cycles, and applicable legal obligations. Residual copies held in routine backups are deleted on the normal backup rotation.

If Heritage Pro becomes aware of a personal data breach affecting school data, we will notify the relevant controller without undue delay and provide the information available to us to support assessment, containment, remediation, and any required notifications.

Under the Act, the controller is responsible for notifying the Information and Data Protection Commission without undue delay and, where feasible, within 72 hours where required, and for informing affected data subjects where a breach is likely to result in a high risk to them. Heritage Pro supports those obligations as processor, unless the contract or law assigns a different responsibility.

The Act gives data subjects rights over their personal data. Depending on the circumstances and any lawful exemptions, these include the right to:

• Be informed about how their data is collected and used.
• Access the personal data held about them.
• Request correction of inaccurate or incomplete data.
• Request deletion of data where there is no lawful reason to keep it.
• Object to, or request restriction of, certain processing.
• Request portability of data they provided, where applicable.
• Withdraw consent where processing relies on consent.
• Lodge a complaint with the Information and Data Protection Commission.

Because the school, council, ministry, or education body controls the school record, students, parents, sponsors, guardians, and staff should send access, correction, deletion, objection, restriction, portability, or complaint requests to their school in the first instance. Where Heritage Pro receives a request about school data, we will route it to the relevant controller where we can identify them, and assist that controller as required by the contract and the Act. For requests about Heritage Pro's own business data, contact support@heritagepro.net.

Heritage Pro calculates results, aggregates, rankings, and reports from the data a school enters — for example assessment totals, grades, and admission rankings based on the rules a school configures. These calculations support staff decisions; they are tools for authorised users, not automated decisions that Heritage Pro makes about a person on its own account. Responsibility for decisions taken using the system — such as admission, progression, or disciplinary outcomes — rests with the school as controller.

Heritage Pro acts as controller for its own business data — enquiries, demonstrations, proposals, contracts, billing, customer administration, support tickets, licence records, website visits, security logs, staff access records, and supplier information. We use this data to operate the business, provide support, manage contracts, secure the service, communicate with customers, comply with law, and improve the product. Data subjects can exercise their rights over this business data by contacting us using the details in Article 19.

The Heritage Pro application uses cookies and similar technologies that are strictly necessary to sign you in, keep your session secure, and remember basic preferences (such as the login tab you last used). These do not track you for advertising.

To keep the platform secure and reliable, we also record operational and security logs — for example sign-in events, key actions, and error diagnostics. We use these for authentication, abuse prevention, troubleshooting, and audit, and retain them for the period needed for those purposes.

Many Heritage Pro customers are government schools and public education bodies. We support procurement and compliance expectations by maintaining processor commitments, audit and support records, access controls, incident-handling procedures, data-protection cooperation, and privacy-by-design practices appropriate to a school management system.

This public charter should be read together with the customer contract, data processing terms, implementation documents, service descriptions, and any lawful instructions issued by the relevant controller.

For privacy questions about Heritage Pro's processor commitments, security practices, customer-support handling, or Heritage Pro's own business data, contact us using the details below.

We may update this charter to reflect changes in the Heritage Pro platform, customer contracts, security practices, service providers, or applicable law. The latest version is always published on this page, with the revision date shown in the masthead.