IMATT College

IMATT College

Academic Management System

Privacy Policy

Last updated: 30 June 2026

IMATT College ("IMATT", "we", "us") operates the IMATT Academic Management System ("the System"). This policy explains what personal data we collect, why we collect it, and how it is handled.

1. Data we collect

  • Account data: name, email, phone number, role, photograph.
  • Applicant data: date of birth, gender, address, national ID, guardian details, prior qualifications, and uploaded supporting documents.
  • Academic data: programme, courses, attendance, grades, transcripts, examination submissions.
  • Financial data: invoices, payment receipts, bank or mobile-money references. Card numbers are never stored.
  • Operational data: IP address, device/user-agent, and audit-log entries for security and dispute resolution.

2. Why we collect it

  • To administer admissions, enrolment, examinations, grades, and graduation.
  • To collect and reconcile tuition and fee payments.
  • To communicate with students, parents/guardians, and staff about academic life.
  • To meet IMATT's legal, regulatory, and accreditation obligations in Sierra Leone.
  • To detect, investigate, and prevent fraud or misuse of the System.

3. Who can see your data

Access is role-based. Students see their own records; lecturers see students enrolled in their courses; HODs see their department; Finance Officers see fee-related records. IT Admins have system-wide access for support purposes and their actions are recorded in the audit log.

4. Sharing with third parties

We use trusted processors to operate the System: Clerk (authentication), Supabase (database hosting), Cloudflare (network protection, file storage), Vercel (application hosting), Resend (email), Monime (mobile-money payments), and Sentry/PostHog (error monitoring and product analytics). Each processor handles data only on our instructions. We do not sell personal data.

5. How long we keep it

Academic records are retained for the lifetime of the institution's record-keeping obligations. Operational data (audit logs, payment events) is retained for at least seven years. Applicant data for unsuccessful applications is retained for one academic cycle and then archived.

6. Your rights

You may request a copy of the personal data we hold about you, ask for corrections, or request deletion where this does not conflict with our record-keeping obligations. Contact the Registrar's Office at IMATT College, Freetown.

7. Security

Data is encrypted in transit (HTTPS) and at rest. Passwords are never stored in plain text. Sensitive actions require multi-factor authentication. Payment receipts are served only via short-lived signed links.

8. Changes to this policy

We may update this policy as the System or applicable laws change. The "Last updated" date above reflects the most recent revision.

PrivacyTermsAccessibilityCookie Policy← Back to home

© 2026 IMATT College, Sierra Leone. All rights reserved.