What we collect
We collect only what we need to run Campus Companion effectively. Here's exactly what that is:
| Category | Examples | Why we need it |
|---|---|---|
| Account data | First and last name, phone number, email address, gender, profile photo (optional) | Creating and identifying your account, sending OTP verification |
| Location data (on-campus) | Hostel name, floor number, room number | Directing workers to the correct room for service delivery |
| Booking data | Services booked, dates, time slots, assigned worker, before/after photos, special notes | Fulfilling and tracking your service requests |
| Payment data | Transaction reference, amount, payment status, payment method type | Confirming and reconciling your payments โ see Section 3 |
| Ratings & reviews | Star ratings, written reviews, tags you select about a service | Quality assurance and, if you consent by leaving a testimonial, display on our public site |
| Support messages | Name, email, and message content you submit via our support form | Responding to your enquiries |
| Security & session data | Login timestamps, failed login attempts, session tokens | Account security, fraud prevention, and account lockout protection |
๐ We never collect: your full card number, mobile money PIN, or bank account details โ these are entered directly with our payment processor, Paystack, and never pass through our servers. We also do not collect biometric data or academic records.
How we use your information
Every piece of data we hold has a specific, documented reason for existing. We use your information to:
Operate the platform โ verify your phone number, create your account, calculate hostel-specific pricing and any discounts you're eligible for, process bookings and payments, and assign and track service workers.
Communicate with you โ send OTP codes for registration, login, and password reset; send booking status updates and payment confirmations; respond to messages you send us through the support form.
Keep you and our workers safe โ verify worker identity through our badge-scanning system, detect and prevent fraud (including repeated failed login attempts), and investigate disputes.
Improve Campus Companion โ review aggregated booking and rating trends to fix problems and prioritise what to build next.
๐ฃ About our messages: OTP codes, booking updates, and payment confirmations are essential to the service and cannot be turned off while your account is active. Administrative announcements (service outages, new hostels, policy changes) are sent to relevant users via in-app alerts and, occasionally, SMS. If you no longer wish to receive non-essential announcements, contact support and we'll do what we can to accommodate that.
How we store and protect your data
We apply security measures appropriate to the sensitivity of your information:
Encryption in transit โ all data exchanged between your device and our servers is encrypted via HTTPS/TLS.
Password security โ passwords are never stored in plain text. We use PBKDF2 with a unique, randomly generated salt per user and a high iteration count, a widely recommended password-hashing standard. Even we cannot see your actual password.
OTP codes โ one-time passcodes are stored only in hashed form, are single-use, and automatically expire after 10 minutes.
Session control โ changing or resetting your password immediately invalidates all of your active login sessions on every device, so a compromised session cannot persist after you've secured your account.
Account lockout โ repeated failed login attempts on your account trigger a temporary lockout to slow down password-guessing attempts.
Access controls โ only Campus Companion administrators with a legitimate operational need can access personal data through our internal admin tools; worker identity documents and payment records are restricted to admin accounts only.
No system is perfectly secure, and we cannot guarantee absolute security. If we become aware of a data breach that affects your personal information, we will notify affected users and take reasonable steps to contain and address it as promptly as possible.
How long we keep your data
We keep your personal data for as long as your account is active or as needed to provide services. When you deactivate your account, it is disabled immediately and retained for up to 30 days in case you wish to recover it by contacting support; after that window, we work to remove personal data from active use, except where we are required to retain records for legal, financial, or accounting purposes (for example, payment transaction records, which we retain for as long as required under applicable Ghanaian financial recordkeeping obligations).
Booking and payment history tied to completed transactions may be retained longer than an individual profile in order to maintain accurate financial and dispute records.
Your privacy rights
You have meaningful control over your personal data. Here's what you can do, and how:
Access & correct
View and update your name, email, hostel, and room details any time from your Profile page in the app.
Delete
Deactivate your account from your Profile page. Contact support if you'd like your data permanently removed sooner than our standard retention window.
Request a copy
Email us to request a summary of the personal data we hold about you. We do not yet offer an automated self-service export, so this is handled manually by our team.
Change your password
Update your password any time from Profile โ Security. This signs you out of all other active sessions automatically.
Question a decision
If your account is suspended or a booking dispute doesn't go your way, contact support to have it reviewed.
Ask us anything
Reach out with any privacy question โ we'll do our best to answer clearly and promptly.
To exercise any of these rights beyond what's available directly in the app, contact us at privacy@campuscompanion.com.
Local storage on your device
Campus Companion does not use tracking cookies or third-party advertising trackers. Instead, we use your browser's built-in local storage to make the app work smoothly:
Session storage โ your login session token is kept in your browser's session storage while you're signed in. This is cleared automatically when you close your browser tab or sign out, and is essential for staying logged in as you navigate the app.
Local storage โ we store a small amount of non-sensitive data locally on your device to improve the app experience, such as which alerts you've already seen and a snapshot of your recent booking status, so we can show you "what's changed" since your last visit. This data stays on your device and is cleared when you log out or clear your browser data.
None of this data is used for advertising, and none of it is shared with third parties.
Children's privacy
Campus Companion is intended for students residing in participating campus hostels who are at least 16 years old, or the minimum age of digital consent in their jurisdiction if higher. We do not knowingly collect personal data from children below this age. If you believe someone under this age has registered on our platform, please contact us at privacy@campuscompanion.com and we will investigate and take appropriate action, including account removal where warranted.
Changes to this policy
We may update this Privacy Policy to reflect changes in our practices, the services we offer, or applicable law. When we make a material change, we will update the "Last updated" date at the top of this page and, where appropriate, notify you through the app. Your continued use of Campus Companion after a change takes effect constitutes your acceptance of the updated policy.
Contact us about privacy
If you have questions about this policy, want to exercise your data rights, or believe your privacy has been compromised, reach out through any of the channels below.
Support portal
Registered address
KNUST CAMPUS
Response time
We aim to respond to privacy requests within a reasonable timeframe, typically a few business days.