Privacy Policy
How we collect, use, and protect your personal information
Table of Contents
- 1. Information We Collect
- 2. Mandatory and Optional Information
- 3. How We Use Your Information
- 4. Legal Basis for Processing
- 5. Sharing Your Information
- 6. Data Security
- 7. Data Retention
- 8. Your Rights
- 9. Cookies & Analytics
- 10. Cross Border Transfer of Data
- 11. Automated Processing
- 12. Children's Privacy
- 13. Policy Updates
- 14. Accountability
- 15. Data Protection Officer
- 16. Contact Us
ZIMPUDO values your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our website, mobile application, and related services. We are committed to complying with Zimbabwe's Data Protection Act [Chapter 12:07] (hereinafter referred to as the Act).
ZIMPUDO has notified and registered with the Data Protection Authority (POTRAZ) as required by law. We will cooperate with audits, inspections, and directives issued under the Act.
1. Information We Collect
When you use ZIMPUDO services, we may collect:
- Personal details: Name, address, phone number, email, national ID (where required).
- Service information: Parcel details, delivery/collection records, payment information.
- Technical data: Device type, browser, app usage logs, IP address, geolocation (if enabled).
- Optional information: Feedback, survey responses, or marketing preferences.
2. Mandatory and Optional Information
When we collect your personal information, we will tell you which details are mandatory for us to provide services, and which details are optional.
Mandatory Information
Mandatory information includes your name, phone number, delivery address, and proof of identity (such as national ID) where required for secure parcel collection and regulatory compliance. If you do not provide this information, we may not be able to create your account or deliver/receive your parcels.
Optional Information
Optional information includes email address for receiving updates, marketing preferences, survey responses, and feedback. You may choose not to provide optional information, and this will not affect your ability to use ZIMPUDO's core services.
At the time of collection, we will also inform you of:
- the purpose for which the information is collected;
- who we may share it with (e.g., authorised couriers, regulators);
- your rights to access, correct, or object to processing; and
- whether compliance is compulsory or optional.
3. How We Use Your Information
We use your information to:
- Provide and manage ZIMPUDO services (deliveries, payments, tracking).
- Communicate with you about your account or service.
- Ensure security, prevent fraud, and meet regulatory requirements.
- Improve our website, app, and customer experience.
- Send you updates or promotions (with your consent).
Where we collect sensitive information (e.g., national ID, geolocation logs), we will only process it with your written consent, or as required by law.
4. Legal Basis for Processing
We process your personal data on the following grounds:
- Consent: When you agree to optional uses (e.g., marketing, cookies).
- Contract: To deliver services you request.
- Legal obligation: To comply with laws and regulatory reporting.
- Legitimate interest: To improve our services and protect against fraud.
5. Sharing Your Information
We do not sell your personal data. We may share it with:
- Service providers (couriers, payment processors, IT/cloud providers).
- Regulators or law enforcement where required by law.
- International partners, only with safeguards such as contractual protections or adequacy decisions.
6. Data Security
We use encryption, secure servers, and strict access controls to protect your information. If a data breach occurs that may affect you, we will inform you promptly with details and guidance. ZIMPUDO will also notify the Data Protection Authority within 24 hours and affected users without undue delay, in line with the Act.
7. Data Retention
We keep your information for service delivery, legal compliance, or legitimate business purposes. When no longer needed, we securely delete or anonymize it. Retention periods may vary depending on the type of data and our legal obligations. For example, transactional records may be kept for up to six (6) years to comply with tax and regulatory requirements.
8. Your Rights
As a ZIMPUDO user, you have the right to:
- Access the data we hold about you.
- Request correction or deletion.
- Restrict or object to processing.
- Withdraw consent (where applicable).
- Request transfer of your data.
- If you are dissatisfied with how we handle your data, you may first contact our Data Protection Officer. If unresolved, you may lodge a complaint directly with the Data Protection Authority (POTRAZ).
To exercise these rights, please contact us (details below).
9. Cookies & Analytics
Our website and app use cookies and similar technologies to improve performance, analyze traffic, and remember your preferences. You may manage or disable cookies through your browser or device settings.
10. Cross Border Transfer of Data
We may transfer personal data outside Zimbabwe only where:
- the receiving country ensures an adequate level of protection, or
- transfer is based on your consent, contract performance, public interest, or legal claims, as permitted by law.
11. Automated Processing
ZIMPUDO does not make decisions about you that are based solely on automated processing (including profiling) where such decisions produce legal effects or significantly affect you unless you consent, or it is authorised by law.
Where automated tools are used (for example, to match parcels with lockers or detect potential fraud), a ZIMPUDO staff member will always remain involved in the decision-making process.
If in future we introduce features that involve automated decision-making, we will:
- notify you in advance;
- explain the logic involved and the potential consequences; and
- give you the right to request human review and to contest the decision.
12. Children's Privacy
ZIMPUDO services are not directed at children under 18. Accounts for minors must be created with guardian consent.
13. Policy Updates
We may update this Privacy Policy to reflect changes in our services or legal requirements. Any updates will be posted on this page with a new effective date.
14. Accountability
ZIMPUDO takes responsibility for protecting your personal information in line with the Act. We have internal policies, controls, and safeguards in place to demonstrate compliance with the law, and we regularly review our practices to ensure they remain effective.
15. Data Protection Officer (DPO)
ZIMPUDO has appointed a Data Protection Officer (DPO) to oversee compliance with this Privacy Policy and the requirements of the Act. The DPO is responsible for:
- monitoring ZIMPUDO's data protection practices;
- advising on legal and regulatory obligations;
- handling requests from data subjects; and
- cooperating with the Data Protection Authority (POTRAZ).
We also maintain records of all personal data processing activities as required by law, and we make these available to the Authority upon request.
16. Contact Us
For questions, concerns, or to exercise your rights, please contact:
Data Protection Officer
ZIMPUDO - BlitzTech Electronics (Private) Limited
Harare, Zimbabwe
Email: dpo@zimpudo.com
Phone: +263 77 461 3020
Last Updated: January 1, 2026
This policy is compliant with Zimbabwe's Data Protection Act [Chapter 12:07]