Jubiskra Limited ("we", "us", "our") operates the Estastra platform. We are dedicated to protecting the confidentiality and privacy of the data entrusted to us.
This Privacy Policy sets out the basis upon which we process, store, and disclose personal data provided by users of our mobile apps, web platform, gate management systems, and automated communication tools.
01
Nature of Our Service
Understanding how we handle data starts with understanding our role.
Estastra acts primarily as a Data Processor on behalf of your community management (the Data Controller). We process your data — entry logs, payment records — based on the instructions and rules set by your organisation. For services such as account management and our automated bot services, we act as a Controller.
02
Information We Collect
We collect specific data to facilitate security, payment reconciliation, and community management.
From your organisation
- Unit data: Unit number, property type, and location within the perimeter.
- Occupant contact: Names, phone numbers, and email addresses of authorised occupants.
- Staff records: Identification details, guarantors, and employment records including NIN verification data for deployment staff.
From you directly
- Account credentials: Username, encrypted passwords, and profile photos.
- Visitor data: Names and details of guests you pre-authorise for entry via gate passes.
- Community content: Content you share on community boards or maintenance tickets.
Automated collection
- Movement logs: We record the timestamp, gate name, and vehicle details every time you or your visitors enter or exit the perimeter. This is a core security feature.
- Payment records: We record payment status and transaction references to maintain the estate's financial ledger. We do not access or store your bank login credentials or PINs.
03
WhatsApp Bot Service
Estastra operates an automated WhatsApp bot to facilitate gate pass generation and management for residential estates.
- Data collected: We collect WhatsApp phone numbers and message content solely to process gate pass requests.
- Purpose: This data is used exclusively to generate, validate, and deliver gate passes.
- Third-party sharing: This data is not shared with third parties for marketing or any non-essential purpose.
- Security: All WhatsApp interactions are stored securely within our encrypted infrastructure.
04
How We Use Your Data
We use your data solely to provide the Estastra services.
- Security enforcement: To verify identities at the gate and enforce access rules, such as restricting access for unpaid dues if configured by your organisation.
- Payment reconciliation: To maintain accurate household ledgers and confirm payment status.
- Emergency alerts: To send SMS broadcasts in the event of a security incident or emergency.
- Service notifications: To confirm payments and notify you of visitor arrivals via SMS or automated messaging tools.
05
Data Sharing and Disclosure
We do not sell your data. We share it only as necessary to operate the platform.
- Your facility governance: Authorised administrators have access to occupant lists, payment history, and gate logs for management purposes.
- Service providers: We use trusted third-party vendors for hosting (Oracle Cloud), SMS delivery (Termii), payment processing (Paystack), and identity verification (Dojah). They are bound by strict data processing agreements.
- Legal compliance: We may disclose data if required by law or a valid court order.
06
Data Security
We employ enterprise-grade security measures to protect your information.
- Encryption: All data in transit is encrypted via HTTPS/TLS. Passwords and PINs are hashed using industry-standard algorithms (Bcrypt).
- Access control: Strict role-based access ensures that a guard cannot see financial data, and an accountant cannot see movement logs unless authorised.
- Infrastructure: Our servers are hosted in secure Oracle Cloud data centres with automated backups.
07
Data Retention
We retain your data for as long as your organisation subscribes to our service.
If your organisation cancels the subscription, your personal data will be archived or deleted in accordance with the organisation's data retention policy and applicable laws.
08
Your Rights
You have the right to request access to, correction of, or deletion of your personal data.
Please direct these requests to your Facility Administrator first, as they control the master records. You may also contact us directly at [email protected] to request data deletion.