Introducing The MoPSE Learner’s Hub 

MoPSE Learners Hub – Privacy Policy

 Effective Date: 29 Spetember 2025
Version: 1.0

  1. Introduction

The Ministry of Primary and Secondary Education (MoPSE) recognises the importance of protecting the privacy and personal data of learners, parents, teachers, and all other users of the MoPSE Learners Hub.

This Privacy Policy explains in detail how personal information is collected, used, stored, shared, and protected when you use the MoPSE Learners Hub WhatsApp chatbot service, which provides:

  • Academic learning resources;
  • Psychosocial support (PSS);
  • Age-appropriate Sexual and Reproductive Health and Rights (SRHR) information;
  • AI-powered learning and wellbeing tools.

This policy is developed in compliance with the Cybersecurity and Data Protection Act (CDPA, Chapter 12:07, 2021) of Zimbabwe and is informed by best practice standards such as ISO 27001, General Data Protection Regulation (GDPR), and the African Union Convention on Cybersecurity and Personal Data Protection.

By using the MoPSE Learners Hub, you agree to the terms outlined in this Privacy Policy.

  1. Who We Are
  • Data Controller:
    Ministry of Primary and Secondary Education (MoPSE), Government of Zimbabwe.
  • Data Protection Officer (DPO):   Abel Moyo
    Appointed under Section 23 of the CDPA to oversee compliance and safeguard user rights.
    Email: dpo@uchat.co.zw
  • Implementation Partners:
    • UNESCO and UNFPA – provide technical and programmatic support.
  • Data Processors:
    • UChat (chatbot hosting and analytics, GDPR, ISO 27001 and SOC1 certified).
    • OpenAI (AI response generation).
    • Meta/WhatsApp (messaging infrastructure).
  1. Information We Collect

When you use the MoPSE Learners Hub, we collect and process the following categories of information:

3.1 Basic Identifiers

  • Your WhatsApp profile name or self-declared name.
  • Your phone number (used as the primary account identifier).
  • User category: Learner, Parent/Guardian, Teacher.
  • Location (self-declared region, district, or town).
  • Age group or school grade (to tailor content appropriately).

3.2 Interaction Data

  • Questions you submit and answers provided by the chatbot.
  • Session metadata (timestamps, frequency of interaction).
  • Learner Hub navigation behaviour (topics accessed, features used).

3.3 Sensitive Information

  • In certain cases, users may share personal details relating to health, wellbeing, abuse, exploitation, or safeguarding issues.
  • This information is classified as special personal data under Section 13 of the CDPA and is handled with the highest safeguards.
  1. Purpose of Processing

Your data is used strictly for the following purposes:

  1. Service Delivery – to provide academic, psychosocial, and SRHR support.
  2. Personalisation – tailoring chatbot responses to your age group or learner grade.
  3. Safeguarding – identifying and escalating potential child protection or welfare concerns.
  4. Monitoring and Evaluation – generating anonymised, aggregated reports to improve services and inform education policy.
  5. Compliance with Law – fulfilling obligations under the Children’s Act, Education Act, and CDPA.
  6. Service Improvement – training and enhancing chatbot capabilities while respecting user rights.

We do not use your data for marketing, commercial profiling, or sale to third parties.

  1. Legal Basis for Processing

Under the CDPA, MoPSE processes data on the following grounds:

  • Consent (Section 14 CDPA): All users provide consent at onboarding. For learners under 16, explicit parental/guardian consent is required.
  • Public Interest (Section 18): Advancing national education, child development, and protection.
  • Legal Obligation (Section 17): Reporting safeguarding or abuse concerns.
  • Legitimate Interests (Section 15): Operating and improving the Learners Hub while balancing rights of data subjects.
  1. Data Sharing and Disclosure

We only share data where necessary, under secure conditions:

  • With MoPSE staff: strictly authorised personnel on a need-to-know basis.
  • With partners:
    • UNESCO and UNFPA receive only anonymised, aggregated insights.
  • With safeguarding authorities:
    • Childline Zimbabwe (116) or law enforcement where safeguarding issues are detected.
  • With processors:
    • UChat (system hosting and analytics).
    • OpenAI (AI responses).
    • Meta/WhatsApp (message delivery infrastructure).

All processors are bound by contractual Data Processing Agreements to protect user data.

  1. Cross-Border Data Transfers

Because UChat, OpenAI, and WhatsApp servers are located outside Zimbabwe, your personal data may be transferred across borders.

To protect you, we ensure that:

  • Providers are certified under ISO 27001 and comply with GDPR standards.
  • Binding Data Processing Agreements are in place.
  • Transfers comply with Section 22 of the CDPA on cross-border data flows.
  1. Data Retention

We retain personal data only as long as necessary:

  • Routine chat logs: up to 12 months.
  • Consent and audit records: up to 24 months.
  • Safeguarding and child protection records: up to 5 years (or longer if legally required).
  • Aggregated/anonymised statistics: may be retained indefinitely.

When retention periods expire, data is securely deleted or anonymised.

  1. Data Security Measures

We apply technical and organisational safeguards to protect your data:

  • Encryption: WhatsApp end-to-end encryption; TLS encryption for UChat servers.
  • Access Control: Role-based access; only authorised staff can view personal data.
  • Audit Logs: All staff access is logged and monitored.
  • Data Minimisation: Only essential information is collected.
  • Incident Response: Breaches must be reported to the Data Protection Authority within 24 hours (Section 24 CDPA).
  1. Safeguarding & Child Protection
  • If the chatbot detects abuse, self-harm, or exploitation, MoPSE may escalate the case to Childline (116) or law enforcement.
  • Users are reminded not to disclose unnecessary sensitive personal information, but where such data is disclosed, it is protected under Section 13 of the CDPA.
  • A Safeguarding Officer within MoPSE will oversee escalations in line with the Children’s Act.
  1. Your Rights under CDPA (Sections 20–21)

As a user, you have the right to:

  • Access: Request a copy of your data.
  • Rectification: Correct errors or incomplete data.
  • Erasure: Request deletion (DELETE command via chatbot).
  • Restriction: Ask us to stop certain processing.
  • Objection: Refuse processing not required by law.
  • Portability: Request your data in a structured format.

To exercise these rights, contact the Data Protection Officer (DPO).

  1. Children’s Privacy and Parental Consent
  • For children under 16, we require verifiable parental or guardian consent before registration.
  • Parents/guardians can request access, correction, or deletion of their child’s data at any time.
  • Children are encouraged to use the chatbot under parental supervision, especially for SRHR modules.
  1. Updates to this Policy

This Privacy Policy may be updated from time to time. Updates will be communicated through:

  • The Learners Hub WhatsApp service;
  • The official MoPSE website;
  • Circulars to schools.
  1. Contact Us

Data Protection Officer
Mr. Abel Moyo
Email: dpo@uchat.africa

  1. Acceptance

By continuing to use the MoPSE Learners Hub, you confirm that you have read, understood, and agree to this Privacy Policy. Parents and guardians confirm that they consent on behalf of children under 16.

1. Prohibited Content: 
  • Hate Speech and Discrimination: Content that promotes hatred, discrimination, or violence against individuals or groups based on race, ethnicity, religion, gender, sexual orientation, disability, or other protected characteristics is strictly prohibited.
  • Illegal or Harmful Activities: Content that promotes illegal activities, violence, self-harm, or harm to others is not allowed on our platform.
  • Inappropriate or Offensive Material: Content that is sexually explicit, obscene, or otherwise inappropriate for our educational community is prohibited.
2. Copyright and Intellectual Property:
  • Respect for Copyright: Users must respect copyright laws and intellectual property rights. Posting or sharing copyrighted material without proper authorization is not permitted.
  • Original Content: Users are encouraged to create and share original content or properly attribute sources when sharing third-party content.
3. Academic Integrity:
  • Plagiarism and Cheating: Academic dishonesty, including plagiarism, cheating, or the unauthorized use of materials or information, is strictly prohibited.
  • Credible Sources: Users should use credible sources and cite references when presenting academic work or research.
4. User Conduct:
  • Respectful Behavior: Users are expected to engage with others in a respectful and courteous manner. Harassment, bullying, or disruptive behavior will not be tolerated.
  • Compliance with Policies: Users must comply with all platform policies and guidelines, including our Terms of Service and Privacy Policy.
5. Reporting Violations:

If you encounter content that violates our content policy guidelines, please report it to our moderation team immediately. We take all reports seriously and will take appropriate action, which may include removing the offending content and/or suspending or terminating user accounts.

6. Enforcement:

Violations of our content policy may result in disciplinary action, including warnings, account suspension, or termination, depending on the severity of the offense.

7. Contact Us:

If you have any questions or concerns about our content policy or believe that your content has been removed in error, please contact our support team for assistance.

Thank you for being part of our educational community and helping us maintain a positive and constructive learning environment!

Sign up to receive our latest updates