Trust Centre
Security is not a feature. It is the foundation.
Your school's data belongs to your school. It always has. It always will. Everything below explains how we protect it.
Uptime & reliability
- 99.9% uptime SLA
- Automated daily encrypted backups
- Multi-region infrastructure
- Defined incident response procedure
- Transparent status reporting
Data governance
- Tenant data isolation at database layer
- African data residency — data stays in Africa
- Role-based access control (RBAC)
- Per-user permission overrides
- Immutable academic records
- Full, permanent audit log
Access control
- Granular per-module permissions
- Server-side RBAC enforcement
- No client-side permission bypass
- JWT-based session management
- Configurable session timeout
- Multi-factor authentication (roadmap)
Compliance
- Kenya Data Protection Act 2019
- Nigeria NDPR
- South Africa POPIA
- GDPR (EU data subjects)
- Data Processing Agreement available
- Responsible AI statement
Responsible AI statement
Msingi uses AI to assist with specific, bounded tasks: generating draft report card comments, surfacing attendance patterns, and flagging anomalies in fee collection. AI does not make decisions — it makes suggestions that a human reviews before anything is saved or sent.
No student data is sent to third-party AI providers without explicit school consent. All AI-assisted features can be disabled by the school administrator.
We do not use student data to train models. We do not build profiles of individual students for purposes other than supporting their education at their school.