Terms and Conditions & Privacy Policy
Ingata Integrated Lending Business Management System (ILBMS) · Version 1.0 · 38 sections across 16 parts
Version
1.0
Status
Active
Governed by
Laws of Rwanda
Operator
INGATA TECHNOLOGIES LTD
PART I
Introduction
This document establishes the Terms and Conditions and Privacy Policy governing the access to and use of the Ingata Integrated Lending Business Management System (ILBMS). It provides the legal, operational, and regulatory framework that defines how the system should be used by financial institutions and authorized users. The document ensures that all users understand their obligations and responsibilities when accessing or operating the platform.
The purpose of this document is to provide clear guidelines that regulate the proper use of the system while ensuring transparency, accountability, and compliance with applicable financial regulations. It outlines the standards required to protect system integrity, institutional operations, and user data.
Specifically, this document aims to:
- Define the rights and responsibilities of system users, including financial institutions, administrators, loan officers, finance officers, and other authorized personnel who interact with the system.
- Protect the intellectual property of the ILBMS platform, including its software architecture, system design, databases, documentation, and other proprietary components.
- Ensure compliance with applicable legal and regulatory requirements, including financial sector regulations and guidelines established by authorities such as the National Bank of Rwanda (BNR).
- Establish security and privacy standards for the processing, storage, and management of personal and financial data within the system.
- Define acceptable use of the platform, outlining appropriate system usage and identifying prohibited activities that could compromise system security or integrity.
- Explain how personal and financial data is collected, processed, stored, and protected, ensuring transparency in data management practices.
By accessing or using the Ingata Integrated Lending Business Management System (ILBMS), users acknowledge that they have read, understood, and agreed to comply with the Terms and Conditions and Privacy Policy outlined in this document. Continued use of the system constitutes acceptance of these terms.
The Ingata Integrated Lending Business Management System (ILBMS) is a centralized digital platform designed to support financial institutions in efficiently managing lending operations, financial transactions, regulatory compliance, reporting, and funding management. This system also provides an integrated environment that enables institutions to automate and streamline their lending processes while maintaining strong internal controls, transparency, and operational efficiency.
ILBMS facilitates the management of the entire loan lifecycle, starting from the submission of loan applications through analysis, approval, disbursement, repayment monitoring, and final loan settlement.
The platform is designed to support a wide range of financial institutions and lending organizations, including but not limited to:
- Microfinance Institutions (MFIs)
- Non-Deposit Taking Financial Services Providers
- Savings and Credit Cooperative Organizations (SACCOs)
- Credit Unions
- Government or Private Lending Programs
- Financial Cooperatives
- Development Finance Institutions
Core system modules include:
- Loan Application Management
- Loan Analysis and Review
- Loan Approval and Decision Management
- Loan Disbursement and Repayment Monitoring
- Financial Accounting and Transaction Management
- Portfolio Risk Classification and Provisioning
- Funding Management
- Reporting and Analytics
- User and Role Management
- Security and Audit Controls
For the purposes of this document, the following definitions apply:
| Term | Definition |
|---|---|
| ILBMS | Ingata Integrated Lending Business Management System |
| System | The ILBMS platform, including web application, database, APIs, and related services |
| Institution | Any organization that subscribes to and uses ILBMS |
| User | Any authorized individual accessing the system |
| Borrower | Individual or institutional client applying for a loan |
| Loan Application | A request submitted through ILBMS for financial lending |
| BNR | National Bank of Rwanda |
| CRB | Credit Reference Bureau |
| RBAC | Role-Based Access Control |
| Personal Data | Information that identifies an individual |
| Processing | Any operation performed on personal data |
| Administrator | Authorized personnel responsible for system configuration |
Access to and use of the Ingata Integrated Lending Business Management System (ILBMS) constitutes acceptance of the Terms and Conditions and Privacy Policy outlined in this document. By accessing, registering, or using the system, users acknowledge that they have read, understood, and agreed to comply with all applicable policies governing the operation and use of the platform.
Acceptance of these Terms and Conditions shall be deemed to occur when any of the following actions take place:
- A user creates or registers an account within the ILBMS platform.
- A financial institution subscribes to or adopts the ILBMS system for operational use.
- An authorized system user logs into the platform to access system functionalities.
- A borrower submits personal or financial information through the system with the help of an authorized user.
If a user does not agree with any provision contained within these Terms and Conditions, the user must refrain from accessing or using the ILBMS platform. Continued access or use of the system shall be interpreted as full acceptance of these terms.
The Ingata Integrated Lending Business Management System (ILBMS) is intended to be used exclusively by authorized organizations and individuals involved in financial management and lending operations. Access to the system is restricted to approved users who have been granted permission by their respective institutions or system administrators.
The system is primarily designed for use by the following entities and individuals:
- Financial institutions
- Lending organizations
- Authorized employees of subscribing institutions
- System administrators responsible for system configuration and management
- Borrowers interacting with the system through authorized institutional portals
In order to maintain system integrity, security, and regulatory compliance, all users must adhere to the following requirements:
- Users must be legally authorized by their institution to access and operate the system.
- The system must be used exclusively for legitimate financial, lending, and administrative operations.
- Users must comply with all applicable laws, regulatory requirements, and institutional policies governing financial services and data protection.
Unauthorized access to the system, misuse of system privileges, or any attempt to interfere with the platform's functionality is strictly prohibited. Any violation may result in suspension or termination of system access and may lead to disciplinary or legal action.
PART II
User Rights and Responsibilities
ILBMS uses Role-Based Access Control (RBAC) to ensure that users can access only the data and system functions relevant to their responsibilities.
System roles include:
- Managing Director
- Finance Officer
- Loan Officer
- Business Officer
- Board of Directors
- Senior Manager
- Borrower
Permissions may include:
- Creating loan applications
- Reviewing loan applications
- Approving loans
- Recording payments
- Managing financial accounts
- Generating reports
Users must not attempt to bypass access controls or access system data beyond their assigned permissions.
Users are responsible for protecting their login credentials.
Users must:
- Maintain confidentiality of passwords
- Avoid sharing login credentials
- Log out from shared devices
- Report suspicious activity immediately
The system may enforce:
- Password complexity requirements
- Multi-factor authentication
- Account lockout after repeated failed attempts
Users must use ILBMS only for legitimate financial operations.
Prohibited activities include:
- Attempting to access unauthorized system data
- Uploading malicious software
- Manipulating financial records
- Using the system for fraudulent activities
- Interfering with system operations
Violation of acceptable use policies may result in account suspension, legal action, and termination of service.
The ILBMS system, including its software code, system architecture, user interfaces, documentation, data models, reports and analytics, is the intellectual property of INGATA TECHNOLOGIES LTD.
Users are granted a limited, non-exclusive license to use the system.
Users may not:
- Copy or distribute the software
- Reverse engineer the platform
- Modify system components
- Resell the system without authorization
The ILBMS platform aims to maintain high availability and reliability. However, temporary interruptions may occur due to system maintenance, software updates, network issues, or infrastructure failures.
- System maintenance
- Software updates
- Network issues
- Infrastructure failures
Scheduled maintenance may be conducted periodically to improve system performance and security. Users will be notified where possible.
PART III
Data Management and Privacy Policy
ILBMS collects and processes various types of data to provide its services.
Personal Information collected includes:
- Name
- National ID
- Contact details
- Address
- Marital status
Financial Information collected includes:
- Loan applications
- Repayment schedules
- Collateral details
- Guarantor information
- Income records
System Usage Data collected includes:
- Login timestamps
- User activity logs
- System interaction history
Data collected through ILBMS is used to:
- Process loan applications
- Evaluate borrower creditworthiness
- Manage loan portfolios
- Generate financial reports
- Monitor repayment schedules
- Support regulatory reporting
Personal data processing is conducted based on:
- Contractual obligations
- Regulatory requirements
- Legitimate business interests
- User consent
Processing is conducted in compliance with:
- Rwanda data protection regulations
- Financial regulatory standards
- Institutional compliance policies
ILBMS implements multiple security measures to protect data, including:
- Encryption of sensitive data
- Secure database architecture
- Access control policies
- Activity monitoring
- Secure document storage
Documents protected include identity documents, loan agreements, collateral certificates, and financial reports.
15.1 Purpose
INGATA TECHNOLOGIES Ltd is committed to ensuring that only the data necessary to effectively support institutional operations, lending activities, and regulatory compliance is retained within the Ingata ILBMS. The purpose of this policy is to establish clear guidelines governing how data is stored, maintained, and securely disposed of when it is no longer required.
This policy establishes a consistent framework for managing data retention across all system modules and operational processes within institutions using the ILBMS platform.
15.2 Scope
This policy applies to all data collected, processed, and stored within the Ingata Integrated Lending Business Management System (ILBMS), regardless of where the data is stored or the medium in which it is held.
The policy covers data stored on:
- ILBMS system servers and databases
- Cloud or hosted infrastructure used by the system
- Institutional storage systems connected to ILBMS
- Backup and archival storage systems
The policy applies to both electronic and physical forms of data, including:
- Personal information of borrowers, guarantors, and shareholders
- Loan applications and supporting documentation
- Financial transactions and accounting records
- Collateral and guarantor documentation
- System activity logs and audit trails
- Reports and institutional records
- Images, scanned documents, audio recordings, or other digital files uploaded to the system
15.3 Reasons for Data Retention
- Supporting ongoing financial services provided to borrowers and institutional stakeholders.
- Managing loan applications, loan approvals, loan disbursement, and repayment monitoring.
- Maintaining borrower records and transaction histories.
- Complying with financial reporting obligations and regulatory submissions to authorities such as the National Bank of Rwanda (BNR).
- Complying with applicable financial, tax, labor, and regulatory laws.
- Supporting internal and external audits, financial reviews, and compliance inspections.
- Investigating security incidents, operational irregularities, or potential fraud.
- Preserving institutional records and intellectual property.
- Supporting legal processes, dispute resolution, or litigation.
15.4 Data Duplication
ILBMS minimizes unnecessary duplication of data across its systems and storage environments. However, certain operational, security, or business requirements may necessitate that data be stored in multiple locations.
Examples include:
- System backups and disaster recovery storage
- Redundant storage environments for system reliability
- Audit logging and compliance records
- Replicated databases for system performance
15.5 Data Retention Requirements
ILBMS establishes the following general guidelines for retaining personal, operational, and financial data within the system:
- Borrower and Loan Data: Borrower information, loan applications, collateral documentation, and repayment records will be retained for the duration of the loan lifecycle and for the legally required period after loan closure.
- Financial Transaction Data: Accounting records, transaction journals, and financial reports will be retained for the period required by financial regulations, tax regulations, and auditing standards.
- Borrower Identification Documents: Personal identification documents and supporting materials will be retained for as long as the borrower maintains an active relationship with the institution and for the legally mandated retention period thereafter.
- System Activity Logs and Audit Trails: System logs and audit records will be retained for compliance, security monitoring, and auditing purposes.
- Employee and User Account Data: Data related to system users will be retained for the duration of their association with the institution and for a defined period following termination of their access.
- Regulatory Reporting Data: Data used for regulatory submissions will be retained in accordance with applicable regulatory guidelines.
15.6 Data Retention and Preservation
ILBMS does not permanently delete operational data from the system. All records are retained to ensure data integrity, support historical reference, facilitate auditing, and comply with legal and regulatory requirements.
When data reaches the end of its operational usage period, it remains stored within the system but may be archived or marked as inactive to prevent its use in day-to-day operations while still maintaining availability for authorized access.
16.1 Purpose
The Ingata Integrated Lending Business Management System (ILBMS) is committed to protecting the confidentiality, integrity, and availability of personal and financial information processed within the platform. This Data Protection and Privacy Policy establishes the principles and procedures governing the collection, processing, storage, and protection of personal data in compliance with applicable laws, regulatory requirements, and industry best practices.
16.2 Data Protection Principles
- Lawfulness, Fairness, and Transparency: Data shall be processed in a lawful, fair, and transparent manner.
- Purpose Limitation: Data shall only be collected and processed for clearly defined and legitimate purposes related to lending operations, financial management, and regulatory compliance.
- Data Minimization: Only the minimum amount of personal data necessary for operational and regulatory purposes shall be collected.
- Accuracy: Reasonable measures shall be taken to ensure that personal data is accurate and kept up to date.
- Storage Limitation: Data shall be retained only for the period necessary to fulfil the purpose for which it was collected.
- Integrity and Confidentiality: Appropriate technical and organizational measures shall be implemented to protect data against unauthorized access, loss, or misuse.
16.3 Data Sharing
ILBMS does not sell or commercially distribute user or borrower data. Data sharing occurs only when required for operational, regulatory, or legal purposes.
Personal and financial data processed within ILBMS may be shared with authorized entities, including:
- Credit Reference Bureau (CRB) for credit reporting and borrower credit history verification.
- National Bank of Rwanda (BNR) for regulatory reporting and compliance monitoring.
- Regulatory authorities and government agencies where disclosure is required by applicable laws or regulations.
- Authorized institutional personnel responsible for loan processing, financial management, auditing, and regulatory reporting.
16.4 User Data Rights
Users and data subjects whose information is processed within the ILBMS platform may have certain rights regarding their personal data. These rights may include:
- The right to access their personal data held within the system.
- The right to request correction or updating of inaccurate or incomplete data.
- The right to request deletion of personal data, where permitted by applicable regulations.
- The right to withdraw consent for certain types of data processing, where consent is the legal basis for processing.
- The right to request data portability, allowing personal data to be transferred to another authorized system or service provider where applicable.
17.1 Purpose
The ILBMS platform implements robust security and encryption mechanisms to safeguard sensitive financial and personal information. These security controls are designed to protect system infrastructure, data storage systems, and communication channels from unauthorized access, data breaches, and cyber threats.
17.2 Data Encryption
- Encryption in Transit: All data transmitted between users and the system is protected using secure communication protocols such as TLS (Transport Layer Security).
- Encryption at Rest: Sensitive data stored within system databases and storage systems may be encrypted to protect against unauthorized access.
- Document Encryption: Uploaded documents such as identification records, collateral documents, and financial records may be stored using encrypted storage mechanisms.
17.3 Access Control
- User authentication through secure login credentials
- Role-based permission assignment
- Restricted access to financial and administrative modules
- Account lockout mechanisms after repeated failed login attempts
- Password complexity requirements
17.4 Infrastructure Security
- Firewalls and network protection mechanisms
- Secure database management systems
- Regular security patching and updates
- Malware protection and vulnerability monitoring
- Backup and disaster recovery mechanisms
18.1 Purpose
The Audit Logging and Monitoring Policy establishes procedures for recording and monitoring system activities within ILBMS. Audit logging ensures transparency, accountability, and compliance with financial regulatory requirements.
18.2 Audit Logging
ILBMS maintains comprehensive audit logs that capture important system events, including:
- User login and logout activities
- Creation, modification, and deletion of system records
- Loan application processing activities
- Loan approval and rejection decisions
- Financial transaction entries and postings
- System configuration changes
- Data access and export activities
Each audit log entry includes user identification, date and time of the activity, description of the action performed, and the affected system module or data record. Audit logs are stored securely and are protected from unauthorized modification or deletion.
18.3 Monitoring and Compliance
- Reviewing system logs for anomalies
- Investigating suspicious activities
- Identifying unauthorized system access
- Supporting internal and external audits
- Ensuring compliance with financial regulatory requirements
18.4 Data Breach Notification
In the event of a data breach or security incident involving the ILBMS platform, the system operator will take appropriate actions to investigate and mitigate the incident.
- Investigating the cause and scope of the incident
- Containing and mitigating the impact of the breach
- Notifying affected institutions and authorized stakeholders
- Implementing corrective and preventive measures
PART IV
Service Level Agreement (SLA)
The Service Level Agreement defines the service performance standards that ILBMS commits to providing to subscribing institutions.
21.1 Service Availability
ILBMS aims to maintain a minimum system uptime of 90.5% per month, excluding scheduled maintenance.
Availability = (Total Time − Downtime) / Total Time × 100. Where downtime excludes: scheduled maintenance, network failures outside ILBMS infrastructure, force majeure events, and client-side configuration issues.
21.2 Scheduled Maintenance
Scheduled maintenance may occur for system updates, security patches, infrastructure upgrades, and database optimization. Maintenance notifications will be communicated at least 24 hours in advance where possible.
21.3 Support Response Times
| Issue Severity | Example | Response Time |
|---|---|---|
| Critical | System unavailable | Within 2 hours |
| High | Major feature failure | Within 3 hours |
| Medium | Partial functionality issue | Within 24 hours |
| Low | Minor issue or request | Within 48 hours |
21.4 Support Channels
- Email support
- Online ticketing system
- Telephone support
- Dedicated enterprise support (Enterprise plan)
PART V
Pricing and Subscription Terms
ILBMS operates on a tier-based subscription model.
22.1 Subscription Plans
| Plan | Monthly | Annual | Users |
|---|---|---|---|
| Basic | $200 | $2,000 | Up to 10 |
| Professional | $600 | $6,000 | Up to 50 |
| Enterprise | $1,500 | $15,000 | Unlimited |
22.2 Features Included
- Loan management
- Borrower management
- Loan approval workflows
- Accounting and financial reporting
- Portfolio monitoring
- Funding management
- Regulatory reporting
- Advanced analytics
22.3 Plan Upgrades
Institutions may upgrade their subscription plan at any time. Changes become effective immediately or at the next billing cycle.
23.1 Payment Methods
- Bank transfer
- Mobile money
- Online payment systems
- Authorized payment platforms
23.2 Billing Cycles
Billing may occur monthly or annually. Annual payments may receive discounted rates.
23.3 Late Payments
Failure to pay subscription fees may result in:
- Service warning notifications
- Temporary account suspension
- Restricted access to system features
- Account termination
23.4 Refund Policy
Subscription payments are generally non-refundable unless required by applicable law or specified in a contract.
PART VI
Implementation and Customization
Implementation services support the deployment of ILBMS within an institution.
24.1 Implementation Activities
- System installation
- Database configuration
- User account setup
- Role configuration
- Initial system configuration
- System testing
24.2 Implementation Fees
Estimated implementation costs range from $2,000 – $10,000 depending on system complexity.
Some institutions may require system customization. Examples include:
- Custom loan products
- Custom reports
- External system integrations
- Workflow customization
- API integration
Customization costs depend on the scope and complexity of requested features.
PART VII
Liability and Risk Management
ILBMS is provided "as is" and "as available." While reasonable efforts are made to ensure system reliability, ILBMS does not guarantee that the platform will be error-free, uninterrupted, or free of vulnerabilities.
26.1 Limitation of Liability
ILBMS shall not be liable for:
- Financial losses caused by incorrect user data
- Business interruptions
- Indirect or consequential damages
- Loss of profits or revenue
- Data loss caused by external factors
26.2 Maximum Liability
The maximum liability of ILBMS shall not exceed the subscription fees paid during the previous 12 months.
PART VIII
Dispute Resolution
Any dispute arising from the use of ILBMS shall be resolved through the following steps:
- Internal negotiation
- Mediation
- Arbitration
- Court proceedings if necessary
Both parties agree to attempt good faith negotiations before pursuing legal action.
PART IX
Termination of Service
The ILBMS provider reserves the right to terminate service under the following conditions:
- Violation of terms
- Illegal system use
- Failure to pay subscription fees
- Fraudulent activities
Institutions may terminate their subscription by providing written notice.
PART X
Force Majeure
ILBMS shall not be liable for failure to perform obligations due to events beyond reasonable control. Examples include:
- Natural disasters
- War or civil unrest
- Government restrictions
- Internet infrastructure failures
- Cybersecurity incidents outside the system's control
PART XI
Governing Law
These Terms and Conditions shall be governed by the laws of:
The Republic of Rwanda. Any legal disputes shall be handled in the competent courts of Rwanda.
PART XII
Data Protection and Security
ILBMS processes sensitive financial and personal data. Data protection policies ensure compliance with Rwanda data protection regulations, financial sector compliance standards, and institutional privacy requirements.
31.1 Data Processing Principles
- Lawfulness
- Fairness
- Transparency
- Purpose limitation
- Data minimization
- Accuracy
- Confidentiality
ILBMS implements strong security practices. Security mechanisms include:
- TLS/SSL encryption
- Database encryption
- Secure authentication
- Access control enforcement
- Activity monitoring
Documents uploaded to the system are protected through encrypted storage.
PART XIII
Audit and Compliance
ILBMS maintains full audit trails for regulatory and financial compliance.
Audit logs record:
- User actions
- Transaction entries
- Loan approval decisions
- Data modifications
- Financial postings
Audit records include:
- User ID
- Timestamp
- Action description
- System module affected
Audit logs cannot be modified by standard users.
PART XIV
Borrower Data Handling
Borrower information processed by ILBMS includes:
- Personal identification data
- Loan application information
- Collateral documentation
- Guarantor information
- Repayment records
Borrower data is processed only for:
- Loan management
- Credit assessment
- Regulatory reporting
Loan data may be shared with Credit Reference Bureaus (CRB) where required. This may include:
- Loan status
- Repayment history
- Default information
PART XV
API and Integration Policies
ILBMS may provide Application Programming Interfaces (APIs) to support system integration. API integrations may include:
- Payment platforms
- Banking systems
- Mobile money providers
- Credit bureau systems
API users must:
- Use secure authentication tokens
- Follow API usage limits
- Protect system credentials
- Avoid excessive or malicious requests
Unauthorized API use may result in access suspension.
All integrations must comply with:
- Secure communication protocols
- Data encryption requirements
- Access control policies
External systems must maintain adequate security standards.
PART XVI
Final Provisions
ILBMS reserves the right to update these Terms and Policies. Updates may occur due to regulatory changes, system improvements, and security requirements.
Users will be notified of significant updates.
For questions regarding these Terms and Privacy Policy:
System
Ingata Integrated Lending Business Management System (ILBMS)
Phone
Contact us for phone support
Address
Contact us for our address
Questions about these terms?
Contact our support team for direct assistance. support@ingata.com
