Your data, handled with care
This Privacy Policy explains how FeeMaster (“we”, “our”, “us”) collects, uses and protects information when your organisation and its members use the FeeMaster platform.
Last updated · 27 May 2026
Who this policy applies to
This policy covers organisations (the administrators who sign up for FeeMaster) and the members whose records those organisations add to the platform - for example fee payers, donors, welfare beneficiaries and programme attendees.
Where an organisation manages records about its members, that organisation is the data controller for those records and FeeMaster acts as the data processor.
Information we collect
We collect information that organisations and their admins provide directly to FeeMaster, including:
- Organisation name, address and contact details.
- Admin and sub-admin account information (name, email, phone, role, hashed password).
- Member records (name, member number, phone number, family links, fee plan).
- Payment, donation and welfare records (amounts, dates, receipt numbers, notes).
- Programme information (titles, schedules, speakers, posters).
- Operational metadata such as IP addresses, timestamps and device information used for security and audit logging.
How we use information
We use the information described above to:
- Provide the FeeMaster service to your organisation - collecting fees, generating receipts, running reports.
- Send the WhatsApp reminders, payment confirmations and receipts that your organisation has configured.
- Maintain security, prevent abuse, and keep an audit trail of administrative actions.
- Improve and troubleshoot the platform.
- Comply with our legal obligations.
We do not sell personal information, and we do not use member contact information for marketing outside of the messages your organisation explicitly configures.
Sharing and processors
FeeMaster shares information only with the service providers required to run the platform - for example our cloud hosting provider, our database provider, the WhatsApp business API provider that delivers reminders, and our email provider.
Each provider is bound by contractual obligations to handle the information securely and only for the purposes we instruct.
Data security
Data is isolated per organisation. Access is role-based - a sub-admin only sees the sections their organisation has granted. Administrative actions are logged. Passwords are stored as salted hashes; we never see the plaintext.
We use industry-standard encryption in transit (HTTPS/TLS) and at rest for the underlying database.
Data retention
Records are retained for as long as your organisation continues to use FeeMaster. If you close your organisation account, we keep the records for a limited period in case you reactivate, and then delete or anonymise them in line with applicable law. You can request an earlier deletion at any time.
Your rights
Depending on where you live, you may have rights to access, correct, export or delete personal information about you. Members should raise requests with the organisation that manages their record; we will support that organisation in fulfilling the request.
Organisations can export their data at any time from the admin panel.
Children
FeeMaster is intended for use by organisations and their authorised administrators. It is not directed to children, and we do not knowingly collect information from anyone under the age of 13 outside of records added by their parent or guardian through an authorised organisation.
Changes to this policy
We may update this policy from time to time. When we do, we will change the “Last updated” date at the top and, for material changes, notify organisation admins by email or via the admin panel.
Contact
Questions about this policy or how your data is handled? Get in touch with us at feemaster.lk@gmail.com.