Privacy Policy

1. Organization

This Privacy Policy applies to the Procurement Management System operated by Collateral Repair Project (CRP), Amman, Jordan. This system is used internally to manage procurement requests, purchase orders, and related approval workflows.

2. Data We Collect

The system collects the following information from authorized users:

• Personal information: Name, email address, department, and role
• Procurement data: Purchase requests, purchase orders, items, pricing, supplier details, and approval records
• Activity logs: Login timestamps, IP addresses, device information, and actions performed within the system

3. How We Use Your Data

• Processing and tracking procurement requests through the 9-stage approval workflow
• Maintaining audit trails for financial accountability and compliance
• Securing user accounts and detecting unauthorized access

Your data is used exclusively for internal procurement operations. It is not shared with third parties, sold, or used for marketing purposes.

4. Data Retention

• Active user data: Retained while the user is employed at CRP
• Purchase order records: Retained for 5 years to meet audit and compliance requirements
• Security and activity logs: Retained for 90 days, then automatically purged

5. Data Security

We protect your data through encrypted connections (HTTPS), two-factor authentication, session management, role-based access controls, and regular security monitoring.

6. Your Rights

As a CRP staff member, you may request access to your personal data or ask for corrections by contacting the system administrator. Account removal is handled through the standard offboarding process.

7. Contact