Updated at 4 June, 2025
NRWB Maji—Utilities App ("we," "our," or "us") is a public service digital platform of the Northern Region Water Board (NRWB), a statutory public utility established under the Laws of Malawi and operating under the oversight of the Government of Malawi.
As a government-owned organisation, NRWB is committed to upholding public trust by protecting your privacy and ensuring the responsible handling of any data voluntarily submitted through this application.
This Privacy Policy outlines how the NRWB Maji App operates with regard to data access, use, and protection. It applies solely to this application and its associated services.
By accessing or using the NRWB Maji App, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy and our Terms of Service. The app is designed to support transparency, accountability, and service delivery in line with the NRWB's public mandate.
You can view this Privacy Policy at any time within the app under 'Settings - Privacy Policy' or via our Play Store listing. The information in this Privacy Policy corresponds with the disclosures provided in our Google Play Data Safety section.
To help explain things as clearly as possible in this Privacy Policy, every time any of these terms are referenced, they are strictly defined as:
The NRWB Maji App does NOT actively collect personal information from users by default. We do NOT store the following information:
However, for specific optional features within the app, the following information may be accessed from your mobile device, but only with your explicit permission:
We do not store this data on our servers unless you explicitly submit it as part of a user-initiated action (e.g., reporting a fault).
Where you voluntarily provide information (e.g., via a form submission), we may use it for the following limited purposes:
The NRWB Maji App does NOT collect or use any data from third-party sources about users.
We do NOT receive or process any customer information from third-party sources when you use the app.
Our application does NOT knowingly collect or retain any personal or non-personal data directly from users. However, to ensure the functionality and reliability of our services, we may engage trusted third-party service providers to perform essential functions on our behalf. These may include, but are not limited to:
In the course of delivering these services, certain limited data (which may include personal or non-personal information) may be accessed or processed by third parties, but solely to the extent necessary to perform the services on our behalf and in compliance with applicable data protection regulations.
We may use third-party service providers such as Google Maps (for location-based services) or Firebase (for crash reporting), Airtel Money and TNM Mpamba (for mobile payments). Each of these providers adheres to its data policies. We ensure their use complies with applicable privacy regulations.
In exceptional circumstances, we may disclose information if we, in our sole discretion, believe it is necessary to:
By using our application, you acknowledge that certain third-party service providers may process limited data on our behalf as described above.
The NRWB Maji App does NOT actively collect personal information from users unless you voluntarily provide it through specific features, such as fault reporting or support requests.
We do NOT collect any personal data by default, and we do NOT receive any user information from third parties.
Any optional data (such as location or images) is only accessed with your explicit permission, at the time you use a feature that requires it.
The NRWB Maji App does NOT collect your email address by default. However, if you voluntarily provide your email address, for example, when submitting a fault report or requesting support, we may use it for the following purposes:
We do not send unsolicited emails, and we will never use your email address for marketing or third-party advertising purposes without your explicit consent.
You may opt out of any non-essential communication at any time by contacting our support team.
The NRWB Maji App only retains information that you voluntarily provide, and only for as long as it is necessary to fulfil the purpose for which it was submitted, such as responding to a fault report or customer support request.
Once the information is no longer required, and there is no legal or regulatory reason to retain it, we will securely delete it from our systems.
We do not retain any personal data unnecessarily, and any information held is handled in accordance with applicable data protection laws and best practices.
The NRWB Maji App is designed with privacy and security in mind. While we do not collect sensitive personal or financial information by default, we implement a range of technical and organisational measures to protect any data you voluntarily provide, such as when reporting a fault or requesting support.
These measures include:
We do NOT store credit card information or other financial data. Any transactions processed through external payment gateways are handled using industry-standard encryption and are governed by the third-party provider's security policies.
While we strive to use commercially acceptable means to protect your information, no method of transmission over the internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee absolute security, but we are committed to continually improving our security practices in line with industry standards.
The NRWB Maji App is operated in Malawi. Any limited information you voluntarily provide through the app, for example, when submitting a fault report, may be processed or accessed by our staff, service providers, or trusted third parties in different locations, including countries outside of Malawi.
While some of these countries may not have data protection laws equivalent to those in Malawi, we take all reasonable steps to ensure that your information is handled securely and in accordance with this Privacy Policy. By using the app, you consent to the possible transfer and hosting of such information in accordance with applicable laws.
We are committed to protecting any information you provide to us. Although the app does not routinely collect personal or sensitive data, when you do share such information (e.g. to report a fault or request support), we implement appropriate technical and organisational safeguards, including:
However, no system is entirely immune to risks. While we take reasonable precautions to guard against unauthorised access, data breaches, or misuse, we cannot guarantee absolute security. In the event of a data incident, we will follow all applicable legal requirements and take all necessary steps to mitigate any impact.
If you have voluntarily submitted information via the NRWB Maji App, for example, in a fault report, you may request to access, update, or delete this information. You may contact us directly with such requests, and we will respond within a reasonable timeframe.
Please note:
If you are an end user whose data was submitted by a third party (e.g. via a customer support interaction), please contact the relevant organisation or authority directly to manage your data rights.
We may disclose limited information, including any personal data you voluntarily provide, to our corporate affiliates. A "Corporate Affiliate" refers to any individual or entity that directly or indirectly controls, is controlled by, or is under common control with the NRWB Maji App, whether through ownership, management, or contractual relationship.
Any such disclosure will be strictly for operational purposes and in accordance with this Privacy Policy. Our corporate affiliates are bound to handle your information with the same level of care, protection, and respect for your privacy as set out herein.
This Privacy Policy is governed by the laws of the Republic of Malawi, without regard to its conflict of laws provisions. You agree to submit to the exclusive jurisdiction of the courts of Malawi in respect of any dispute or claim arising under or in connection with this Privacy Policy, except for individuals who may have rights to make claims under frameworks such as Privacy Shield or the Swiss-US arrangement.
The laws of Malawi, excluding its conflicts of law rules, shall govern this Privacy Policy and your use of the NRWB Maji App. Please note that your use of the app may also be subject to other applicable local, national, or international laws.
By using the NRWB Maji App or contacting us directly, you signify your acceptance of this Privacy Policy. If you do not agree with any part of this Policy, please do not use the app or engage with our services. Continued use of the app, direct interaction with us, or your acceptance of any updates to this Privacy Policy that do not materially affect how your personal information is used or disclosed shall constitute your acceptance of those changes.
We've updated our Privacy Policy to provide you with complete transparency into what is being set when you visit our app and how it's being used. By using our app, registering an account, or making a purchase, you hereby consent to our Privacy Policy and agree to its terms.
This Privacy Policy applies solely to the Services provided by the NRWB Maji App. Our Services may contain links to external websites that are not operated or controlled by NRWB Maji App.
We do not accept responsibility for the content, accuracy, opinions, or practices of these third-party websites, nor do we routinely review or monitor them for completeness or reliability. When you follow a link from our Services to an external website, please note that our Privacy Policy does not apply.
Your browsing and interactions on any such third-party websites are subject to their terms, conditions, and privacy policies. These third parties may also use cookies or other tracking technologies to collect information about you independently of the NRWB Maji App.
This app does not contain any third-party advertisements.
The NRWB Maji App does not use cookies in the traditional sense used by websites. However, the app may utilise local storage mechanisms on your device, such as shared preferences, secure storage, or local databases, to enhance user experience and ensure smooth operation. This may include remembering your login session, storing user preferences, or temporarily caching data to improve performance.
These storage mechanisms are non-essential to the core use of the app but help to provide a more seamless experience. For instance, without such storage, you may be required to log in every time you open the app, and some functionalities, like offline access or content personalisation, may not be available.
We do not store any personally identifiable information in these storage mechanisms unless it is necessary for delivering a specific feature, and such data is always handled securely in accordance with this Privacy Policy.
If you choose to clear your app data or disable local storage features through your device settings, some features of the app may become limited or unavailable.
Although the NRWB Maji App does not use traditional cookies like websites do, it may store data locally on your mobile device (such as login sessions or preferences) to enhance app performance and user experience.
You may manage or clear this locally stored data through your device settings (e.g. by clearing app data or cache). However, please note that doing so may:
Mobile operating systems (such as Android and iOS) provide different controls for managing app storage. You should consult your device's Settings or Help section for guidance on managing app-specific data.
Please be aware that disabling or clearing app storage does not delete your user account or any server-stored information, but may affect how the app behaves on your device.
Any credit card or payment processing information you provide through the NRWB Maji App is handled with the highest level of confidentiality and care. We do not store your payment details directly on our servers. Instead, all payment transactions are processed through trusted and secure third-party payment gateways, which are compliant with international data security standards such as PCI-DSS.
We ensure that your payment information is transmitted using secure encryption protocols and is only accessible to authorised personnel with a legitimate need to access such data. These third-party providers are required to maintain the confidentiality and integrity of your data at all times.
NRWB does not retain your credit card information after the transaction is completed.
The NRWB Maji App is not intended for use by children under the age of 13. We do not knowingly collect personal data from children. If you are a parent or legal guardian and believe that your child has provided us with personal data without your consent, please contact us immediately.
Should we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take prompt steps to delete such data from our records in accordance with applicable data protection regulations.
We may change our Service and policies, and we may need to make changes to this Privacy Policy so that they accurately reflect our Service and policies. Unless otherwise required by law, we will notify you (for example, through our Service) before we make changes to this Privacy Policy and give you an opportunity to review them before they go into effect.
Then, if you continue to use the Service, you will be bound by the updated Privacy Policy. If you do not want to agree to this or any updated Privacy Policy, you can delete your account.
The NRWB Maji App does not display or integrate third-party content, including data, information, applications, or other products and services.
You acknowledge and agree that the NRWB Maji App is not responsible or liable for any third-party services that may be referenced or linked externally. This includes, but is not limited to, their accuracy, completeness, reliability, timeliness, copyright compliance, legality, decency, or quality.
NRWB Maji App does not assume any responsibility or liability to you or any other individual or entity for the use or reliance on any such third-party services.
The NRWB Maji App is committed to respecting user privacy and ensuring compliance with global data protection laws, including the General Data Protection Regulation (GDPR) applicable to residents of the European Economic Area (EEA). Importantly, the NRWB Maji App does not collect or store personal data by default.
We do not collect or retain the following:
For certain features, such as issue reporting, the app may request explicit permission to access specific device features:
Any data submitted through these optional features is only processed at the time of submission and not stored unless it is actively sent by the user to fulfil a request (e.g., fault reporting).
Even though the NRWB Maji App does NOT store user data by default, we respect GDPR principles such as transparency, fairness, and purpose limitation. Should any optional data be submitted by the user, we treat it with the highest level of care and ensure it is:
In accordance with GDPR, users retain the following rights over any data voluntarily submitted via the app:
If you wish to exercise any of these rights, please contact us using the information provided in the app.
NRWB Maji App complies with the California Consumer Privacy Act (CCPA). However, as noted, we do not collect or sell any personal information by default.
You have the following rights:
If, through optional features, any data is submitted, you may contact us to request removal of such data within one month of your request.
In compliance with CalOPPA, we confirm:
You may contact us to enquire about any data you voluntarily submitted or to request its deletion, if applicable.
Don't hesitate to contact us if you have any questions.