1. Overview
MojaDesk (“MojaDesk”, “we”, “us” or “our”) is committed to protecting the information entrusted to us by businesses and their customers. This page explains, in plain language, how we safeguard data across our website and customer support platform (collectively, the “Services”).
We design our systems so that your conversations, account details, and business data stay under appropriate controls, without sharing technical internals that are not needed for you to understand how you are protected.
No online service can guarantee absolute security. We continuously work to reduce risk and respond responsibly if issues arise.
2. How your data is protected
We apply multiple layers of protection so that your information remains confidential and available to the right people:
- Separated workspaces: Each business’s data is kept separate from other customers’ data.
- Limited access: Only authorized team members in your account can access your workspace, according to the roles you assign.
- Protected passwords: Passwords are stored in a hashed form. We never store them in plain text.
- Encrypted connections: Production traffic to MojaDesk is protected with HTTPS so data in transit is encrypted.
- Protected sessions: Signed-in sessions and sensitive account recovery flows are handled securely.
3. Account and access controls
Access to MojaDesk is controlled through authenticated accounts and role-based permissions:
- Sign-in protections: Accounts require valid credentials. We also apply measures that help reduce abusive or repeated failed sign-in attempts.
- Roles: Admins and agents have different levels of access so your team only sees what they need to do their jobs.
- Your control: You decide who joins your workspace and can remove access when someone leaves your team.
4. Hosting and infrastructure
MojaDesk runs on a secure hosting environment. We apply regular system and security updates, maintain network access controls (including firewalls), keep secure backups, and use monitoring to help detect and respond to issues. We also conduct periodic security assessments to review and strengthen our defenses.
5. Application safeguards
Within the MojaDesk platform we apply practical safeguards that protect everyday use:
- Validated uploads: Files and attachments are checked so only appropriate file types are accepted, and unsafe filenames are cleaned before storage.
- Abuse resistance: Protections help limit automated or abusive login behaviour.
- Secure account recovery: Password reset and related account flows are designed so only the rightful account holder can regain access.
6. Website safeguards
Our public website includes additional protections for visitors and form submissions:
- Security-focused HTTP response headers that reduce common browser-based risks;
- Rate limiting and related protections on public forms such as contact and newsletter signup to help prevent abuse.
7. Privacy and compliance
MojaDesk is operated by The Site Weavers in the United Republic of Tanzania. We handle personal data in line with the Personal Data Protection Act, 2022 and related regulations.
For details on what data we collect, how we use it, retention, your rights, and breach notification, please read our Privacy Policy. This Security page focuses on how we protect systems and data; the Privacy Policy covers your legal rights and our data practices.
9. Report a security concern
If you believe you have found a security issue or have concerns about how your data is protected, please contact us promptly:
- MojaDesk (operated by The Site Weavers), United Republic of Tanzania
- Email: support@mojadesk.co.tz
- Phone / WhatsApp: +255 767 213 119
You may also reach us via the contact page. We take reports seriously and will investigate in good faith.