Privacy Policy

1.1 Personal Information You Provide

We collect information you voluntarily provide when using WaterCopilot

Account Registration

• First Name, Last Name
• Email Address (authentication & communications)
• Password (encrypted; never stored in plain text)
• Organization/Affiliation (optional)
• User Purpose (reason for using WaterCopilot)

Profile: user role/permissions, selected geographic regions of interest, language preferences, notification settings.

Queries and Interactions

• Natural language queries submitted to the AI assistant
• Conversation history and chat logs
• Selected topics and data sources accessed
• Feedback provided on responses
• Export and download requests

Image Submissions

• Images uploaded for water monitoring analysis
• Image metadata (date, time, device information if available)

Location Data

• User-selected geographic coordinates for analysis
• Monitoring station locations specified in queries
• Regional preferences for data retrieval

Note: Location is only collected when you manually select it or upload photos with GPS data; we do not track location in the background.

1.2 Automatically Collected Information

We automatically collect basic technical data to make WaterCopilot work properly:

• Device Info: What device you're using (phone, computer), operating system, app version.
• Usage Info: Which features you use, when you log in/out, any app errors.
• Network Info: Your IP address (for security only), type of internet connection.

This helps us fix problems, improve the app, and keep it secure. We don't use this data to identify you personally.

1.3 Camera & Photo Library Access

We request access to your device camera and photo library only when you choose to submit images for water monitoring analysis.

When used:

• Camera: To capture new photos for water analysis
• Photo Library: To select existing photos for submission

How we handle images:

• Images are securely transmitted to Azure storage containers using encryption
• Processed images are retained as described in Section 8 (Data Retention)
• You can disable camera/photo access at any time in your device settings

1.4 Voice Data (When Voice Feature is Used)

We request access to your device microphone to enable hands-free voice command functionality. This feature is optional.

Voice processing:

• Voice recordings are captured only during active voice command interactions
• Audio is stored temporarily in device memory for transcription (typically within seconds)
• Voice data is NOT permanently stored or saved on our servers
• Transcribed text is processed like standard text queries
• Audio data is deleted immediately after transcription and never retained

Your control: You can disable microphone access at any time through your device settings.

1.5 AI-Generated Content

Model Interactions

When you interact with WaterCopilot's AI assistant, the following are processed:

• Prompts sent to Azure OpenAI Services
• AI-generated responses and summaries
• Retrieved context from documents and APIs
• Tool-calling decisions and parameters

Important Note: Your queries and conversations are used solely to generate responses within your session. We do NOT use your personal data or conversations to train AI models.

WaterCopilot requests specific permissions only when needed for functionality:

• Camera & Photo Library: For image submissions (see Section 1.3)
• Microphone: For voice commands (see Section 1.4)
• Location: For manual location selection (see Section 1.1)
• Push Notifications (Optional): For system alerts and notifications

You can deny any permission and still use other features of the application.

Primary Purposes

1. Authentication & Account Management (OAuth2/Keycloak; permissions & access control)
2. AI-Powered Query Processing (natural language understanding, context retrieval, response generation using Azure OpenAI)
3. Water Data Analysis & Visualization (processing hydrological queries, generating charts/graphs, calculating statistics)
4. Image Analysis (processing uploaded images for water monitoring)
5. Quality Control (review, verification, system monitoring)
6. Application Improvement (performance optimization, UX enhancement, feature development)
7. Communication (account updates, system alerts, support)

Secondary Purposes

8. Research & Reporting (aggregated/anonymous data for water management research)
9. Legal Compliance (laws, requests, fraud prevention, safety)

What We Do NOT Use Your Information For:

• Training or improving general AI models (see Section 12)
• Marketing, advertising, or promotional purposes
• Any purpose unrelated to water resource management

Legal Basis for Processing

1. Consent on registration and use
2. Legitimate Interests (environmental/public benefit, water resource sustainability)
3. Legal Obligations
4. Performance of Contract

IWMI & Partner Organizations

• IWMI staff and authorized water management partners
• Research partners including CGIAR centres, universities, and NGOs (using anonymized, aggregated data only)
• Water management authorities in the Limpopo River Basin (with consent)
• Successor organizations in the event of merger, acquisition, or asset transfer

Authentication Services

Keycloak (self-hosted by IWMI) using industry-standard security and data protection practices.

No Third-Party Marketing

• We do not sell, rent, or trade personal information
• We do not share data with advertisers
• We do not use tracking technologies for marketing purposes

Public Data

Only aggregated statistics, monitoring station locations, and anonymized research findings; never names or emails.

WaterCopilot uses the following third-party services to operate:

Azure OpenAI Services (Microsoft)

We use Azure OpenAI Services to power WaterCopilot's AI capabilities. It processes:

• Your queries and conversation context
• Retrieved documents and data
• Generated responses

Important: Under our enterprise agreement, your data is NOT used to train Microsoft's general AI models. Microsoft's data processing complies with enterprise-grade security standards.

Azure Privacy Policy: https://privacy.microsoft.com/

Azure AI Search (Microsoft)

We use Azure AI Search for semantic search and document retrieval. It processes:

• Document embeddings and indexes
• Search queries
• Retrieval results

Azure Storage (Microsoft)

We use Azure Storage to securely store:

• Uploaded images and files
• Indexed documents
• System backups

All Azure services comply with enterprise security standards and data protection regulations.

Keycloak Authentication

We use Keycloak, an open-source identity and access management solution, to handle user authentication securely. Keycloak processes:

• Your email address
• Password (stored encrypted)
• Authentication tokens

Keycloak is self-hosted by IWMI and operates under our data protection policies. Your authentication credentials are never shared with third parties.

No Other Third-Party Tracking

WaterCopilot does not use any third-party analytics services, advertising networks, or tracking tools beyond the services listed above.

WaterCopilot does not track you across other apps or websites. We only collect essential data for the app to work properly.

We do NOT:

• Use your data for advertising
• Share data with advertisers or data brokers
• Track your activity on other apps or websites

What we do use:

• Local storage to remember your preferences
• Secure tokens for login
• Error reporting (anonymous) to fix problems

We don't use marketing cookies or tracking tools.

We protect your information with industry-standard security measures:

Technical Protection:

• All data is encrypted during transmission (HTTPS/TLS)
• Passwords are stored using secure encryption
• We use secure authentication (OAuth 2.0)
• Regular security updates and audits

Access Controls:

• Strict role-based access for staff
• Training on data protection for all team members
• Secure cloud infrastructure (Microsoft Azure)

Your Device Security:

• Authentication tokens stored securely on your device
• Local data protected by your device's security features
• You control device permissions (camera, microphone, etc.)

While no system is 100% secure, we implement best practices to protect your data.

• Active Accounts: retained while active
• Inactive Accounts: may be archived/deleted after 3 years
• Conversation History: retained for service improvement; can be deleted upon request
• Uploaded Images: stored as long as account is active; can be deleted upon request
• Temporary Voice Data: deleted immediately after transcription (within seconds)
• Authentication Logs: 90 days
• Application Logs: 30 days

You may request deletion of your account and data (see "Your Rights").

Depending on your location, you may have the following rights:

1. Access – request your personal data
2. Correction – update inaccuracies
3. Deletion – request account deletion (subject to legal/legitimate interests; anonymized data may be retained)
4. Object – to certain processing
5. Data Portability – receive your data in structured format
6. Withdraw Consent – delete your account or stop using features
7. Complain – to relevant data protection authorities

For South African Users (POPIA)

Information Regulator:

• Website: inforegulator.org.za
• Email: complaints.IR@justice.gov.za
• Phone: +27 12 406 4818

If we become aware, whether through our own internal reviews or upon receipt of a valid notice from a parent, legal guardian, or authorized representative, that we have inadvertently collected personal information from a minor, we will take immediate steps to verify and permanently delete such information from our systems.

To report the potential collection of a minor's data, please contact us immediately at: iwmi@cgiar.org

South Africa (POPIA)

This privacy policy complies with the Protection of Personal Information Act (POPIA), 2013. WaterCopilot processes personal information in accordance with POPIA's conditions for lawful processing.

Other Southern African Countries

Users in Botswana, Mozambique, Zimbabwe, and other countries in the Limpopo River Basin region are covered by this privacy policy. We apply the same data protection standards to all users regardless of location.

Data is stored/processed primarily in Azure cloud infrastructure. If transferred internationally for research or technical purposes, appropriate safeguards are applied in line with data protection requirements.

WaterCopilot's data infrastructure is hosted on Microsoft Azure cloud services, which may involve data processing in multiple geographic regions. IWMI ensures such transfers are protected by appropriate technical and contractual safeguards consistent with international best practices.

WaterCopilot uses domain-specific knowledge from indexed documents and real-time databases to answer your queries.

• Your personal data and queries are NOT used to train general AI models
• Your conversations are NOT shared with other users or used to improve public AI models
• Data is processed solely to generate your responses within your session
• Domain knowledge comes from curated water management documents and databases, NOT from user data

External links (e.g., Keycloak, Azure documentation, IWMI website, partner sites, research sources) have their own privacy practices. Please review their policies.

If WaterCopilot requires additional mobile permissions in future updates, we will:

1. Request your consent before accessing new device features
2. Update this privacy policy to reflect new permissions
3. Notify you of significant changes through in-app notifications or email

In the event of a data breach:

1. Notify relevant data protection authorities within 72 hours where required by law
2. Notify affected users as soon as reasonably possible
3. Provide details on the nature of the breach, data affected, and mitigation steps
4. Offer guidance for protecting your information
5. Provide contact information for questions

Service Provision:

WaterCopilot is provided "as is" to support water management activities. While we strive for accuracy and reliability, we cannot guarantee uninterrupted or error-free service.

Liability Limitation:

IWMI's liability for any issues arising from WaterCopilot use is limited to the extent permitted by applicable law. We are not responsible for decisions made based on WaterCopilot data or analysis.

Proper Use:

You agree to use WaterCopilot only for legitimate water resource management purposes and in compliance with all applicable laws.

If you have any questions about this Privacy Policy, please contact us:

by email: iwmi@cgiar.org

We encourage individuals to contact us in the first instance so that we may address and resolve any concerns promptly, transparently, and in good faith.

This Privacy Policy is governed by applicable laws in the jurisdictions where WaterCopilot operates, including:

• South Africa: Protection of Personal Information Act (POPIA), Act 4 of 2013
• Electronic Communications: Electronic Communications and Transactions Act (ECTA), Act 25 of 2002
• Access to Information: Promotion of Access to Information Act (PAIA), Act 2 of 2000

By using WaterCopilot, you acknowledge that:

1. You have read and understood this policy
2. You consent to the described processing
3. Your information is accurate and truthful

We may update this Privacy Policy periodically. Changes become effective when posted on this page or in the WaterCopilot application, and we will update the "Last Updated" date accordingly. We may notify you of significant changes via email or in-app notification where appropriate. You are advised to review this policy periodically for updates. Your continued use of WaterCopilot after changes are posted constitutes acceptance of the updated policy. The current Privacy Policy is always available in the app's About section or on our website.

WaterCopilot is developed through collaboration between:

• International Water Management Institute (IWMI)
• Research and implementation partners
• Supported by the World Economic Forum

This project represents a paradigm shift in AI-driven water resource management for the Limpopo River Basin.