top of page

Privacy Policy

Effective Date: April 8, 2026

GovFinTech Inc dba i2m (“we,” “us,” or “our”) is dedicated to protecting the privacy and security of the financial and personal data belonging to Idaho school districts, charter schools, and their employees. This Privacy Policy outlines our practices regarding the collection, use, and safeguarding of data within our SaaS platform.

1. Information Collection

We collect only the information necessary to provide comprehensive school finance services, including:

  • Professional Identification: Name, job title, and school district/charter school affiliation.

  • Security Data: Mobile phone numbers provided exclusively for Two-Factor Authentication (2FA) and security-related notifications.

  • Employment & Financial Data: As directed by the client school district/charter school, we process data including Social Security Numbers (SSN), Dates of Birth, and Bank Account/Routing Information for payroll and state reporting purposes.

 

2. Data Security & Encryption Architecture

We employ an industry-leading security architecture designed to exceed "reasonable procedure" standards (Idaho Code § 28-51-104):

  • Encryption at Rest: All sensitive Personally Identifiable Information (PII) is encrypted at the field level using non-deterministic AES-256-GCM encryption. This serialized envelope includes an Initialization Vector (IV) and Auth Tag to prevent pattern-matching attacks and ensure data integrity.

  • Logical Isolation (Multi-Tenancy): We utilize Row Level Security (RLS) to ensure strict data segregation. This software-defined safeguard prevents "data leakage," ensuring that one school district / charter school cannot access another school district's / charter school’s data.

  • Re-Authentication: Access to raw sensitive attributes (e.g., viewing an SSN or printing W2s) requires the user to re-authenticate their session.

  • Audit Logging: Every instance where decrypted data is accessed is recorded in an immutable audit log.

 

3. SMS and Mobile Messaging Privacy

i2m values your mobile privacy. Mobile information will not be shared with third parties or affiliates for marketing or promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

 

4. Data Sharing and Disclosure

We do not sell, rent, or lease user data to third parties or data brokers. Data is shared with sub-processors (e.g., Twilio for SMS or secure cloud hosting providers) solely to facilitate the services you have requested. We do not store student data and remain compliant with the Idaho Student Data Accountability Act (Idaho Code §33-133).

 

5. Data Retention and Destruction

In compliance with Idaho state law and FERPA, we provide reliable methods for data destruction or return upon contract termination, ensuring a district’s data is purged without affecting the integrity of the multi-tenant database.

 

6. Contact Information

For inquiries regarding this policy, please contact us at: i2m, 9169 W State St, Ste 110, Boise, ID 83714, support@i2mfinance.com, 208-271-3081

bottom of page