KaziKazi Privacy Policy
Effective date: 29 April 2026 Version: 1.0 Last updated: 29 April 2026
This Privacy Policy explains how KaziKazi collects, uses, shares, and protects information about you when you use:
- The KaziKazi mobile app (iOS and Android)
- The KaziKazi website at https://kazikazi.africa
It is written to be read by you, not by lawyers — if anything is unclear, contact us at the address in §13.
This policy is governed by the Data Protection Act, 2019 of the Republic of Kenya. Where you have rights that go beyond this policy under applicable law, that law prevails.
1. Who we are
Data controller: [FILL: legal entity name — e.g. “BetaKazi Limited” trading as “KaziKazi”] Company registration number: [FILL: registrar of companies number] Registered office: [FILL: physical address in Kenya] Contact email: privacy@kazikazi.africa Data Protection Officer (DPO): [FILL: name and email — required under DPA Art. 24 once we cross the “regular and systematic monitoring” threshold; live GPS delivery tracking will likely qualify] ODPC registration number: [FILL: number issued by the Office of the Data Protection Commissioner — register before public launch]
If you ever want to know what data we have about you, change it, take it elsewhere, or delete it, contact us at the email above. We respond within 7 days.
2. The short version
If you don’t want to read the whole thing, here’s the summary:
- We collect what we need to run the marketplace: your phone number to log you in, your name and selfie to build trust between users, your address to localize pickups, your KRA PIN if you want tax reports, and your payout details to pay you.
- We use precise GPS only while you’re actively delivering an accepted kazi, and only for that kazi.
- We do not sell your data. We do not run ads. We do not embed analytics, attribution, or advertising trackers. We do not use your data to train AI or machine-learning models.
- The only third parties who see your data are the ones we genuinely need to run the service: our hosting provider (Supabase), our SMS provider (Africa’s Talking), the payment processors (Paystack and M-PESA), Apple/Google for push notifications, and Google Maps for address lookups.
- You can delete your account from inside the app at any time. Some financial records are kept for tax compliance — see §6.
- This policy will only ever change in the direction of clearer and less — we will not retroactively use existing data for new purposes without re-asking your consent.
3. What we collect from the mobile app
We only collect the personal data we genuinely need. Each category below tells you exactly what we collect, why we collect it, our legal basis under DPA Art. 30, and what happens if you don’t provide it.
3.1 Identity (required)
- What: your phone number.
- Why: it’s the only way you sign in to KaziKazi.
- Legal basis: contract — we cannot provide the service without it.
- If you don’t provide: you cannot create an account.
3.2 Profile (required to use the marketplace)
- What: your name, address, city, and county; a selfie photo.
- Why: counterparty trust — when someone considers hiring you or accepting your kazi, they see a real person. Your address helps us show you nearby kazis.
- Legal basis: contract.
- If you don’t provide: you can browse but you cannot post or accept a kazi.
3.3 Tax identifier (optional)
- What: your KRA PIN (Kenya tax ID — sensitive information under DPA Art. 34).
- Why: to generate KRA-formatted tax reports for your earnings or expenses.
- Legal basis: explicit consent — you only enter this if you want the tax-reports feature.
- If you don’t provide: the tax-reports feature is unavailable; everything else works.
3.4 Payment & payout details (required to pay or be paid)
- What: the M-PESA number or bank account you want to receive payouts to (or pay escrow from); a non-deliverable proxy email we generate for you to satisfy our payment processor’s requirements.
- Why: to send and receive money for kazis.
- Legal basis: contract; legal obligation (financial record-keeping).
- If you don’t provide: you cannot post a paid kazi or receive payouts as a worker.
- What we never store: your M-PESA PIN, your card number, or your card CVV — these go directly to our payment processor and never touch our servers.
3.5 Location (mostly optional, sometimes required)
- What:
- Approximate location: when you tap “use my current location” to set a pickup or dropoff pin, or when our address-search field uses your area to bias results.
- Precise location: while you are actively delivering an accepted kazi (and only for the categories Move & Deliver, Buy For Me, and Recycle), we collect a continuous high-accuracy GPS trace so the kazi poster can see you en route. iOS shows the blue location indicator at the top of your screen the entire time this is happening.
- Why: address-pinning, route ETAs, and live-tracking transparency for the counterparty.
- Legal basis: contract (active delivery) + consent (everything else; toggleable in iOS/Android settings any time).
- If you don’t provide: you can still use the app; you’ll need to type addresses manually, and you cannot accept kazis in delivery categories that require live tracking.
3.6 Photos
- What: your selfie, up to three photos per kazi you post, photos you attach to chat messages, a completion proof photo when you finish a kazi.
- Why: identity, kazi context, dispute evidence.
- Legal basis: contract.
- If you don’t provide: the selfie is required at signup; chat photos and kazi photos are optional.
3.7 Contacts (only what you explicitly add)
- What: when you build a “team” inside KaziKazi, you can pick people from your phone’s address book or type a phone number. We store only the phone numbers and labels of people you explicitly add.
- Why: so you can re-use trusted helpers for future kazis.
- What we do NOT do: we never upload or store your full address book. Granting the contacts permission lets the app read your contacts on your device to filter them; only the entries you actively tap “Add” on leave the device.
- Legal basis: consent.
- If you don’t provide: the team feature uses manual phone-number entry instead.
- If someone added you: if a KaziKazi user added your number to their team but you have never used KaziKazi, your phone number sits in our database tied to that user’s invite. You can ask us to remove it — see §13.
3.8 Chat content
- What: the text messages, photos, and shared location pins you send through KaziKazi chat.
- Why: to deliver them to the counterparty and provide a record for disputes.
- Legal basis: contract.
- Note: the counterparty receives a copy of every message you send them. Even if you delete your account, their copy of the conversation may remain on their device.
3.9 Ratings
- What: the star ratings and metric breakdowns you give and receive.
- Why: to power the trust system.
- Legal basis: legitimate interest (the marketplace cannot function without reputation).
3.10 Free-text fields
- What: kazi notes, completion captions, the optional reason you give when deleting your account.
- Why: context for the counterparty (kazi notes, captions); product improvement (deletion reasons).
- Note: please don’t put sensitive personal data (national ID number, medical info) into these free-text fields. We don’t ask for it and we don’t want it.
3.11 Device & app data
- What: your push notification token (a per-device identifier issued by Apple or Google), your KaziKazi user ID, and audit metadata for sensitive actions (your IP address and browser/device user-agent string when requesting an OTP or deleting your account).
- Why: to deliver push notifications, keep you signed in, and detect abuse.
- Legal basis: contract + legitimate interest (fraud prevention).
- What we do NOT collect: advertising identifiers (IDFA on iOS, GAID on Android), IDFV, your device name, your installed apps. We do not embed analytics, attribution, or advertising SDKs.
4. What we collect from the website
The KaziKazi marketing website (at https://kazikazi.africa) is informational. We collect very little there:
4.1 Cookies and similar technologies
We use only the cookies strictly necessary to make the website work. We do not use analytics, advertising, or third-party tracking cookies on the marketing site.
4.2 Contact form, waitlist, or newsletter
The marketing site does not currently host a contact form, newsletter signup, or waitlist. To get in touch, email us at the addresses listed in section 12. If we add any of these features in the future, we will update this Policy and notify you.
4.3 Server logs
Like every website, our hosting provider (Cloudflare Pages) records each request — IP address, user-agent, page accessed, timestamp — for short-term operational purposes (abuse mitigation, outage investigation). Cloudflare’s default log retention applies; we do not export or retain these logs ourselves.
5. Who we share data with
We share only what is necessary, and only with the partners listed below. These are processors acting on our behalf — none of them sells your data, and none of them uses it for advertising.
| Partner | What they receive | Why | Where they process |
|---|---|---|---|
| Supabase | Everything stored on our app servers | Database, authentication, file storage | Frankfurt, Germany (eu-central-1) |
| Africa’s Talking | Phone number + OTP code | Sends the OTP SMS that signs you in | Kenya |
| Apple Push Notification service (APNs) | iOS push token + notification text | Delivers iOS push notifications | USA |
| Google Firebase Cloud Messaging (FCM) | Android push token + notification text | Delivers Android push notifications | USA |
| Paystack | Synthetic email, amount, your phone number or bank account, mobile-money PIN (passed through, not stored), recipient name | Processes your payments and payouts | Nigeria, South Africa (regional processing for Kenyan transactions) |
| Safaricom (M-PESA Daraja) | Phone number, amount, transaction reference | STK-push verification of M-PESA payout method | Kenya |
| Google Maps Platform (Maps SDK, Places, Static Maps, Time Zone) | Address-search keystrokes, lat/lng coordinates, IP address | Maps, address suggestions, static route maps | USA |
| Cloudflare | Marketing website edge network | Hosting and serving the public website at kazikazi.africa | Global edge (logs short-term) |
We do not share data with any analytics provider for the app, attribution tool, advertising network, or data broker — because we don’t use any.
We may also disclose information when required by law (a valid Kenyan court order, lawful subpoena, or formal request from a Kenyan regulator with jurisdiction). Where legally permitted, we will notify you before disclosing.
6. How long we keep your data
| Category | Retention |
|---|---|
| Account profile (name, address, KRA PIN, selfie) | Until you delete your account, then redacted within 30 days. |
| OTP audit rows | 30 days, then deleted. |
| Push notification tokens | Until you sign out, uninstall the app, or delete your account; or earlier if Apple/Google reports the token as invalid. |
| Refresh tokens (sessions) | 30 days from last use. |
| Live GPS trace (delivery tracking) | Deleted when you delete your account. |
| Saved payment methods and payout details | Deleted when you delete your account. |
| Past kazi records, payment records, ratings | Retained for 7 years after account deletion to comply with Kenyan tax (Income Tax Act) and anti-money-laundering rules. Personally identifying fields are redacted as described in §7. |
| Chat messages | Retained for the lifetime of the kazi thread; the body of messages you sent is redacted on account deletion (the structure stays so the counterparty’s view doesn’t break, but your name appears as “Deleted user”). |
| Free-text deletion reasons | 90 days, then deleted. |
| Website server logs | Short-term, per Cloudflare Pages defaults. We do not retain these logs ourselves. |
7. Your rights
Under Kenya’s Data Protection Act 2019, you have the right to:
- Access the data we hold about you (Art. 26(c)).
- Correct inaccurate data (Art. 26(d)).
- Delete your data (Art. 26(e), Art. 40), subject to the financial-record retention in §6.
- Object to specific uses (Art. 26(g), Art. 41).
- Restrict processing in certain circumstances (Art. 37).
- Data portability — export your data in a machine-readable format (Art. 38).
- Withdraw consent at any time for any data use that is consent-based (Art. 32(2)).
- Not be subject to automated decisions that produce legal effects on you — see §8.
- Lodge a complaint with the Office of the Data Protection Commissioner — see §13.
You can exercise most of these rights from inside the app:
- Profile → “Delete account” starts the deletion flow.
- Profile → Edit lets you correct your name, address, county, and selfie.
- For data export, contact us at the email in §13; we’ll send you a copy within 7 days.
What “delete my account” actually does
When you delete your account from the app:
Within seconds:
- Your name, address, county, KRA PIN, and selfie are removed from your profile.
- Your saved payment methods, payout details, and team-contact list are deleted.
- Your push notification tokens are deleted (so you stop receiving notifications).
- All your devices are signed out.
- A 30-day grace window begins.
During the 30-day window:
- You can restore your account by logging back in with the same phone number.
- During this window, a copy of the redacted fields is held on our servers so we can restore them if you change your mind.
After 30 days:
- The restorable copy is permanently deleted.
- Your phone-number-based account is permanently deleted from our authentication system.
- Your past kazi records, payment records, and ratings remain (see §6), but your name is shown as “Deleted user” wherever they appear, and the personally identifying fields are erased.
If you were added as someone’s “team contact” but never created an account, you can ask us to remove your number by emailing the address in §13 with proof of ownership of the number — we’ll remove it within 7 days.
8. Automated decision-making
Some parts of KaziKazi use automated systems. None of them produce a legal or similarly significant effect on you without human oversight. For transparency:
- Kazi feed ranking: the order kazis appear in your feed is influenced by distance, recency, category match, and your past activity. This is a sorting aid only — every kazi remains visible to you.
- Fraud and abuse signals: we run automated checks on signup, OTP requests, and unusual payment flows to block obvious abuse (e.g. mass account creation, stolen-card payment attempts). A flagged action may be temporarily blocked while a human reviews it.
- Rating averages: these are simple arithmetic means of ratings you and others give — there is no opaque algorithm.
We do not:
- Use AI or machine-learning models to score, rank, or filter individual users in ways they can’t see.
- Use your data to train any AI/ML model — internal or external.
- Make irreversible decisions about you (suspension, ban, payout denial) without human review.
If you believe an automated decision has affected you, you have the right to request human review under DPA Art. 35–36. Contact us at the email in §13.
9. Future features that may use your data in new ways
We commit to telling you up front about features that could use your data in new ways — even if we have not built them yet. Whenever any of the features in this section is activated, it will be off by default and require an explicit opt-in toggle in the app.
The following features are NOT active today:
- Worker reliability score for lenders. A summary of your KaziKazi reliability could be shared with banks or microfinance lenders if you choose to share it as evidence when applying for credit.
- Aggregate market reports. We may publish anonymized, aggregated insights (e.g. average wages by category and region) — never tied back to individuals.
- Sponsored kazi listings. Businesses may pay to feature their kazis in the feed. This would be on-platform advertising — not third-party tracking.
- Partnership offers. We may put you in touch with relevant partners (insurers, training providers, equipment rental) if you opt in.
- Multi-channel messaging. Forwarding KaziKazi chat to WhatsApp / iMessage / Messenger if you opt in.
We will never:
- Sell your personal data.
- Embed third-party advertising or attribution SDKs in the app.
- Use your data to train external AI/ML or advertising profiles.
- Activate any of the above features without an explicit opt-in toggle in the app.
10. International data transfers
Some of our processors are based outside Kenya — Supabase (Frankfurt, Germany), Apple APNs (USA), Google FCM (USA), Google Maps (USA), Paystack (Nigeria/South Africa), Cloudflare (USA / global edge). Where data leaves Kenya, we rely on these processors’ contractual commitments and the standard transfer mechanisms recognised under DPA Art. 48 (adequate safeguards / standard contractual clauses).
11. Children
KaziKazi is for adults aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you are under 18, please do not use KaziKazi or provide any personal data.
If you believe a child has used the service, please contact us at the email in §13 — we will:
- Suspend the account immediately upon notification.
- Delete the account and all associated personal data within 7 days.
- Notify you and the ODPC if a breach has occurred.
This complies with DPA Art. 33.
12. Changes to this policy
If we make material changes (new data we collect, a new third-party processor, a new feature that uses your data), we will:
- Update this document and bump the version number.
- Show you a notice in the app the next time you open it.
- For material changes, ask you to acknowledge the new version before continuing to use the app.
We will not retroactively use existing data for a new purpose without re-asking your consent.
13. Contact us & complaints
To exercise any of your rights, ask a question, or report a privacy concern:
- Email: privacy@kazikazi.africa
- In-app: Profile → Help → “Privacy”
- Postal: [FILL: registered office address]
To complain to the regulator:
- Office of the Data Protection Commissioner (ODPC), Kenya
- Website: https://odpc.go.ke
- Email: info@odpc.go.ke
You have the right to complain to the ODPC at any time, including before contacting us — but we’d appreciate the chance to fix it first.
14. Security
We protect your data with:
- TLS in transit, at-rest encryption on Supabase
- Phone-based two-factor sign-in (OTP)
- Per-device session tokens that expire after 30 days
- Sensitive fields kept off application logs by default
- A small, audited list of internal staff with access to user data
No system is unbreachable. If we ever discover a breach affecting your personal data, we will notify the ODPC within 72 hours and notify you without undue delay, as required by DPA Art. 43.
Appendix — version history
| Version | Date | Changes |
|---|---|---|
| 1.0 | 29 April 2026 | Initial public version. |
This policy is plain-English on purpose. If you spot something confusing, email us — we’ll fix it.