Embedded Files
Privacy Policy
Last Updated: March 30, 2025
A. Information We Collect
We may collect the following types of information:
A. Information We Collect
We may collect the following types of information:
a) Anonymous Call/Messaging Data
Anonymous Call/Messaging Data: Call duration, timestamps, and general themes (no voice recordings stored unless explicitly permitted).
What? Metadata (call duration, timestamps), not voice recordings (unless consent is given for training).
Why? To monitor service quality without compromising anonymity.
b) Counseling Sessions
Counseling Sessions: Name (optional), contact details (if provided), and session notes (kept confidential by counselors).
What? Optional name, contact details (for follow-ups), and anonymized session notes.
Why? Counselors need context, but data is pseudonymized (e.g., “User A” instead of real names).
c) Corporate Clients
Corporate Clients: Company name, employee count, and contact person details (for billing only).
What? Company name, designated contact person, employee count.
Why? For billing and service customization.
d) Payment Information
Payment Information: Processed via secure third-party gateways (e.g., M-Pesa, credit cards); we do not store payment details.
What? Transaction IDs (not card details).
Why? For refunds/disputes, but no sensitive data is stored.
B. How We Use Data
How We Use Your Information
B. How We Use Data
How We Use Your Information
To provide and improve our services.
For internal analytics (aggregated, non-identifiable data only).
To comply with legal obligations (e.g., court orders).
Summary of how we use users information;
Service delivery
Contractual necessity
Fraud prevention
Legal obligation
Analytics (aggregated trends)
Legitimate business interest
C. Data Retention & Security
Anonymous call/message data: Deleted within 24 hours.
C. Data Retention & Security
Anonymous call/message data: Deleted within 24 hours.
Counseling records: Stored securely for 30 days, then destroyed.
Corporate data: Retained only for active contracts.
No voice recordings are kept unless explicitly consented to for training purposes.
a) Anonymous Calls
Deleted in 24 hours (no recovery possible).
b) Counseling Records
30-day retention (in case of disputes), then shredded digitally.
c) Corporate Data
Kept for 3 years post-contract (tax/legal compliance).
d) Technical Security Measures
Encryption: AES-256 for stored data, TLS 1.3 for transmissions.
Access Controls: Only authorized staff (via 2FA) can access databases.
D. Third-Party Disclosures
We do not sell or share personal data except:
D. Third-Party Disclosures
We do not sell or share personal data except:
With certified counselors (for booked sessions).
If required by Kenyan law enforcement (with a valid court order).
For payment processing (third-party gateways only).
Scenario
Conditions
Law enforcement requests
Must provide court order (per Kenya’s Data Protection Act).
Certified counselors
Bound by confidentiality agreements.
Payment processors
Only necessary transaction data shared.
E. User Rights (Under Kenya’s Data Protection Act)
You have the right to:
E. User Rights (Under Kenya’s Data Protection Act)
You have the right to:
Access, correct, or delete your data (where applicable).
Withdraw consent for data processing.
Lodge complaints with the Office of the Data Protection Commissioner (ODPC).
Access: Users can request a copy of their data.
Correction: Fix inaccurate details (e.g., wrong email).
Erasure: “Right to be forgotten” (exceptions apply for legal holds).
Complaints: Can be filed with Kenya’s ODPC.
6. Policy Updates
We may update this policy periodically. Users will be notified via platform notices.
6. Policy Updates
We may update this policy periodically. Users will be notified via platform notices.
Page updated
Google Sites
Report abuse