Privacy policy

Privacy Policy

Last Updated: Apr. 16, 2024

​

Scope 

​

Braiding Nairobi is committed to respecting Users/Applicants/ Braiders/ Visitors/ Prospects’/  Website Visitors’ (jointly named hereinafter as the “Data Subjects”) privacy and protecting their  Personal data. In this sense, the aim of this Privacy Policy is to inform Data Subjects about Ndeza  Collective's processing activities, related to its brand, Braiding Nairobi, as per the Data Protection  Act, 2019. 

​

The purpose of the Privacy Policy  

​

This Privacy Policy notice describes how Braiding Nairobi collects and processes personal data,  the different stakeholders involved in this processing as well as our Data Subjects rights with  regard to their data. We recommend that all stakeholders involved in the processing as well as Data  Subjects read it carefully and on a frequent basis to fully understand this along with our privacy  overview, which highlights key points about our current privacy practices. 

​

Definitions 

​

This notice applies to all data subjects and specifically applies to: 

Users: Those who request or receive services including; braiding, haircuts and styling, hair  coloring, chemical treatments, natural hair services, hair extensions and weaves, scalp treatments,  special styling, hair care consultations, hair restoration and all other related services via their  Braiding Nairobi account. 

Braiders: Those who provide the aforementioned services individually or through a salon via their  Braiding Nairobi account. 

Applicants: Those who apply to use the application or website as service providers/ Braiders and  are awaiting vetting and approval to gain access.

Visitors: Individuals who access the Braiding Nairobi website or download the app for the purpose  of browsing its content, features, or services without or without necessarily engaging in further  interaction or transactions. 

 

Data Protection Rights: 

​

As a data subject, your rights related to personal data include right of access, right to rectification,  right to erasure, right to object to processing, right to object to profiling, right to unsubscribe to  any marketing communication. 

​

What Kinds of Data do we Collect? 

​

Braiding Nairobi collects various types of data about its users: 

​

1) Directly Supplied Information by Users: 

​

a) Registration Data: Information provided during account creation, including; username,  service address, phone number and email. 

b) User Profile Information: Details added to the platform for service use, such as mobile  number and delivery address. 

c) Payment Information: Data provided for order processing, including card details  processed by electronic payment service providers and MPESA number information. d) Additional Information: Any extra data supplied to Braiding Nairobi like photographs or  billing addresses. 

e) Previous Communications: Information shared with Braiding Nairobi or the Braiders for  query or complaint resolution. 

f) Accident Information: Data of involved parties for insurance claims. g) Conversations with Braiding Nairobi: Transcripts and recordings for service quality and  security. 

h) Communications between users: Exchanges on the chat system, accessed by Braiding  Nairobi only when necessary. 

i) Additional User Input: Any other information provided in requests, comments, or  questions. 

 

2) Indirectly Supplied Information: 

a) Data From Platform Use: Information collected during user interaction.

b) Device and Application Data: Details about the device and application used, including IP  address, and browsing history. 

c) User Origin Data: Source information if arriving through external links. d) Incident Management Data: Messages received and stored for managing current or future  incidents. 

e) Cookie Data: Use of cookies for user browsing and statistical purposes. f) Geolocation Data: Collection of location data with user authorization.

g) Data from External Third Parties: Personal data obtained from third parties with user  consent, such as Facebook or Google accounts, and messages from social media networks. 

 

For which purpose do we use your data? 

​

As a data subject may use your data for: 

​

a) Legal Purposes: In the event of fraud and crimes committed on our App; to comply with  legal regulations; manage your requests, to file and/or defend any claims and legal actions. 

• Braiding Nairobi may share users’ data if we believe it is required by applicable  law, regulation, operating license or agreement, legal process or governmental  request, insurance policy, or where the disclosure is otherwise appropriate due to  safety or similar concerns. 

• This includes sharing data with law enforcement officials, public health officials,  other government authorities, insurance companies, or other third parties as  necessary to enforce our Terms of Service, user agreements, or other policies; to  protect Braiding Nairobi’s rights or property or the rights, safety, or property of  others; or in the event of a claim or dispute relating to the use of our services. 

• This also includes sharing data with others in connection with, or during  negotiations of, any merger, sale of company assets, consolidation or restructuring,  financing, or acquisition of all or a portion of our business by or into  another company. 

​

b) Contractual Purposes: We may use your data to grant the data subjects possibility to  create their own accounts, locate the nearest Braider or salon to each data subject, perform  payment processing, assist in decisions and use of the service, provide data subjects with a  customer service, studying the use of the platform by the data subject, provide the Braider with the information needed to provide the services and generate receipts and invoices for  services to be rendered. 

​

c) Security Purposes: We may use device, location, profile, usage, and other data to prevent  and detect malicious or unsafe activities, monitor all actions that could cause fraud, when  requested by any authority, administration, or court, collaborate with Public Authorities. 

​

d) Statistics and Research Purposes: We may analyze trends, purchase behavior and  characteristics, understand how you use our platform, send voluntary and anonymous  questionnaires, and surveys, competitions and communications of your interest and  conduct financial calculations. 

​

e) Marketing Purposes: We may carry out marketing, communications, research and  development activities, analyze how to improve our services, provide you with offers,  promotions, discounts, suggestions, carry out promotional activities for the delivery of  samples or free products, generate and provide you with receipts, inform you about any  incident on the App.

​

We specifically use account data, approximate location, device and usage data, preferred language,  and order history to provide ads and marketing communications that are personalized based on  users observed or inferred location, interests, and characteristics. 

​

This includes using this data to: 

• send emails, text messages, push notifications, and in-app messages or other  communications marketing or advertising Braiding Nairobi’s services, features, offers,  promotions, sweepstakes, news, and events. For example, we may send push notifications  suggesting a user’s favorite Braiders, or in-app messages offering discounts or promo for  products or Braiders similar to those a user has previously worked with. 

• display personalized advertising on third party apps or websites. 

• display third party advertising in connection with our services. For example, we may  display ads for Braiders or salons that are available on Braiding Nairobi’s app. These ads  include recommendations that are personalized based on users’ location and  order histories. 

​

f) Non-marketing Communications: Braiding Nairobi may use data to send surveys and  other communications that are not for the purpose of marketing the services or products of  Braiding Nairobi or its partners. 

​

g) Enabling Communication between Users: for example a user may message or call a  Braider to confirm a time, a Braider may call a user to retrieve a lost item, or provide  information about their order. Braiding Nairobi performs the above activities on the grounds that they are necessary to  fulfill the terms of our agreements with users. 

​

With whom do we share your Data?  

If you are a User, we may share your data with the following groups of recipients:  

 

a) The Braider(s) who conduct the task of braiding, haircuts and styling, hair coloring,  chemical treatments, natural hair services, hair extensions and weaves, scalp treatments,  special styling, hair care consultations, hair restoration and all other related services; 

​

b) The salons in charge of dispatching the Braiders to provide the aforementioned services; 

 

c) The Customer Care Services available to you including payment platforms and payment  service providers; 

​

d) Telecommunications service provider i.e., providers rendering satisfaction survey services;

 

e) Third parties associated with Braiding Nairobi for the purposes of commercial  communications; 

 

f) Insurance companies; 

 

g) Service providers for fraud control purposes;

 

h) Service providers for the anonymization of some data. 

 

i) Law enforcement  

 

j) State security forces, courts, mediation and arbitration bodies, governments for regulatory  matters; 

 

If you are a Braider or Applicant, we may share your data with different group of recipients: 

 

a) Advisers and consultants for the pursuit of accounting, labour, tax, insurance, legal and  technical activities; 

​

b) Government bodies e.g., tax authorities; 

​

c) State security forces, courts, mediation and arbitration bodies, governments for regulatory  matters; 

​

d) Users who have placed an order which you have agreed to conduct; 

​

e) External service providers that provide commercial offers with benefits and/or discounts  for you; 

​

 

In all cases Braiding Nairobi may share your data with the following third parties: 

• payment processors and facilitators, including Mpesa, debit and credit card facilitators.

• background check, identity verification and risk solutions providers. 

• cloud storage providers. 

• customer support platform and service providers. 

• Google in connection with the use of Google Maps in Braiding Nairobi’s apps. 

• marketing partners and marketing platform providers, including social media advertising  services, advertising networks, third-party data providers, and other service providers to  reach or better understand our users and measure advertising effectiveness. 

• research partners, including those performing surveys or research projects in partnership  with Braiding Nairobi. 

• service providers that assist Braiding Nairobi to enhance the safety and security of its app  and services. 

• accountants, consultants, lawyers, and other professional service providers. • insurance and financing partners. 

• insurance companies, in connection with insurance claims made or reported by a user  relating to Braiding Nairobi and for the purpose of adjusting or overseeing the  insurance claim. 

• Third parties in charge of the filing and management of computer data.

 

What are your personal data rights? 

​

You may exercise the following rights vis-à-vis Braiding Nairobi: 

​

a) The right of access to your personal data to know which data is being processed and the  processing operations conducted thereon; 

b) The right to correct any inaccuracies in relation to your personal data; 

c) The right to erasure your personal data, where possible; by sending us a data erasure  request. 

d) The right to request the restriction of processing of your personal data when the accuracy,  legality or need for processing of the data is in question, in which case we may retain the  data for the purpose of filing or defending claims. 

e) The right to request portability of your data to another service provider. We will give you  a copy of your data so that you can provide it to another service provider. If you request us  to do so and it is technically possible, we will transfer the data directly to that other service  provider on your behalf. 

f) The right to object to the processing of your data in order to resolve any query you may  have raised with us through the contact legalndeza@gmail.com. 

If you are the User, and you do not want to receive any marketing communications, you have the  right to unsubscribe to any marketing communication, by sending an e-mail or by using the link  provided for this purpose in every commercial communication. Please note that disabling Push  notifications will also prevent you from receiving notifications about the status of any order. 

 

Cookies and Third-Party Technologies 

 

Braiding Nairobi and its partners use cookies and other identification technologies on our app,  website, email, and online ads for purposes described in this notice. 

​

Cookies are small text files that are stored on browsers or devices by websites, apps, online media,  and ads. Uber uses cookies and similar technologies for purposes such as: 

​

• authenticating users 

• remembering user preferences and settings 

• determining the popularity of content 

• delivering and measuring the effectiveness of advertising campaigns 

• analyzing site traffic and trends and understanding the online behaviors and interests of  people who interact with our services. 

 

We may also allow third parties to provide audience measurement and analytics services for us, to  serve ads on our behalf across the internet or for other companies’ products and services on our  apps, and to track and report on the performance of those ads. These entities may use cookies, web beacons, SDKs, and other technologies to identify the devices used by visitors to our websites, as  well as when they visit other online sites and services. 

​

How Long Will We Keep Your Data?  

​

Braiding Nairobi retains user data for as long as necessary for the purposes described above.  Users may request account deletion through the Braiding Nairobi’s App and website. 

​

Braiding Nairobi retains user data for as long as necessary for the purposes described above, which  varies depending on data type, the category of user to whom the data relates, the purposes for  which we collected the data, and whether the data must be retained after an account deletion  request for the purposes described below. 

​

For example, we retain data: 

​

• for the life of users’ accounts if such data is necessary to provide our services. E.g.,  account data. 

• For 6 years if necessary for Braiding Nairobi to defend itself against personal civil  actions. 

• for 7 years if necessary for Braiding Nairobi to comply with accounting and tax  requirements. 

• for 10 to 15 years as necessary for documentation relating to prosecution of criminal  actions. 

 

Users may request deletion of their account through Braiding Nairobi’s website. Following an  account deletion request, we delete the user’s account and data, except as necessary for purposes  of safety, security, fraud prevention or compliance with legal requirements, or because of issues  relating to the user’s account such as an unresolved claim or dispute. 

For service providers i.e., Braiders and applicants this means that we retain certain of their data  for as long as necessary for actual or potential tax, litigation, or insurance claims. For users and  visitors, we delete data within 90 days of an account deletion request, except where retention is  necessary for the above reasons. 

​

Choice and Transparency 

​

Braiding Nairobi also enables users to request access to or copies of their data, make changes or  updates to their accounts, request deletion of their accounts, or request that Braiding Nairobi  restrict its processing of user data. Braiding Nairobi enables users to access and/or control data  that Uber collects, including through: 

​

1. Privacy Settings

Braiders and users can set or update their preferences regarding location data collection and  sharing, emergency data sharing through emailing legalndeza@gmail.com. 

 

2. Location Data Collection 

Braiders and Users can enable/disable Braiding Nairobi’s use of their mobile device location data  through their device. 

 

3. Share Live Location 

Braiders and Users can enable/disable Braiding Nairobi’s sharing of their mobile device real-time  location data with their Braiders or Users through their device settings. 

 

4. Notifications 

Users may enable or disable Braiding Nairobi to send push notifications about discounts and offers. 

 

5. Third-Party App Access 

Users may authorize third-party applications to access their Braiding Nairobi account data to  enable additional features. Users can review / withdraw access by third-party applications. 

 

6. Device Permissions 

Most mobile device platforms (iOS, Android, etc.) have defined certain types of device data that  apps cannot access without the device owner’s permission, and these platforms have different  methods for how that permission can be obtained. Users should check the available settings on  their devices or check with their provider. 

 

7. In-app Ratings Pages 

After every session, users and Braiders are able to rate each other on a scale from 1 to 5. An average  of those ratings is associated with a user’s or Braider’s account and is displayed to other Braiders/ users for whom they provide or receive services. For example, user ratings are available to Braiders from whom they request service and Braider ratings are available to the users. 

 

Cross Border Data Transfers 

​

When choosing service providers e.g. cloud service providers, Braiding Nairobi may transfer your  data outside the borders of the Republic of Kenya in such cases, Braiding Nairobi will ensure  before sending the data, that such service providers are in compliance with the standard clauses  and minimum security standards established by the Data Protection Act, 2019 and that they process  the data in accordance with Braiding Nairobi’s instructions based on the Data Protection Act, 2019. 

​

Basis and Instructions Regarding the International Data Transfer

​

Braiding Nairobi may have a contractual relationship with service providers under which they  agree to comply with Braiding Nairobi’s instructions and put in place the necessary security  measures to protect your data. 

Where Braiding Nairobi is compelled to conduct further processing by the Kenya law or any other  law to which it is subject, it shall inform the service provider of such legal requirements prior to  the processing. 

Braiding Nairobi may subsequently change, supplement, or replace the instructions initially given  to the service provider by means of individual instructions and is entitled to issue appropriate  instructions at any time. This includes, among other things, instructions regarding the correction,  deletion, and prohibition of data. All instructions issued shall be documented by both Braiding  Nairobi and the service provider. 

​

Requirements Directed to Service Providers  

​

Service providers may only collect, process, or use data pursuant to a master contract and in  accordance with Braiding Nairobi’s instructions. This applies in particular to the transfer of  personal data to a third country or an international organization. 

​

Data Controller 

​

Ndeza Collective Limited, Purple Haze Apartments, Dennis Pritt Road, Nairobi County P.O. Box  12645-00400 NAIROBI is controller of the data processed in connection with use and activities  of Braiding Nairobi globally. 

If our Data Subjects have any doubt concerning this Privacy Policy or want to obtain more  information on our data processing activities, they can contact our team at any time through this  email address: legalndeza@gmail.com. 

​

Possible Changes and Updates to the Privacy Policy 

​

We may occasionally update this notice. 

​

Due to the constant evolution of service provision by Braiding Nairobi, this Privacy Policy may  be subject to change or updates in the future.  

Use of our Platform after this Privacy Policy has been updated shall be deemed to constitute  consent by Data Subjects, in Kenya or outside Kenya to the updated or modified Privacy Policy to  the extent permitted by local law.  

Braiding Nairobi will notify the Data Subjects in advance in case of substantial changes and  modifications to the Privacy Policy by e-mail or through any other means that ensures its receipt.