Privacy policy
Welcome to Braiding Nairobi - the app! Before you get started, please take a moment to review our Privacy Policy. Your use of our platform is subject to this policy to ensure a safe and enjoyable experience for everyone. When you use Braiding Nairobi, you trust us with your personal data. We are committed to keeping that trust. That starts with helping you understand our privacy practices.
This notice describes the personal data (“data”) we collect, how it is used and shared, and your choices regarding this data.
Privacy Policy
Last Updated: Apr. 16, 2024
​
Scope
​
Braiding Nairobi is committed to respecting Users/Applicants/ Braiders/ Visitors/ Prospects’/ Website Visitors’ (jointly named hereinafter as the “Data Subjects”) privacy and protecting their Personal data. In this sense, the aim of this Privacy Policy is to inform Data Subjects about Ndeza Collective's processing activities, related to its brand, Braiding Nairobi, as per the Data Protection Act, 2019.
​
The purpose of the Privacy Policy
​
This Privacy Policy notice describes how Braiding Nairobi collects and processes personal data, the different stakeholders involved in this processing as well as our Data Subjects rights with regard to their data. We recommend that all stakeholders involved in the processing as well as Data Subjects read it carefully and on a frequent basis to fully understand this along with our privacy overview, which highlights key points about our current privacy practices.
​
Definitions
​
This notice applies to all data subjects and specifically applies to:
Users: Those who request or receive services including; braiding, haircuts and styling, hair coloring, chemical treatments, natural hair services, hair extensions and weaves, scalp treatments, special styling, hair care consultations, hair restoration and all other related services via their Braiding Nairobi account.
Braiders: Those who provide the aforementioned services individually or through a salon via their Braiding Nairobi account.
Applicants: Those who apply to use the application or website as service providers/ Braiders and are awaiting vetting and approval to gain access.
Visitors: Individuals who access the Braiding Nairobi website or download the app for the purpose of browsing its content, features, or services without or without necessarily engaging in further interaction or transactions.
Data Protection Rights:
​
As a data subject, your rights related to personal data include right of access, right to rectification, right to erasure, right to object to processing, right to object to profiling, right to unsubscribe to any marketing communication.
​
What Kinds of Data do we Collect?
​
Braiding Nairobi collects various types of data about its users:
​
1) Directly Supplied Information by Users:
​
a) Registration Data: Information provided during account creation, including; username, service address, phone number and email.
b) User Profile Information: Details added to the platform for service use, such as mobile number and delivery address.
c) Payment Information: Data provided for order processing, including card details processed by electronic payment service providers and MPESA number information. d) Additional Information: Any extra data supplied to Braiding Nairobi like photographs or billing addresses.
e) Previous Communications: Information shared with Braiding Nairobi or the Braiders for query or complaint resolution.
f) Accident Information: Data of involved parties for insurance claims. g) Conversations with Braiding Nairobi: Transcripts and recordings for service quality and security.
h) Communications between users: Exchanges on the chat system, accessed by Braiding Nairobi only when necessary.
i) Additional User Input: Any other information provided in requests, comments, or questions.
2) Indirectly Supplied Information:
a) Data From Platform Use: Information collected during user interaction.
b) Device and Application Data: Details about the device and application used, including IP address, and browsing history.
c) User Origin Data: Source information if arriving through external links. d) Incident Management Data: Messages received and stored for managing current or future incidents.
e) Cookie Data: Use of cookies for user browsing and statistical purposes. f) Geolocation Data: Collection of location data with user authorization.
g) Data from External Third Parties: Personal data obtained from third parties with user consent, such as Facebook or Google accounts, and messages from social media networks.
For which purpose do we use your data?
​
As a data subject may use your data for:
​
a) Legal Purposes: In the event of fraud and crimes committed on our App; to comply with legal regulations; manage your requests, to file and/or defend any claims and legal actions.
• Braiding Nairobi may share users’ data if we believe it is required by applicable law, regulation, operating license or agreement, legal process or governmental request, insurance policy, or where the disclosure is otherwise appropriate due to safety or similar concerns.
• This includes sharing data with law enforcement officials, public health officials, other government authorities, insurance companies, or other third parties as necessary to enforce our Terms of Service, user agreements, or other policies; to protect Braiding Nairobi’s rights or property or the rights, safety, or property of others; or in the event of a claim or dispute relating to the use of our services.
• This also includes sharing data with others in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
​
b) Contractual Purposes: We may use your data to grant the data subjects possibility to create their own accounts, locate the nearest Braider or salon to each data subject, perform payment processing, assist in decisions and use of the service, provide data subjects with a customer service, studying the use of the platform by the data subject, provide the Braider with the information needed to provide the services and generate receipts and invoices for services to be rendered.
​
c) Security Purposes: We may use device, location, profile, usage, and other data to prevent and detect malicious or unsafe activities, monitor all actions that could cause fraud, when requested by any authority, administration, or court, collaborate with Public Authorities.
​
d) Statistics and Research Purposes: We may analyze trends, purchase behavior and characteristics, understand how you use our platform, send voluntary and anonymous questionnaires, and surveys, competitions and communications of your interest and conduct financial calculations.
​
e) Marketing Purposes: We may carry out marketing, communications, research and development activities, analyze how to improve our services, provide you with offers, promotions, discounts, suggestions, carry out promotional activities for the delivery of samples or free products, generate and provide you with receipts, inform you about any incident on the App.
​
We specifically use account data, approximate location, device and usage data, preferred language, and order history to provide ads and marketing communications that are personalized based on users observed or inferred location, interests, and characteristics.
​
This includes using this data to:
• send emails, text messages, push notifications, and in-app messages or other communications marketing or advertising Braiding Nairobi’s services, features, offers, promotions, sweepstakes, news, and events. For example, we may send push notifications suggesting a user’s favorite Braiders, or in-app messages offering discounts or promo for products or Braiders similar to those a user has previously worked with.
• display personalized advertising on third party apps or websites.
• display third party advertising in connection with our services. For example, we may display ads for Braiders or salons that are available on Braiding Nairobi’s app. These ads include recommendations that are personalized based on users’ location and order histories.
​
f) Non-marketing Communications: Braiding Nairobi may use data to send surveys and other communications that are not for the purpose of marketing the services or products of Braiding Nairobi or its partners.
​
g) Enabling Communication between Users: for example a user may message or call a Braider to confirm a time, a Braider may call a user to retrieve a lost item, or provide information about their order. Braiding Nairobi performs the above activities on the grounds that they are necessary to fulfill the terms of our agreements with users.
​
With whom do we share your Data?
If you are a User, we may share your data with the following groups of recipients:
a) The Braider(s) who conduct the task of braiding, haircuts and styling, hair coloring, chemical treatments, natural hair services, hair extensions and weaves, scalp treatments, special styling, hair care consultations, hair restoration and all other related services;
​
b) The salons in charge of dispatching the Braiders to provide the aforementioned services;
c) The Customer Care Services available to you including payment platforms and payment service providers;
​
d) Telecommunications service provider i.e., providers rendering satisfaction survey services;
e) Third parties associated with Braiding Nairobi for the purposes of commercial communications;
f) Insurance companies;
g) Service providers for fraud control purposes;
h) Service providers for the anonymization of some data.
i) Law enforcement
j) State security forces, courts, mediation and arbitration bodies, governments for regulatory matters;
If you are a Braider or Applicant, we may share your data with different group of recipients:
a) Advisers and consultants for the pursuit of accounting, labour, tax, insurance, legal and technical activities;
​
b) Government bodies e.g., tax authorities;
​
c) State security forces, courts, mediation and arbitration bodies, governments for regulatory matters;
​
d) Users who have placed an order which you have agreed to conduct;
​
e) External service providers that provide commercial offers with benefits and/or discounts for you;
​
In all cases Braiding Nairobi may share your data with the following third parties:
• payment processors and facilitators, including Mpesa, debit and credit card facilitators.
• background check, identity verification and risk solutions providers.
• cloud storage providers.
• customer support platform and service providers.
• Google in connection with the use of Google Maps in Braiding Nairobi’s apps.
• marketing partners and marketing platform providers, including social media advertising services, advertising networks, third-party data providers, and other service providers to reach or better understand our users and measure advertising effectiveness.
• research partners, including those performing surveys or research projects in partnership with Braiding Nairobi.
• service providers that assist Braiding Nairobi to enhance the safety and security of its app and services.
• accountants, consultants, lawyers, and other professional service providers. • insurance and financing partners.
• insurance companies, in connection with insurance claims made or reported by a user relating to Braiding Nairobi and for the purpose of adjusting or overseeing the insurance claim.
• Third parties in charge of the filing and management of computer data.
What are your personal data rights?
​
You may exercise the following rights vis-à-vis Braiding Nairobi:
​
a) The right of access to your personal data to know which data is being processed and the processing operations conducted thereon;
b) The right to correct any inaccuracies in relation to your personal data;
c) The right to erasure your personal data, where possible; by sending us a data erasure request.
d) The right to request the restriction of processing of your personal data when the accuracy, legality or need for processing of the data is in question, in which case we may retain the data for the purpose of filing or defending claims.
e) The right to request portability of your data to another service provider. We will give you a copy of your data so that you can provide it to another service provider. If you request us to do so and it is technically possible, we will transfer the data directly to that other service provider on your behalf.
f) The right to object to the processing of your data in order to resolve any query you may have raised with us through the contact legalndeza@gmail.com.
If you are the User, and you do not want to receive any marketing communications, you have the right to unsubscribe to any marketing communication, by sending an e-mail or by using the link provided for this purpose in every commercial communication. Please note that disabling Push notifications will also prevent you from receiving notifications about the status of any order.
Cookies and Third-Party Technologies
Braiding Nairobi and its partners use cookies and other identification technologies on our app, website, email, and online ads for purposes described in this notice.
​
Cookies are small text files that are stored on browsers or devices by websites, apps, online media, and ads. Uber uses cookies and similar technologies for purposes such as:
​
• authenticating users
• remembering user preferences and settings
• determining the popularity of content
• delivering and measuring the effectiveness of advertising campaigns
• analyzing site traffic and trends and understanding the online behaviors and interests of people who interact with our services.
We may also allow third parties to provide audience measurement and analytics services for us, to serve ads on our behalf across the internet or for other companies’ products and services on our apps, and to track and report on the performance of those ads. These entities may use cookies, web beacons, SDKs, and other technologies to identify the devices used by visitors to our websites, as well as when they visit other online sites and services.
​
How Long Will We Keep Your Data?
​
Braiding Nairobi retains user data for as long as necessary for the purposes described above. Users may request account deletion through the Braiding Nairobi’s App and website.
​
Braiding Nairobi retains user data for as long as necessary for the purposes described above, which varies depending on data type, the category of user to whom the data relates, the purposes for which we collected the data, and whether the data must be retained after an account deletion request for the purposes described below.
​
For example, we retain data:
​
• for the life of users’ accounts if such data is necessary to provide our services. E.g., account data.
• For 6 years if necessary for Braiding Nairobi to defend itself against personal civil actions.
• for 7 years if necessary for Braiding Nairobi to comply with accounting and tax requirements.
• for 10 to 15 years as necessary for documentation relating to prosecution of criminal actions.
Users may request deletion of their account through Braiding Nairobi’s website. Following an account deletion request, we delete the user’s account and data, except as necessary for purposes of safety, security, fraud prevention or compliance with legal requirements, or because of issues relating to the user’s account such as an unresolved claim or dispute.
For service providers i.e., Braiders and applicants this means that we retain certain of their data for as long as necessary for actual or potential tax, litigation, or insurance claims. For users and visitors, we delete data within 90 days of an account deletion request, except where retention is necessary for the above reasons.
​
Choice and Transparency
​
Braiding Nairobi also enables users to request access to or copies of their data, make changes or updates to their accounts, request deletion of their accounts, or request that Braiding Nairobi restrict its processing of user data. Braiding Nairobi enables users to access and/or control data that Uber collects, including through:
​
1. Privacy Settings
Braiders and users can set or update their preferences regarding location data collection and sharing, emergency data sharing through emailing legalndeza@gmail.com.
2. Location Data Collection
Braiders and Users can enable/disable Braiding Nairobi’s use of their mobile device location data through their device.
3. Share Live Location
Braiders and Users can enable/disable Braiding Nairobi’s sharing of their mobile device real-time location data with their Braiders or Users through their device settings.
4. Notifications
Users may enable or disable Braiding Nairobi to send push notifications about discounts and offers.
5. Third-Party App Access
Users may authorize third-party applications to access their Braiding Nairobi account data to enable additional features. Users can review / withdraw access by third-party applications.
6. Device Permissions
Most mobile device platforms (iOS, Android, etc.) have defined certain types of device data that apps cannot access without the device owner’s permission, and these platforms have different methods for how that permission can be obtained. Users should check the available settings on their devices or check with their provider.
7. In-app Ratings Pages
After every session, users and Braiders are able to rate each other on a scale from 1 to 5. An average of those ratings is associated with a user’s or Braider’s account and is displayed to other Braiders/ users for whom they provide or receive services. For example, user ratings are available to Braiders from whom they request service and Braider ratings are available to the users.
Cross Border Data Transfers
​
When choosing service providers e.g. cloud service providers, Braiding Nairobi may transfer your data outside the borders of the Republic of Kenya in such cases, Braiding Nairobi will ensure before sending the data, that such service providers are in compliance with the standard clauses and minimum security standards established by the Data Protection Act, 2019 and that they process the data in accordance with Braiding Nairobi’s instructions based on the Data Protection Act, 2019.
​
Basis and Instructions Regarding the International Data Transfer
​
Braiding Nairobi may have a contractual relationship with service providers under which they agree to comply with Braiding Nairobi’s instructions and put in place the necessary security measures to protect your data.
Where Braiding Nairobi is compelled to conduct further processing by the Kenya law or any other law to which it is subject, it shall inform the service provider of such legal requirements prior to the processing.
Braiding Nairobi may subsequently change, supplement, or replace the instructions initially given to the service provider by means of individual instructions and is entitled to issue appropriate instructions at any time. This includes, among other things, instructions regarding the correction, deletion, and prohibition of data. All instructions issued shall be documented by both Braiding Nairobi and the service provider.
​
Requirements Directed to Service Providers
​
Service providers may only collect, process, or use data pursuant to a master contract and in accordance with Braiding Nairobi’s instructions. This applies in particular to the transfer of personal data to a third country or an international organization.
​
Data Controller
​
Ndeza Collective Limited, Purple Haze Apartments, Dennis Pritt Road, Nairobi County P.O. Box 12645-00400 NAIROBI is controller of the data processed in connection with use and activities of Braiding Nairobi globally.
If our Data Subjects have any doubt concerning this Privacy Policy or want to obtain more information on our data processing activities, they can contact our team at any time through this email address: legalndeza@gmail.com.
​
Possible Changes and Updates to the Privacy Policy
​
We may occasionally update this notice.
​
Due to the constant evolution of service provision by Braiding Nairobi, this Privacy Policy may be subject to change or updates in the future.
Use of our Platform after this Privacy Policy has been updated shall be deemed to constitute consent by Data Subjects, in Kenya or outside Kenya to the updated or modified Privacy Policy to the extent permitted by local law.
Braiding Nairobi will notify the Data Subjects in advance in case of substantial changes and modifications to the Privacy Policy by e-mail or through any other means that ensures its receipt.