Beadani

Privacy Policy

Last Updated: February 17, 2026

1. Introduction

Beadani ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services, in compliance with the Data Protection Act, 2019 (Laws of Kenya) and other applicable data protection regulations.

By using our website and services, you consent to the collection and use of your information as described in this Privacy Policy. If you do not agree with this policy, please do not use our website.

2. Data Controller Information

For the purposes of the Data Protection Act, 2019, the data controller is:

  • Business Name: Beadani
  • Registered Address: [Physical Address], Nairobi, Kenya
  • Email: privacy@beadani.co.ke
  • Phone: +254 XXX XXX XXX
  • Data Protection Officer: [Name and Contact Details]

3. Information We Collect

3.1 Personal Information You Provide

We collect information that you voluntarily provide to us when you:

  • Create an account on our website
  • Place an order for products
  • Subscribe to our newsletter
  • Contact our customer service team
  • Participate in surveys or promotions
  • Leave reviews or testimonials

This information may include:

  • Full name
  • Email address
  • Phone number (including M-Pesa registered number)
  • Delivery address
  • Billing information
  • Payment information (processed securely through third-party payment gateways)
  • Order history and preferences
  • Communication preferences

3.2 Information Automatically Collected

When you visit our website, we automatically collect certain information about your device and browsing activity, including:

  • IP address and device identifiers
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referring website addresses
  • Click patterns and navigation paths
  • Date and time of visits

3.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your browsing experience, analyze site traffic, and understand user preferences. You can control cookie settings through your browser preferences. For more information, please see our Cookie Policy section below.

3.4 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Payment processors (M-Pesa, card payment gateways)
  • Delivery and courier services
  • Analytics providers (e.g., Google Analytics, PostHog)
  • Social media platforms (if you connect your accounts)

4. How We Use Your Information

We process your personal information for the following purposes, in compliance with the Data Protection Act, 2019:

4.1 Order Processing and Fulfillment

  • Processing and fulfilling your orders
  • Processing payments and preventing fraud
  • Arranging delivery and shipping
  • Sending order confirmations and updates
  • Handling returns, exchanges, and refunds

Legal Basis: Performance of contract and legitimate business interests

4.2 Customer Service and Communication

  • Responding to your inquiries and support requests
  • Providing customer assistance
  • Resolving disputes and troubleshooting issues
  • Sending service-related announcements

Legal Basis: Performance of contract and legitimate business interests

4.3 Marketing and Promotional Communications

  • Sending newsletters and promotional offers
  • Informing you about new products and special deals
  • Personalizing marketing messages based on your preferences

Legal Basis: Your consent (you may opt-out at any time)

4.4 Website Improvement and Analytics

  • Analyzing website usage and user behavior
  • Improving our website functionality and user experience
  • Conducting research and analysis
  • Testing new features and services

Legal Basis: Legitimate business interests

4.5 Legal Compliance and Security

  • Complying with legal obligations and regulations
  • Detecting and preventing fraud, security breaches, and illegal activities
  • Enforcing our Terms and Conditions
  • Protecting the rights and safety of our business and customers

Legal Basis: Legal obligation and legitimate business interests

5. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your information with the following categories of recipients for the purposes described above:

5.1 Service Providers

  • Payment processors (M-Pesa, Safaricom, banks, card payment gateways)
  • Delivery and courier services
  • Website hosting and cloud storage providers
  • Email service providers
  • Customer support tools
  • Analytics platforms (Google Analytics, PostHog)

5.2 Legal and Regulatory Authorities

We may disclose your information to government authorities, law enforcement agencies, or other third parties when required by law or to:

  • Comply with legal obligations, court orders, or legal processes
  • Enforce our Terms and Conditions
  • Protect our rights, property, or safety, or that of our customers
  • Investigate fraud or security issues

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the successor entity. We will notify you of any such change and the choices you may have regarding your information.

5.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

6. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • SSL/TLS encryption for data transmission
  • Secure payment processing through certified payment gateways
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Employee training on data protection and confidentiality
  • Regular backups and disaster recovery procedures

However, please note that no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods include:

  • Account information: Retained for the duration of your account plus 7 years for tax and legal compliance purposes
  • Order and transaction data: Retained for 7 years in compliance with Kenyan tax laws
  • Marketing communications: Retained until you unsubscribe or withdraw consent
  • Website analytics data: Retained for 26 months (Google Analytics default)

When personal information is no longer needed, we will securely delete or anonymize it in accordance with our data retention policy and applicable laws.

8. Your Rights Under the Data Protection Act, 2019

Under the Kenya Data Protection Act, 2019, you have the following rights regarding your personal information:

8.1 Right of Access

You have the right to request access to the personal information we hold about you and obtain a copy of your data.

8.2 Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

8.3 Right to Erasure ("Right to be Forgotten")

You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purposes for which it was collected.

8.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal information in certain circumstances.

8.5 Right to Data Portability

You have the right to request that we transfer your personal information to another organization or provide it to you in a structured, commonly used, and machine-readable format.

8.6 Right to Object

You have the right to object to the processing of your personal information for direct marketing purposes or where we process your data based on legitimate interests.

8.7 Right to Withdraw Consent

Where we process your personal information based on your consent, you have the right to withdraw that consent at any time.

8.8 How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@beadani.co.ke or write to our Data Protection Officer at the address provided in Section 2. We will respond to your request within 21 days as required by the Data Protection Act, 2019.

8.9 Right to Complain

If you believe we have not handled your personal information properly or you are not satisfied with our response to any request you have made to us regarding your personal data, you have the right to lodge a complaint with the Office of the Data Protection Commissioner of Kenya:

  • Office of the Data Protection Commissioner
  • Uhuru Highway, Teleposta Towers, 7th Floor
  • P.O. Box 24950-00100, Nairobi, Kenya
  • Email: info@odpc.go.ke
  • Phone: +254 20 2628 100
  • Website: www.odpc.go.ke

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

Cookies are small text files that are placed on your device when you visit our website. They help us provide you with a better browsing experience and allow certain features to function.

9.2 Types of Cookies We Use

  • Essential Cookies: Necessary for the website to function properly (e.g., shopping cart, authentication)
  • Performance Cookies: Help us understand how visitors use our website through analytics tools like Google Analytics and PostHog
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Track your activity to deliver personalized advertisements (used with your consent)

9.3 Managing Cookies

You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. Most browsers allow you to:

  • View and delete cookies
  • Block cookies from specific websites
  • Block all third-party cookies
  • Clear all cookies when you close your browser

10. Third-Party Links and Services

Our website may contain links to third-party websites, plugins, and applications (such as social media platforms, payment gateways, and delivery services). We are not responsible for the privacy practices or content of these third parties. We encourage you to read the privacy policies of any third-party services you interact with.

11. Children's Privacy

Our website and services are not intended for children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately, and we will delete such information from our records.

12. International Data Transfers

Your personal information is primarily stored and processed within Kenya. However, some of our service providers may be located outside Kenya. When we transfer your data internationally, we ensure appropriate safeguards are in place in compliance with the Data Protection Act, 2019, such as:

  • Standard contractual clauses
  • Transfers to countries with adequate data protection laws
  • Your explicit consent for the transfer

13. Marketing Communications

13.1 Opting In

We will only send you marketing communications if you have opted in to receive them. You can opt in by:

  • Checking the marketing consent box during account creation
  • Subscribing to our newsletter
  • Consenting through other marketing signup forms

13.2 Opting Out

You can opt out of marketing communications at any time by:

  • Clicking the "unsubscribe" link in any marketing email
  • Updating your communication preferences in your account settings
  • Contacting us directly at privacy@beadani.co.ke

Please note that even if you opt out of marketing communications, we may still send you service-related messages (order confirmations, shipping updates, etc.).

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending you an email notification (for significant changes)
  • Displaying a prominent notice on our website

We encourage you to review this Privacy Policy periodically. Your continued use of our website after changes are posted constitutes your acceptance of the updated policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact us:

  • Email: privacy@beadani.co.ke
  • Phone: +254 XXX XXX XXX
  • Address: [Physical Address], Nairobi, Kenya
  • Data Protection Officer: [Name and Contact Details]

We aim to respond to all legitimate requests within 21 days as required by the Data Protection Act, 2019.