Masimu.com ("we," "us," or "our") operates the website www.masimu.com (the "Website"). Your privacy is important to us, and we are dedicated to handling your personal information responsibly and securely in compliance with the Kenyan Data Protection Act (2019). This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our Website, make a purchase, or use our services, including our AI recommendation tool, Masimu Ai.

1. Information We Collect

We gather information through various interactions with you and our Website. This includes:

1.1 Personal Information

This is data that can identify you personally, which we collect when you place orders, create an account, contact us, or use Masimu Ai. It includes:

• Contact Information: Your name, email address, phone number, and delivery address.
• Payment Information: Details required to process your purchase. Please note that all credit and debit card transactions are securely processed by our trusted payment partner, IntaSend (intasend.com). We do not store your full credit or debit card details on our servers.
• Account Information: Your username, password, and other details you provide when setting up an account.
• AI Interaction Data: Preferences, budget constraints, and usage requirements you voluntarily provide to Masimu Ai to generate personalized device recommendations.
• Order History: A record of the products and services you have purchased or inquired about.

1.2 Non-Personal Information

This is data that does not directly identify you. We collect it automatically to improve our Website and services. It includes:

• Browsing Data: Your IP address, browser type, operating system, and the pages you visit on our site.
• Usage Data: Information on how you interact with our Website, such as products you view, search terms, Masimu Ai query patterns, and time spent on different sections.
• Device Information: The type of device you use to access our Website and its unique identifiers.

1.3 Information from Third Parties

We may receive information about you from trusted third parties, such as:

• Payment Processors: Transaction confirmations and payment metadata from our payment gateway, IntaSend, and mobile money providers (e.g., M-Pesa).
• Analytics Providers: Aggregated, anonymized data on website traffic and user behavior from services like Google Analytics.

2. How We Use Your Information

We use the information we collect for the following legitimate business purposes:

• To Fulfill Your Orders: To process your payments securely via IntaSend or mobile money, arrange for shipping, and provide you with order confirmations and invoices.
• To Provide AI Recommendations: To process your inputs through Masimu Ai and generate personalized, relevant device suggestions based on your stated needs, budget, and preferences.
• To Provide Customer Service: To respond to your inquiries, manage warranty claims, and offer technical support.
• For Marketing: To send you promotional emails about new products, special offers, and updates. You can opt out of these communications at any time.
• To Improve Our Website: To analyze how our Website and Masimu Ai are used so we can enhance the user experience, content, and services.
• For Security and Legal Compliance: To detect and prevent fraud, and to comply with applicable laws and regulations in the Republic of Kenya.

3. How We Share Your Information

We do not sell your personal information. We may share it only in the following situations:

• With Service Providers: We share necessary information with trusted partners who help us operate our Website, process payments, and deliver your orders (e.g., courier companies, mobile money providers, and IntaSend for secure card processing).
• For Legal Reasons: When required by law, regulation, or legal process, we may disclose information to authorities, such as the Office of the Data Protection Commissioner (ODPC) in Kenya.
• Business Transfers: In the event of a merger, sale, or transfer of our assets, your information may be transferred to the new owner, subject to the same privacy commitments.

4. Cookies and Tracking Technologies

We use cookies (small text files stored on your device) to remember your preferences, understand how our Website is used, and personalize your experience. You can control cookie settings through your browser, though disabling them may limit some website features, including certain functionalities of Masimu Ai.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. By utilizing PCI-DSS compliant payment gateways like IntaSend, we ensure that your financial data is encrypted and handled according to the highest international security standards. While we strive to protect your information, no internet-based service can be guaranteed 100% secure.

6. Your Rights and Choices

Under the Kenyan Data Protection Act (2019), you have specific rights regarding your personal information, including the right to:

• Access the personal data we hold about you.
• Correct any inaccurate or incomplete information.
• Request Deletion of your personal data, subject to our legal and tax obligations.
• Object to or Restrict the processing of your data for marketing or AI personalization purposes.
• Opt-Out of marketing communications by using the "unsubscribe" link in our emails or by contacting us directly.

To exercise these rights, please contact us at [email protected]. We will respond to your request within the timeframe mandated by Kenyan law.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations (such as Kenya Revenue Authority tax and accounting laws), resolve disputes, and enforce our agreements.

8. Third-Party Links

Our Website may contain links to third-party sites, such as external payment gateways (like IntaSend) or manufacturer warranty portals. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their respective privacy policies (e.g., IntaSend's Privacy Policy) before providing them with any personal data.

9. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware of such collection, we will take immediate steps to delete the information.

10. Changes to This Privacy Policy

We may update this policy periodically to reflect changes in our practices or legal requirements. The "Last Updated" date at the top will reflect any changes. We will notify you of significant updates by posting a prominent notice on our Website or via email.

11. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact our Data Protection Officer (or representative) at: