Introduction
Welcome to Ebiiz ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our business management platform and related services.
Quick Summary
- We collect only the data necessary to provide our services
- Your business data is encrypted and never sold
- You have full control over your data and can export or delete it anytime
- We comply with GDPR, CCPA, and other privacy regulations
By using our services, you agree to the collection and use of information in accordance with this policy. Please read this Privacy Policy carefully to understand our practices regarding your personal data.
Information We Collect
Information You Provide Directly
We collect information that you voluntarily provide when you:
- Create an Account: Name, email address, phone number, company name, and password
- Set Up Your Business: Business type, address, tax information, and operational preferences
- Use Our Features: Inventory data, sales transactions, customer records, and financial information
- Make Payments: Billing address and payment method details (processed securely through third-party providers)
- Contact Support: Any information you share in support requests or feedback
Information Collected Automatically
When you access our platform, we automatically collect:
- Device Information: Browser type, operating system, device identifiers
- Usage Data: Pages visited, features used, time spent, and interaction patterns
- Log Data: IP address, access times, referring URLs, and error logs
- Location Data: General geographic location based on IP address
Information from Third Parties
We may receive information from:
- Payment processors (transaction confirmations)
- Analytics providers (aggregated usage data)
- Business partners (referral information)
How We Use Your Information
Provide Services
Process transactions, manage inventory, generate reports, and deliver core platform functionality.
Improve Platform
Analyze usage patterns to enhance features, fix issues, and develop new functionality.
Communicate
Send service updates, security alerts, support responses, and optional marketing communications.
Ensure Security
Detect fraud, prevent abuse, protect against security threats, and maintain platform integrity.
Legal Bases for Processing (GDPR)
We process your data based on:
- Contract Performance: Processing necessary to provide our services
- Legitimate Interests: Improving services, preventing fraud, marketing
- Legal Compliance: Meeting regulatory and legal obligations
- Consent: Where you've given explicit permission (e.g., marketing emails)
Data Sharing & Disclosure
Your business data is yours. We do not sell, rent, or trade your personal or business information to third parties for marketing purposes.
We may share information with:
- Service Providers: Cloud hosting, payment processing, email delivery, and analytics services that help us operate
- Business Transfers: In connection with a merger, acquisition, or sale of assets (you would be notified)
- Legal Requirements: When required by law, court order, or government request
- Protection: To protect the rights, property, and safety of Ebiiz, our users, or the public
Data Security
We implement industry-leading security measures to protect your data:
256-bit SSL Encryption
All data transmitted between your browser and our servers is encrypted using TLS 1.3
Secure Data Centers
Data hosted in SOC 2 Type II certified facilities with 24/7 monitoring
Access Controls
Multi-factor authentication, role-based access, and audit logging
Regular Audits
Continuous security monitoring, penetration testing, and vulnerability assessments
Data Retention
We retain your information for as long as necessary to:
- Provide our services while your account is active
- Comply with legal and regulatory obligations
- Resolve disputes and enforce agreements
- Maintain business records as required by law
When you close your account, we will:
- Delete your personal data within 30 days
- Retain anonymized business data for analytics (if consented)
- Keep required financial records as mandated by law (typically 7 years)
Your Privacy Rights
Depending on your location, you may have the following rights:
Right to Access
Request a copy of all personal data we hold about you
Right to Rectification
Correct any inaccurate or incomplete information
Right to Erasure
Request deletion of your personal data ("right to be forgotten")
Right to Portability
Export your data in a machine-readable format
Right to Object
Opt out of certain processing activities, including marketing
Right to Restrict
Limit how we use your data in certain circumstances
To exercise any of these rights, please contact us at sales@ebiiz.com. We will respond within 30 days.
International Data Transfers
Your data may be processed in countries other than your own. When we transfer data internationally, we ensure adequate protection through:
- Standard Contractual Clauses (SCCs) approved by the EU Commission
- Data processing agreements with all service providers
- Compliance with the EU-US Data Privacy Framework (where applicable)
Children's Privacy
Our services are designed for business use and are not intended for children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.
Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes:
- We will notify you via email and/or in-app notification
- The "Last Updated" date at the top will be revised
- Continued use of our services after changes constitutes acceptance
Contact Us
If you have questions about this Privacy Policy or our data practices, please contact:
Ebiiz Privacy Team
- sales@ebiiz.com
- +254 700 000 900