K
KAZNOVA
Legal

Privacy Policy

Last updated: January 2026

1. Introduction

Kaznova ("we", "our", "us") is committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your data when you use our platform at kaznova.app, in compliance with Tanzania's Personal Data Protection Act (PDPA) and applicable regulations.

2. Data We Collect

  • Account Information: Full name, email address, phone number (+255), and profile photo when you register.
  • Payment Data: M-Pesa transaction references, Tigo Pesa/Airtel Money references, and card payment tokens (we never store full card numbers). All payment processing is handled by PCI-DSS compliant processors.
  • Provider Verification Data: National ID, business registration documents, professional certificates, and KYC documents submitted during provider verification.
  • Usage Data: Pages visited, search queries, booking history, and device information for service improvement.
  • Location Data: City-level location for service matching (we do not track precise GPS without explicit consent).

3. How We Use Your Data

  • To provide, operate, and improve the Kaznova marketplace
  • To process bookings and payments securely
  • To verify provider identities and credentials
  • To send booking confirmations and service updates via SMS and email
  • To resolve disputes and provide customer support
  • To comply with Tanzanian legal and regulatory requirements

4. Data Sharing

We do not sell your personal data. We share data only with:

  • Service providers you book (limited to what's needed for the booking)
  • Payment processors (M-Pesa/Vodacom, Tigo Pesa, Airtel Money, Stripe) for transaction processing
  • Twilio for SMS OTP verification
  • Supabase for secure data storage (servers in EU/US with data processing agreements)
  • Tanzanian regulatory authorities when legally required

5. Your Rights (PDPA)

Under Tanzania's Personal Data Protection Act, you have the right to:

  • Access your personal data we hold
  • Correct inaccurate data
  • Request deletion of your account and data
  • Object to processing of your data for marketing
  • Data portability — receive your data in a machine-readable format

To exercise these rights, contact us at privacy@kaznova.app

6. Data Security

We use industry-standard encryption (TLS 1.3), httpOnly cookies for authentication tokens, and role-based access controls. Provider KYC documents are stored in encrypted, access-controlled storage.

7. Cookies

We use essential cookies for authentication and session management. We do not use third-party advertising cookies. You can manage cookie preferences in your browser settings.

8. Contact

For privacy inquiries: privacy@kaznova.app | Kaznova Ltd, Dar es Salaam, Tanzania