Privacy Policy
How we protect and handle your personal information
Our Commitment to Privacy
At Serenos Daily Dose Watamu, we take your privacy seriously. This policy describes how we collect, use, and protect your personal information when you use our website, mobile app, and services. By using our services, you consent to the data practices described in this policy.
Information We Collect
1. Information You Provide
| Category | Examples | Purpose |
|---|---|---|
| Account Information | Name, email, phone number, password | Account creation, login, order history |
| Delivery Information | Full address, delivery instructions, location data | Order delivery, route optimization |
| Payment Information | M-Pesa number, card details (processed securely by third parties) | Payment processing, refunds |
| Order Details | Food preferences, special instructions, order history | Order fulfillment, recommendations |
| Communications | Messages, feedback, reviews | Customer support, service improvement |
2. Information Collected Automatically
- Device Information: IP address, browser type, operating system
- Usage Data: Pages visited, time spent, clicks, navigation patterns
- Location Data: Approximate location based on IP or precise location if you enable sharing
- Cookies: Small files stored on your device to enhance user experience
3. Information from Third Parties
- Payment Processors: Transaction confirmations, fraud detection
- Delivery Partners: Delivery status updates, GPS tracking
- Social Media: If you connect via social media, we may receive profile information
How We Use Your Information
Process your orders, send confirmations, and arrange delivery
Handle M-Pesa and card transactions securely
Share location with delivery partners for accurate delivery
Respond to inquiries, resolve issues, and provide assistance
Analyze usage patterns to improve our website and services
Send promotional offers (with your consent, opt-out anytime)
Payment Information Security
M-Pesa Transactions
When you pay with M-Pesa:
- Your M-Pesa number is used only for that transaction
- We do not store your M-Pesa PIN or transaction password
- All M-Pesa transactions are processed through Safaricom's secure API
- Transaction records are kept for order verification and refund purposes
Card Payments
For credit/debit card payments:
- We use PCI-DSS compliant payment gateways (Stripe, etc.)
- Your full card details are never stored on our servers
- Payment pages are encrypted with SSL/TLS technology
- We receive only transaction confirmation and last 4 digits for reference
Location Information
How We Use Your Location
- Delivery Address: To deliver your order to the correct location
- Real-time Tracking: To provide accurate delivery ETAs and track your order
- Service Area: To verify if we can deliver to your location
Your Choices
- You can manually enter your address instead of sharing precise location
- You can disable location services in your browser or device settings
- Location data is not stored permanently - used only during active orders
Cookie Policy
We use cookies and similar technologies to enhance your experience. Here's how:
Types of Cookies We Use
| Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Session management, cart contents, login status | Session / Persistent |
| Functional Cookies | Remember preferences, currency selection | 1 year |
| Analytics Cookies | Google Analytics, usage patterns | 2 years |
| Marketing Cookies | Personalized ads, retargeting | 90 days |
You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.
When We Share Your Information
We share your information only in these limited circumstances:
Delivery Partners
Your name, phone number, and delivery address for order delivery
Payment Processors
Payment details for transaction processing (PCI compliant)
Analytics Providers
Anonymous usage data to improve our services
Legal Requirements
When required by law or to protect our rights
We never sell your personal information to third parties.
Your Privacy Rights
You have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Update or correct inaccurate information
- Deletion: Request deletion of your account and associated data
- Opt-out: Unsubscribe from marketing communications anytime
- Data Portability: Receive your data in a structured format
- Withdraw Consent: Withdraw previously given consent
Data Retention
We retain your information for as long as necessary to:
- Provide you with services and maintain your account
- Comply with legal obligations (tax, record-keeping laws)
- Resolve disputes and enforce agreements
- Improve and develop new services
Typically:
- Account Information: Until account deletion + 30 days backup
- Order History: 5 years (for tax and legal requirements)
- Payment Records: 7 years (financial regulations)
- Marketing Preferences: Until opt-out or account deletion
Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you are a parent or guardian and believe your child has provided us with personal information, please contact us to have it removed.
Minors between 13-17 may use our services only with parental consent and supervision.
Security Measures
We implement industry-standard security measures to protect your data:
International Data Transfers
Your information may be transferred to and processed in countries other than Kenya where our service providers operate. We ensure appropriate safeguards are in place to protect your data in accordance with this policy.
When we transfer data internationally, we rely on:
- Standard contractual clauses approved by data protection authorities
- Adequacy decisions for countries with equivalent data protection laws
- Binding corporate rules where applicable
Changes to This Policy
We may update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes:
- We'll notify you by email (if you have an account)
- Post a notice on our website
- Update the "Last Updated" date at the bottom of this page
We encourage you to review this policy regularly to stay informed about how we protect your information.
Contact Our Privacy Team
If you have questions, concerns, or requests regarding your privacy, please contact us:
Data Protection Officer: John Kuira