Data Handling
Privacy, security, and responsible data use
This page summarizes how Faidika ERP collects, uses, stores, shares, and protects personal and business data across web, mobile, and integrations.
Privacy Policy & Data Handling
Security-first by design. Privacy by obligation. Compliance by default.
Faidika ERP is committed to protecting the privacy, confidentiality, and security of personal and business data entrusted to us. This policy explains how we collect, use, store, share, and protect data across web, mobile apps, APIs, and related services.
Personal data
Business data
Transactional data
Web • Mobile • APIs
Non-negotiables
We do not sell personal data. Access is restricted through role-based controls and auditing.
Encryption at rest and in transit is mandatory.
Scope
Who this policy applies to
Business owners, administrators, and employees
Customers, suppliers, and partners recorded in Faidika
Website visitors and demo users
API and integration users
What this policy covers
Data categories
Personal data
Business data
Transactional data
Data we collect
Collected only for clear operational and legal purposes
Account information (name, email, phone number)
Business details (business name, registration details, industry)
Employee and partner records entered by customers
Financial records entered by users (sales, purchases, payroll, transactions)
Support requests and communications
How we use data
Operational, security, and compliance purposes
Provide, operate, and maintain the platform
Process transactions and generate business records
Deliver analytics, reporting, and AI-driven insights
Facilitate loan applications, banking, and insurance services
Improve platform performance, usability, and security
Detect and prevent fraud, abuse, and unauthorized access
Comply with legal, regulatory, and contractual obligations
Legal basis for processing
Depends on jurisdiction
Performance of a contract
User consent (where required)
Compliance with legal obligations
Legitimate business interests (fraud prevention, security, service improvement)
Data sharing & disclosure
Strictly controlled; never sold
Faidika does not sell personal data.
Banks, lenders, and insurance providers (with user authorization)
Payment processors and mobile money providers
Cloud infrastructure and technology service providers
Regulatory authorities where legally required
Professional advisors under confidentiality obligations
All third parties are required to follow strict data protection and security standards.
Storage & retention
Encrypted, access-controlled, purpose-limited
Stored securely in cloud environments with encryption at rest and in transit
Access restricted using role-based access controls
Retained only as long as necessary for business, legal, and regulatory purposes
Upon account termination, deleted or anonymized in accordance with applicable laws
Security measures
Industry-standard controls
Encryption of sensitive data
Secure authentication and access controls
Audit logs and monitoring
Regular vulnerability assessments
ISO/IEC 27001–aligned information security practices
AI, analytics & automated processing
Responsible, advisory, and controlled
AI features analyze business data to generate insights and predictions
AI outputs are advisory and do not replace professional judgment
We do not use customer data to train public or third-party AI models without authorization
Automated decisions with legal or significant impact include human review where required
Cookies & tracking technologies
Session security and product improvement
Maintain secure sessions
Improve user experience
Analyze platform usage
Users can control cookie preferences through browser settings where applicable.
Cross-border data transfers
Safeguards and legal compliance
Data may be processed or stored outside your country of residence
Where cross-border transfers occur, we implement adequate safeguards
We comply with applicable data transfer laws and regulations
Your rights
Subject to applicable law
Access your personal data
Correct or update inaccurate data
Request deletion or restriction of processing
Object to certain data uses
Withdraw consent where applicable
Request data portability
Requests can be made through our support channels.
Children’s data
Strictly not intended for children
Faidika ERP is not intended for children
We do not knowingly collect personal data from minors
If such data is identified, it will be deleted promptly
Compliance frameworks
Aligned security and privacy posture
GDPR (EU)
Kenya Data Protection Act
Child Data Protection Act (CDPA)
ISO/IEC 27001
23 NYCRR 500
GLBA, BSA, RFPA (where applicable)
Changes to this policy
We may update this policy periodically. Significant changes are communicated via the platform or website. The “Last updated” date reflects the latest revision.
Summary
Transparency in data use
Strong security and compliance
Respect for user privacy
Responsible and ethical use of data and AI
Your trust is fundamental to our mission