hello[at]wpfoss.com +254722334188

WPFOSS Privacy Policy

Last Updated: September 2025

WPFOSS (“we,” “our,” “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and safeguard personal information when you interact with our services, including WordPress development, WooCommerce integration, and M-Pesa payment processing.

By using our services, you confirm that you have read and understood this Privacy Policy.

1. Information We Collect

Information You Provide:

  • Name, email, phone number, business details.
  • M-Pesa transaction data.
  • Content uploaded for websites or integrations.

Technical Information:

  • IP addresses, device information, browser details, cookies.
  • Logs of interactions with our websites and tools.

Third-Party Information:

  • We may receive information from service providers (e.g., hosting partners, fraud prevention tools).

2. Legal Basis for Processing

We process personal information under the following lawful bases:

  • To perform a contract (delivering websites, integrations, and digital services).
  • To comply with legal obligations .
  • With your consent (marketing, optional communications).
  • For our legitimate interests (improving services, securing systems).

3. Use of Information

We use data to:

  • Deliver, operate, and improve services.
  • Process and confirm payments.
  • Communicate updates, offers, and support.
  • Secure our websites and prevent fraud.
  • Meet legal and regulatory obligations.

4. Data Sharing

We share information:

  • With service providers such as Safaricom (M-Pesa), hosting companies, WooCommerce, analytics tools.
  • With regulators and authorities where required by law.
  • With third-party contractors bound by confidentiality and data protection agreements.

We do not sell personal data.

5. Data Transfers

If data is transferred outside Kenya, we require recipients to provide safeguards consistent with Kenya’s Data Protection Act, 2019.

6. Data Security

  • Encryption of data in transit and at rest.
  • Access controls and authentication.
  • Regular audits of systems and partners.
  • Breach protocol: if a breach occurs, we notify ODPC within 72 hours and users when required.


7. Data Retention

  • Client records: retained for up to 5 years after service termination or longer if law requires.
  • Transaction data: retained as per Kenyan tax and financial regulations.
  • Cookies: stored according to browser settings and cookie policy.

8. Your Rights

You have the right to:

  • Access and obtain a copy of your data.
  • Request correction or deletion.
  • Object to processing or withdraw consent.
  • Restrict certain processing.
  • Lodge a complaint with the Office of the Data Protection Commissioner (ODPC).

Requests can be sent to hello@wpfoss.com

.

9. Cookies and Tracking

We use cookies for analytics, functionality, and marketing. You can control cookies through browser settings.

10. Children’s Privacy

Our services are not intended for users under 18. We do not knowingly collect data from minors.

11. Policy Updates

We may update this policy. Updates will be posted here with the effective date.

12. Contact

Questions or complaints: hello@wpfoss.com