Custom

Cookies Policy

Cookies Policy

Cookies Policy

1. Legal Compliance

Framework: Fully compliant with the Kenya Data Protection Act, 2019 and guidelines from the Office of the Data Protection Commissioner (ODPC).
Data Status: Treats unique tracking cookies as personal data, requiring explicit user control.

2. How Cookies are Used & Categorized

The policy breaks cookies down into four distinct functional tiers:

Strictly Necessary: Active by default. Crucial for secure user authentication, keeping users logged into the ERP/HCM, preventing CSRF security vulnerabilities, and managing local data states for offline-first POS synchronization.
Functional, Performance, & Marketing: Disabled by default. These require active user opt-in and handle things like currency preferences (KES vs. USD), platform error tracking, and analytics.

### 3. Integrated Third-Party Cookies

Because your systems connect directly to local financial and communications infrastructure, specific exceptions are carved out for:

Payment Gateways: Tracking tokens used during Safaricom M-Pesa transactions to prevent checkout fraud.
Messaging Platforms: Security and delivery verification metrics via bulk sms provider and the Meta WhatsApp Business API.

4. Consent Control & Freedom

No Opt-In Presumption: Non-essential cookies are turned OFF until the user explicitly accepts them.
No Cookie Walls: Users are not blocked from using the platforms or websites if they choose to decline tracking.
Granular Management: Users can update their preferences at any time via an on-screen widget or through standard browser settings.

Need help? Chat on WhatsApp