PigiaFundi processes personal data with the privacy protections recognised under Article 31 of the Constitution of Kenya and the Data Protection Act, 2019.

This policy applies to personal data submitted directly by users, generated while using the service, or received from service partners in connection with a job, inspection, quote, or support request.

If a separate enterprise, corporate, or contractual data notice applies to a specific account, that specific notice may supplement this public policy.

Identity and contact data such as your name, display name, email address, phone number, and account identifier.

Authentication and session data such as OTP challenge details, login events, IP address, browser or device information, and security logs.

Job and property data such as service type, location, urgency, preferred date, budget, notes, uploaded photos, inspection findings, progress updates, and job history.

Quote and payment data such as quote amount, deposit amount, payment status, payment reference, and limited payment verification details returned by a payment provider.

Support and communication data such as website chat content, support messages, replies, and related contact details.

To create and manage accounts, verify logins with OTP, and keep the service secure.

To receive, assess, route, schedule, inspect, quote, support, and close maintenance jobs.

To share the right parts of a job record with fundis, internal teams, account holders, or authorised property stakeholders who need the information for the work.

To process quote approvals, deposits, payment verification, accounting records, and operational audit trails.

To communicate job updates, inspection findings, support responses, policy notices, service changes, and security alerts.

To detect abuse, investigate complaints, prevent fraud, enforce the terms, and comply with legal or regulatory obligations.

Contract: where processing is necessary to provide the website, account access, job handling, inspections, quotes, payment verification, or support you have requested.

Legal obligation: where records must be kept or disclosed to meet tax, accounting, audit, court, regulatory, or law enforcement obligations.

Legitimate interests: where PigiaFundi needs to secure the service, prevent fraud, keep operational records, improve service quality, or investigate misuse in a way that does not override your rights.

Consent: where the law or the context requires it, including where a particular use is optional rather than necessary for the service.

Job data may be shared with PigiaFundi staff, administrators, inspectors, or assigned fundis where they need the information to carry out the job or support the service.

Payment information may be shared with authorised payment partners to initialize, verify, reconcile, or reverse transactions.

Contact and notification data may be shared with messaging or email providers when OTPs, service notices, or updates need to be sent.

Data may be shared with hosting, storage, security, legal, audit, or professional service providers that support the service under appropriate confidentiality and data handling controls.

Data may also be disclosed where required by law, court order, regulatory process, or a lawful request by a public authority.

PigiaFundi may receive limited payment records such as a reference number, authorization result, settlement status, amount, and payer contact details needed for accounting, dispute resolution, and audit.

Full card or wallet credentials are ordinarily handled by the payment provider and are not intentionally stored by PigiaFundi except where a limited masked or reference record is returned as part of payment confirmation.

Payment providers process data under their own legal and security obligations in addition to PigiaFundi’s obligations.

Account, job, inspection, quote, support, and payment records may be retained while an account is active and for a reasonable period afterwards where needed for lawful business or legal reasons.

Security logs, OTP records, and access records may be retained for a shorter operational period or longer where needed for fraud investigation, system integrity, or legal compliance.

Where data is no longer required, PigiaFundi may delete it, anonymise it, or archive it in a restricted form where the law still requires retention.

You may ask to be informed about how your personal data is being used.

You may ask to access personal data held about you.

You may object to processing in appropriate circumstances.

You may ask for correction of false or misleading data and deletion of false or misleading data about you.

Where applicable, you may also ask about consent withdrawal, data portability, and review of significant automated decisions.

PigiaFundi uses access controls, audit records, role-based workflows, and other reasonable operational measures to keep service records protected.

If personal data is hosted, accessed, or transferred outside Kenya, PigiaFundi aims to do so only with appropriate safeguards or another lawful basis recognised under Kenyan law.

The service is not intended for children to use independently. Where a person acts for a minor or another data subject, PigiaFundi may require lawful authority for that action.

Email: info@pigiafundi.com

Phone: +254 700 000 000

If you are not satisfied with how your request is handled, you may also lodge a complaint with the Office of the Data Protection Commissioner (ODPC) in Kenya.