Privacy Policy

KoteKonekt ("we," "us," or "our") provides eSIM data plans and connectivity services designed for Kenyans travelling and living abroad. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile applications (iOS and Android) and website (collectively, the "Services"). By using our Services, you agree to the collection and use of information in accordance with this policy.

2.1 Information You Provide

• Account Information: Name, email address, and phone number when you create an account.
• Payment Information: Billing details processed securely through our third-party payment providers. We do not store full credit card numbers on our servers.
• eSIM Activation Data: Device identifier (EID), eSIM profile details required for provisioning your data plan.
• Support Communications: Messages, feedback, and correspondence you send to our support team.

2.2 Information Collected Automatically

• Usage Data: Data consumption, session duration, plan activation times, and service interaction logs.
• Device Information: Device type, operating system version, unique device identifiers, and eSIM compatibility status.
• Network Data: Connection type, carrier information, and signal quality metrics used to optimize service delivery.
• Analytics: Anonymized usage patterns to improve our app experience, collected via industry-standard analytics tools.

• To provision, activate, and manage your eSIM data plans.
• To process payments and send transaction confirmations.
• To provide customer support and respond to your requests.
• To monitor and optimize network performance and service quality.
• To send service-related notifications such as plan expiry reminders and data usage alerts.
• To comply with applicable laws and regulatory obligations in Kenya and your home country.
• To detect and prevent fraud, unauthorized access, and other security threats to our Services.
• To improve our Services through anonymized, aggregated analytics that cannot identify individual users.

We do not sell your personal data. We may share information only in the following limited circumstances:

• Network Partners: With mobile network operators in your destination country solely for eSIM provisioning and data service delivery.
• Payment Processors: With trusted third-party payment providers to securely process your transactions.
• Legal Requirements: When required by law, regulation, legal process, or enforceable governmental request.
• Safety and Security: To protect the rights, property, or safety of KoteKonekt, our users, or the public as required or permitted by law.
• Service Providers: With vendors who assist in operating our Services (hosting, analytics, customer support), bound by contractual confidentiality obligations.

We implement industry-standard security measures to protect your personal data, including encryption in transit (TLS 1.3) and at rest, access controls, regular security audits, and secure cloud infrastructure. However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data using commercially reasonable safeguards.

We retain your personal data only for as long as necessary to provide our Services and fulfil the purposes outlined in this policy. Account information is retained for the duration of your account and for up to 12 months after deletion to comply with legal and regulatory obligations. Anonymized, aggregated data may be retained indefinitely for analytical purposes.

Your data may be processed in countries outside Kenya, including locations where our cloud infrastructure and service providers operate. When we transfer data internationally, we ensure appropriate safeguards are in place, including standard contractual clauses and compliance with the Kenya Data Protection Act, 2019.

Under the Kenya Data Protection Act and other applicable laws, you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate or incomplete data.
• Request deletion of your personal data, subject to legal retention requirements.
• Object to or restrict certain processing of your data.
• Receive your data in a portable, machine-readable format.
• Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at privacy@kotekonekt.com. We will respond within 30 days.

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete that information promptly.

Our Services may contain links to third-party websites, apps, or services (including app stores). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal data.

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and within the app, and by updating the "Last updated" date above. Your continued use of our Services after changes are posted constitutes acceptance of the revised policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: