ByZara Logo

BYZARA PRIVACY POLICY

Effective Date: April 17, 2026

Last Updated: April 17, 2026

At ByZara, we are committed to safeguarding your privacy and ensuring the protection of your personal data. This Privacy Policy outlines how we collect, use, share, and protect your information when you interact with our website ("Website"). By accessing or using our Website, you agree to the terms of this Privacy Policy.

1. INFORMATION WE COLLECT

We may collect the following categories of personal data:

a. Information You Provide to Us

  • Account Information: When you create an account, we may collect your name, email address, phone number, username, and password.
  • Payment Information: If you make a purchase, we collect payment details, such as credit/debit card information and billing address.
  • Customer Support Information: When you contact our support team, we collect information about your query and your contact details.

b. Information We Collect Automatically

  • Usage Data: Information about your interactions with our Website, such as pages visited, time spent on the site, and links clicked.
  • Device Information: Technical information about the device you use to access our Website, including IP address, browser type, and operating system.
  • Cookies and Tracking Technologies: We use cookies, beacons, and other tracking technologies to collect information about your browsing activities.

c. Information from Third Parties

  • Social Media Data: If you engage with our content on social media platforms, we may collect certain profile information as permitted by those platforms.

2. HOW WE USE YOUR INFORMATION

We use the information we collect to:

  • Provide Services: Facilitate account creation, process payments, and deliver products and services.
  • Improve User Experience: Customize content, improve navigation, and enhance the Website's functionality.
  • Marketing and Promotions: Send you promotional messages, marketing content, and special offers with your express consent.
  • Compliance and Legal Obligations: Ensure compliance with legal obligations, enforce our terms and conditions, and protect against fraud.
  • Analytics and Insights: Conduct research, analyze Website usage trends, and improve our services.

3. HOW WE SHARE YOUR INFORMATION

We do not sell your personal data. However, we may share it as follows:

  • Service Providers: We share data with third-party vendors who provide payment processing (SendPulse and Pesapal), customer support, IT services, and analytics.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity.
  • Legal Obligations: We may disclose information to comply with legal obligations, court orders, or governmental requests.
  • Consent: We may share your data with third parties where you have provided consent.

Where you interact directly with our authorised company representatives, including through customer support channels or service engagements, we may collect and process personal data necessary to respond to your inquiries, provide assistance, and improve our services. Such interactions are handled in accordance with applicable data protection laws, and appropriate security measures, including confidentiality obligations and encryption where applicable, are implemented to protect your information.

4. YOUR RIGHTS AND CHOICES

You have the following rights with respect to your personal data:

  • Access and Rectification: Request access to your personal data and correct inaccuracies.
  • Data Portability: Obtain a copy of your personal data in a structured, machine-readable format.
  • Erasure: Request the deletion of your personal data.
  • Restrict Processing: Request that we limit the processing of your personal data.
  • Object to Processing: Object to the processing of your personal data for direct marketing purposes.
  • Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.

Data Subject Rights under the Data Protection Act 2019, Article 26:

A data subject has a right-

  • (a) to be informed of the use to which their personal data is to be put;
  • (b) to access their personal data in custody of data controller or data processor;
  • (c) to object to the processing of all or part of their personal data;
  • (d) to correction of false or misleading data; and
  • (e) to deletion of false or misleading data about them.

To exercise your rights, please contact us using the information provided in the "Contact Us" section below.

5. DATA SECURITY

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure. These measures include SSL encryption, passwords, restricted admin access, and two-factor authentication. Despite our efforts, no method of transmission over the internet or electronic storage is 100% secure.

Response to Data Breach:

Should it appear that the personal information of a data subject has been accessed or acquired by an unauthorized person, ByZara shall notify the Information Regulator and the relevant data subjects, unless we are no longer able to identify the data subjects. This notification shall take place as soon as reasonably possible. The notification to the data subject shall be communicated in writing by email to the data subject's last known email address or by publication on our website. The notification shall provide:

  • A description of the possible consequences of the breach;
  • Details of the measures that we intend to take or have taken to address the breach;
  • Recommendations on what the data subject could do to mitigate the adverse effects of the breach; and
  • If known, the identity of the person who may have accessed, or acquired the personal information.

6. RETENTION OF DATA

We retain personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. We store user data for twenty four (24) months. After this period, stored consumer data will be securely deleted or anonymized.

7. THIRD-PARTY LINKS

Our Website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to review their privacy policies before providing your personal data.

8. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies to improve user experience and analyze website traffic. You can manage your cookie preferences through your browser settings.

9. INTERNATIONAL DATA TRANSFERS

We do not engage in cross-border data transfers.

10.CHILDREN'S PRIVACY

Our Website is not intended for children under the age of 18, and we do not knowingly collect data from children. If we become aware that we have collected data from a child, we will delete it promptly.

11.CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We encourage you to review this page periodically for any updates. The "Last Updated" date at the top of this page indicates when changes were last made.

12.DISPUTE RESOLUTION

ByZara will try to resolve disputes in-house. Disputes that cannot be resolved amicably will be subject to arbitration.

This Privacy Policy is subject to and governed by the laws of Kenya.

13.CONTACT US

If you have any questions, concerns, or requests related to this Privacy Policy or how your personal data is handled, please contact us at:

Email: support@byzara.life

Phone: +254754551551

Address: 132 Manyani East Road, Nairobi, Kenya