Privacy Policy

When you use DukaSale, you may enter (or your app may automatically generate) the following types of information:

• Business profile — business name, location, contact details, industry type.
• Catalog & pricing — products, variants, SKUs, barcodes, stock levels, costs and prices.
• Sales activity — transactions, payment methods, refunds, voids, discounts.
• Customer records — names, phone numbers, loyalty balances and customer credit (deni).
• Staff & access — team members, roles, PINs, audit logs.
• Financial — expenses, profit and loss, end-of-day reports, tax configuration.
• Hardware bindings — printers, barcode scanners, cash drawer routing.

We also collect limited technical telemetry — device type, OS version, app version, anonymised crash logs — to keep the products stable. This telemetry never includes your customer, sales or financial data.

Your business data is used to power the features you opted in to:

• Ringing up sales and printing receipts at the till.
• Tracking inventory, purchase orders and stock transfers.
• Sending end-of-day, weekly and monthly reports to the Owner App and (optionally) WhatsApp/email.
• Reminding you about deni balances, low stock, expiring batches and reorder points.
• Powering M-Pesa STK push and reconciling payments to sales.
• Showing every outlet on one screen in the Owner App.

Anonymised technical telemetry helps us fix bugs, prioritise features, and measure performance — it is never sold or used to identify you.

It depends on the product:

• Mobile POS (Android) — data is stored locally on the device by default. Cloud backup and Owner-App sync are opt-in.
• Retail POS & Restaurant POS — browser-based, so data is stored in the DukaSale cloud (in our SaaS mode) or on your own server (in standalone mode).
• Owner App — reads from whichever stores are connected to your account.
• DukaSale operator console — plans, billing, entitlement and tenancy data only; we never see your customer transactions through it.

Our cloud infrastructure for SaaS deployments runs in regions chosen for proximity to East Africa. In standalone mode, no DukaSale-hosted servers are involved.

When you use M-Pesa, card or other payment integrations, DukaSale communicates with the payment provider on your behalf. During this process:

• The customer’s phone number or card token and the payment amount are sent to the provider to initiate the transaction.
• Confirmation, receipt number and status are received back and stored on your DukaSale instance.
• We do not store full card numbers, PINs, or M-Pesa user PINs — ever.

Payments are subject to the provider’s own terms (Safaricom for M-Pesa, the acquiring bank for cards). DukaSale acts as a technical conduit, not a payment processor.

We don’t sell, rent or trade your data. We only share it in these specific cases:

• With your explicit consent — e.g. when you export, share or sync data yourself.
• To deliver the service — trusted infrastructure providers (cloud hosting, error reporting, analytics, payments) operating under data-processing agreements.
• To comply with the law — valid Kenyan court orders, KRA requests, or regulatory obligations under the Data Protection Act, 2019.
• White-label partners — if you use a partner-branded build, the partner has access to their own customers’ data, not to other businesses on DukaSale.

We take security seriously:

• Passwords are stored hashed with industry-standard algorithms. PINs use one-way hashing.
• All cloud traffic is encrypted in transit (TLS 1.2+); database backups are encrypted at rest.
• Role-based access controls limit what each staff member can see and do.
• Audit logs record sensitive actions (logins, refunds, price changes, employee creation).
• 2FA is available on the operator console and on Owner App accounts.

That said, no system is 100% impenetrable. You’re responsible for the physical security of your devices and the confidentiality of staff PINs and passwords. If you suspect a breach, contact us immediately.

In SaaS mode, your data stays in the system while your subscription is active and for 90 days after cancellation, after which it’s permanently deleted (you can request earlier deletion). In standalone mode you control the retention policy entirely.

For Mobile POS, locally stored data lives on your device until you delete it or uninstall the app. We recommend regular backups.

You have the right to:

• Access — see what data we hold about you. Most of it is already in the app.
• Correction — fix anything inaccurate.
• Deletion — remove records or close your account entirely.
• Portability — export your catalog, sales and customer data as CSV or JSON.
• Object — opt out of anonymised analytics from your device settings.
• Complain — to the Office of the Data Protection Commissioner (ODPC) in Kenya.

DukaSale is built for business use and is not directed at people under 18. We don’t knowingly collect data from minors. If you believe a minor has used the service, contact us so we can remove the information.

We may update this Privacy Policy as the Suite evolves. When we do, we’ll update the “Last updated” date at the top. Material changes get notified by email or in-app at least 14 days in advance.

Questions about your data, this policy, or a Data Protection Act request? Reach our team: