Privacy policy
How Wazi collects, uses and protects personal data under Kenya’s Data Protection Act, 2019.
This is a plain-language summary for the pilot and will be finalised with counsel before public launch.
1. Who we are
Wazi is operated by BridgeERP Limited (Nairobi, Kenya). For any privacy question, contact us by email.
2. What we collect
To run a group ledger we collect names, ID numbers, phone numbers and contribution records. We collect the minimum needed to provide the service and nothing more.
3. Why we collect it
To register groups and members, record and reconcile contributions, produce statements, send reminders and acknowledgements, and meet our legal obligations.
4. The legal basis
We process personal data on the basis of your consent (given at enrolment), the performance of our service to your group, and our legal obligations under Kenyan law.
5. How we protect it
Data is encrypted in transit and at rest, access is restricted by role and logged, and we maintain a breach-response plan. We never sell your data.
6. Money and payments
Contributions settle directly to your group’s own bank paybill — Wazi never holds your funds. We only process the small tariff fee through our own paybill.
7. WhatsApp messaging
We use approved message templates, respect opt-in rules, and give you a clear way to opt out of WhatsApp messages at any time.
8. Your rights
You may request access to your data, ask us to correct it, or request its deletion, subject to our legal record-keeping obligations. Statements are exportable on request.
9. Data retention
We keep group and contribution records for as long as the group is active and as required by law, after which they are securely deleted or anonymised.
10. Regulator
Wazi registers with the Office of the Data Protection Commissioner of Kenya. You may also lodge a complaint with the ODPC.