Privacy Policy

Last Updated: March 14, 2026

At KaziEasy, we take your privacy seriously. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our mobile point-of-sale (POS) application.

1. Information We Collect

1.1 Business Information

When you create a KaziEasy account, we collect:

• Business name and type (restaurant, retail shop, salon, etc.)
• Business ID (auto-generated unique identifier)
• Business address and location
• Phone number
• TIN (Tax Identification Number) if provided
• Mobile money number if provided

1.2 Account Information

• Email address
• Encrypted password (we never store plain-text passwords)
• Staff member names, IDs, and roles

1.3 Transaction Data

• Sales transactions (items sold, prices, quantities, timestamps)
• Payment methods (cash, mobile money)
• Inventory levels and stock movements
• Expenses and supplier information
• Customer names (for service provider businesses, optional)

1.4 Usage Data

• Device information (model, operating system version)
• App usage patterns and feature usage
• Error logs and crash reports (for app improvement)
• IP address and general location (for security purposes)

1.5 AI Interaction Data

• Questions you ask Hosanna AI assistant
• Business context sent to AI for generating insights
• AI-generated responses and recommendations

2. How We Use Your Information

2.1 To Provide Our Services

• Process sales transactions and payments
• Track inventory and generate stock alerts
• Calculate profit margins and business metrics
• Generate sales reports and analytics
• Manage staff access and permissions

2.2 To Provide AI Insights (Hosanna)

• Send your business data to Anthropic's Claude AI (our AI provider)
• Generate personalized business insights and recommendations
• Answer questions about your sales, inventory, and profitability

2.3 To Improve Our Service

• Analyze usage patterns to improve app features
• Fix bugs and technical issues
• Develop new features based on user needs
• Send important updates about the app (via email or notifications)

2.4 For Security and Compliance

• Prevent fraud and unauthorized access
• Comply with legal obligations
• Protect user accounts and business data

3. Data Sharing and Third Parties

3.1 AI Service Provider (Anthropic)

When you use Hosanna AI, we share your business data with Anthropic's Claude AI to generate insights. This includes:

• Sales data (revenue, transactions, best-selling items)
• Inventory data (stock levels, costs)
• Expense data
• Your questions and AI responses

Important: Anthropic processes this data solely to provide AI responses. They do not use your data to train their AI models. Read Anthropic's privacy policy at anthropic.com/privacy

3.2 Database Provider (Supabase)

We use Supabase to securely store your business data. Supabase stores data in European data centers (AWS EU-North-1) with:

• Encryption in transit (HTTPS/TLS)
• Encryption at rest
• Regular automated backups
• Industry-standard security measures

3.3 We Do NOT Share Your Data With:

• Advertisers or marketing companies
• Data brokers
• Social media platforms
• Other KaziEasy users (your data is completely isolated)

3.4 Legal Disclosures

We may disclose your information if required by law, court order, or government regulation, or to protect our legal rights.

4. Data Security

4.1 Security Measures

• All data transmitted over secure HTTPS connections
• Passwords encrypted using industry-standard bcrypt hashing
• Row-Level Security (RLS) ensures data isolation between businesses
• Regular security audits and updates
• Staff access controlled by role-based permissions

4.2 Your Responsibilities

• Keep your Business ID and password confidential
• Use strong passwords (minimum 8 characters)
• Don't share staff PINs across employees
• Log out on shared devices

5. Data Retention

5.1 Active Accounts

We retain your business data as long as your account is active and for 90 days after account closure (to allow for account recovery or final report generation).

5.2 Deleted Accounts

When you delete your account:

• All business data is permanently deleted within 30 days
• You can request immediate deletion by contacting support
• Anonymized usage statistics may be retained for app improvement

5.3 Legal Requirements

Some data may be retained longer if required by law (e.g., tax records for 7 years in Rwanda).

6. Your Rights

You have the right to:

• Access: Request a copy of all your data (via CSV export in the app)
• Correction: Update or correct inaccurate information
• Deletion: Delete your account and all associated data
• Portability: Export your data in machine-readable format (CSV)
• Opt-out: Disable specific features like AI insights

To exercise these rights, visit kazieasy.com/delete-account or contact us at privacy@kazieasy.com

7. Children's Privacy

KaziEasy is a business tool intended for adults. We do not knowingly collect information from children under 18. If we learn we have collected data from a child, we will delete it immediately.

8. International Data Transfers

Your data is primarily stored in European data centers (AWS EU-North-1). When using Hosanna AI, data is temporarily sent to Anthropic's servers in the United States for processing. This transfer is protected by:

• Standard Contractual Clauses (EU-approved data transfer mechanism)
• Encryption in transit (TLS 1.3)
• Data minimization (only necessary data is sent)

9. Cookies and Tracking

KaziEasy mobile app does not use cookies. We collect only the technical data mentioned in Section 1.4 for app functionality and improvement.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

• We'll update the "Last Updated" date
• We'll notify you via email or in-app notification
• Major changes will require your consent to continue using the app

11. Contact Us

If you have questions about this Privacy Policy or your data:

• Email: privacy@kazieasy.com
• Support: support@kazieasy.com
• Delete Account: kazieasy.com/delete-account

Data Protection Officer: Lokosang Wani (founder@kazieasy.com)

Business Address: Kigali, Rwanda

---

Summary (TL;DR)

• ✅ We collect business data to provide POS services
• ✅ We share business context with Anthropic's AI for insights
• ✅ Data is encrypted and stored securely in EU data centers
• ✅ You can export or delete all your data anytime
• ❌ We never sell your data to third parties
• ❌ We never train AI models on your data
• ❌ We never share your data with competitors