Privacy Policy

Effective Date: 30 August 2025

Welcome to Siku Zangu, your trusted menstrual health companion. We take your privacy seriously and are committed to protecting your personal data in line with the Tanzanian PDPA (2023), Kenya's DPA (2019), and global best practices such as GDPR.

This Privacy Policy explains how we collect, use, share, and safeguard your data when you use the Siku Zangu mobile app ("App") and related services.

By downloading, accessing, or using the App, you acknowledge that you have read and understood and agree to this policy. This Policy should be read together with our Terms of Service.

2. Data Controller Information

The entity responsible for the processing of your personal data (the Data Controller) is:

Siku Zangu Health Technologies Ltd.
P.O. BOX 708
Arusha, Tanzania

For any privacy-related questions or requests, please contact us at: [email protected]

3. Information We Collect & Why

We only collect data that is necessary for the app to function and help you better understand your menstrual health.

Information You Provide

  • Account Info: Name, email, password
  • Cycle Logs: Period dates, symptoms, flow levels, moods
  • Optional Profile Info: Location, languages, photos (only if uploaded voluntarily)
  • Messages: If you contact us directly

Information Collected Automatically

  • Usage Data: We collect information about how you interact with the App, such as features used, content viewed, actions taken, time, frequency, and duration of your activities.
  • Device Data: We collect information about the device you use to access the App, such as your IP address, device type, operating system, app version, unique device identifiers, and crash data.
  • Location Data: We may request permission to access your device's precise geolocation data when you use certain features, such as tagging a post with a precise location. Collection of this data is based on your consent, which you can manage through your device settings or app permissions.

Information We Do Not Collect

  • Sensitive Personal Data: We do not intentionally collect or request "Sensitive Personal Data" as defined under the DPA (including data revealing race, health status, ethnic origin, political opinions, religious beliefs, biometric data, sexual orientation, etc.). Please do not upload such information to the App.
  • Payment Information: This version of the App does not involve payments (yet), and we do not collect any financial or payment card information.
  • Data from minors (under 18): The app is not intended for children.

4. How We Use Your Information (Purpose and Legal Basis)

  • To Provide and Manage the Service: (Legal Basis: Performance of Contract)
  • To Communicate with You: (Legal Basis: Performance of Contract; Legitimate Interest)
  • To Improve and Personalise the Service: (Legal Basis: Legitimate Interest; Consent for non-essential analytics or personalization features)
  • For Safety and Security: (Legal Basis: Legitimate Interest; Legal Obligation)
  • To Comply with Legal Obligations: (Legal Basis: Legal Obligation)
  • With Your Consent: (Legal Basis: Consent)

5. How We Share Your Information

We do not sell your personal data. We may share your information only in the following circumstances:

  • With Third-Party Service Providers: Google Cloud, Paystack
  • For Legal Reasons: Disclosure to comply with law, enforce terms, protect rights
  • Business Transfers: In the event of a business transaction, we will notify you

6. International Data Transfers

Your information may be transferred to, stored, and processed in countries other than Kenya. Safeguards include:

  • Transfers to countries deemed adequate by the ODPC
  • Standard Contractual Clauses
  • Explicit consent

7. Data Security

We implement reasonable security measures such as encryption, access controls, and secure servers to protect your data. However, no method is 100% secure.

8. Data Retention

We retain your data as long as necessary. If you delete your account, we will delete or anonymize your data unless legally required to retain it.

9. Your Data Protection Rights

  • • Right to Access
  • • Right to Rectification
  • • Right to Erasure
  • • Right to Restrict Processing
  • • Right to Object to Processing
  • • Right to Data Portability
  • • Right to Withdraw Consent

Contact us or use the App settings to exercise your rights. We will respond within legal timeframes.

10. Children's Privacy

We do not knowingly collect data from individuals under 18. If we do, we will delete it promptly.

11. Cookies and Tracking Technologies

We may use cookies, SDKs (like PostHog, Firebase Analytics), or similar technologies. You may control some of these via device settings.

12. Changes to This Privacy Policy

We may update this policy. We'll notify you via the app or email. Continued use means acceptance.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Siku Zangu Health Technologies Ltd

P.O. BOX 708 Arusha, Tanzania

Email: [email protected]

By using Siku Zangu, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.