HandyPro Privacy Policy

This policy applies to all personal data processed through HandyPro services, whether you use HandyPro as a customer, provider, business owner, worker, applicant, website visitor, referral contact, support contact, or platform administrator.

In this policy, “HandyPro”, “we”, “us”, or “our” means the HandyPro entity operating the relevant service in your location, together with its affiliated operations and authorized processors. If a specific HandyPro entity is identified in a service agreement, invoice, onboarding pack, or partner contract, that entity will be the primary controller for the relevant processing activity.

This policy is designed to protect all sides of the marketplace. It explains how customer data is protected from misuse, how provider and business data is protected during onboarding and operations, and how we balance privacy with safety, fraud prevention, payments, compliance, and dispute handling.

We collect data directly from you, from the actions you take on the platform, from the business you belong to, from payment and identity-verification partners, from communications with support teams, and from lawful public or regulatory sources where necessary.

Where you upload data about another person, such as an employee, emergency contact, reference, or business representative, you must have authority to share that information and must provide any required notices to them.

We process personal data to create and manage accounts, match customers with providers, schedule and fulfill bookings, process payments and payouts, issue invoices, run compliance checks, respond to support requests, maintain platform quality, secure accounts, prevent fraud, enforce our rules, and comply with law.

Depending on the activity, our legal basis may include performance of a contract, compliance with legal obligations, protection of legitimate interests such as safety and fraud prevention, protection of vital interests, or your consent where consent is required by law. If we rely on consent, you may withdraw it at any time, though that will not affect lawful processing that already occurred.

We do not sell personal data. We do not permit providers, customers, business users, or staff to use platform data for unrelated marketing, harassment, stalking, off-platform spam, or any purpose inconsistent with a booking, lawful business operations, or our documented instructions.

Where possible, we limit visibility by role. Administrators, compliance teams, finance teams, and business owners may see broader data only where required for support, safety, governance, billing, payouts, disputes, or legal compliance.

Certain categories of data require extra protection, including government-issued ID details, KYC or KYB records, legal entity information, tax information, bank or mobile-money payout details, home-entry instructions, incident reports, fraud signals, and any documents used for compliance or trust-and-safety reviews.

We process this information only where needed for legal compliance, security, onboarding, dispute resolution, fraud prevention, payout enablement, tax administration, or platform integrity. Access is restricted to authorized personnel and approved processors with a business need to know.

Payment card and processor-side payment credentials are handled by authorized payment providers and processors. HandyPro may receive transaction references, masked payment details, processor status, wallet information, payout references, invoice details, and related operational records, but we do not use financial data for unrelated profiling.

We may use cookies, local storage, pixels, session technologies, and similar tools to keep you signed in, remember preferences, secure the platform, measure traffic, diagnose failures, and understand how our website and applications are being used.

We may send service communications such as verification messages, booking updates, receipts, trust-and-safety notices, policy updates, support replies, payout notices, and compliance reminders. We may also send marketing communications where permitted by law and where you have not opted out.

Where consent is required for non-essential tracking or marketing, we will request it through the relevant channel and give you a way to withdraw it.

We retain personal data only for as long as it is reasonably necessary for the purposes described in this policy, including account management, marketplace operations, trust and safety, payments, audits, tax, legal claims, and regulatory recordkeeping.

Different retention periods may apply to different categories of data. For example, account records, booking histories, invoices, payment or payout records, compliance documents, security logs, fraud signals, and dispute records may be kept longer than routine profile data where the law or legitimate risk management requires it.

When data is no longer required, we delete it, anonymize it, aggregate it, or securely isolate it in accordance with legal and operational retention requirements.

HandyPro may host or process data in Kenya or in other countries where our infrastructure or service partners operate. When personal data is transferred across borders, we take reasonable steps to ensure the recipient is subject to appropriate privacy, confidentiality, and security obligations.

We maintain administrative, technical, and organizational safeguards designed to protect personal data, including access controls, role-based permissions, session security, monitoring, audit logging, backup controls, vendor management, and incident response procedures. No system can be guaranteed to be completely secure, so you also play a role in protecting your information by safeguarding your credentials and using the platform responsibly.

Under the Kenya Data Protection Act, 2019, and similar laws where they apply, you may have the right to be informed, the right to access your personal data, the right to rectification, the right to erasure, the right to data portability, the right to object to processing, and the right to restrict processing. If another law gives you stronger rights, we will apply that law to the extent required.

If GDPR or a similar regime applies to you, you may also have rights relating to withdrawal of consent and the right not to be subject to a decision based solely on automated processing that produces legal or similarly significant effects, except where allowed by law.

HandyPro services are generally intended for adults and lawful business users. Where the data of a child or vulnerable person is involved, such as where a parent, guardian, school, care provider, or other responsible adult uses the platform on their behalf, additional care must be taken to ensure lawful authority and age-appropriate handling.

If we learn that personal data has been provided in a way that violates applicable child-protection or privacy laws, we may restrict the relevant account, delete the data where lawful and appropriate, or request additional consent or verification.

If you have a privacy concern, a rights request, or a complaint about how your personal data has been handled, contact HandyPro first at info@handypro.pro. We will review the issue, verify your identity where necessary, and respond within the period required by law or within a reasonable time where no specific legal period applies.

If you are in Kenya and you are not satisfied with our response, you may also lodge a complaint with the Office of the Data Protection Commissioner. If you are in another jurisdiction, you may contact the privacy or data-protection authority in your location if local law gives you that right.

We may update this Privacy Policy from time to time to reflect changes in law, platform features, processors, risk controls, payments, operational practices, or regulatory guidance. When we make material changes, we will update the “Last updated” date and may provide additional notice through the website, app, email, or other appropriate channel.

Your continued use of HandyPro after an updated policy becomes effective means that the updated policy applies to future processing, subject to any rights you may exercise and any legal requirements for additional consent.