Privacy Policy

Effective Date: 1 February 2026

VPOS (“we”, “our”, “us”) operates vpos.co.ke and provides Point of Sale (POS) software and related services. We are committed to protecting personal data in accordance with the Kenya Data Protection Act, 2019.

1. Information We Collect

We collect personal data you provide through our website and services, including:

• Full name
• Email address
• Mobile phone number
• Company name
• Messages, inquiries, and system requirements
• Service preferences (e.g., report delivery preferences)

When you use VPOS services, we may also process business reporting data needed to generate and deliver reports (e.g., aggregated sales summaries). Where applicable, delivery metadata (timestamps, delivery status) may be processed to ensure successful delivery.

2. How We Use Your Information

We process personal data for the following purposes:

• Responding to inquiries and quote requests
• Providing POS services, onboarding, and support
• Sending reports via email and WhatsApp
• System notifications and administrative communications
• Security, fraud prevention, and service quality improvement
• Compliance with legal and regulatory obligations

3. WhatsApp & Email Communications

If you register for VPOS services or provide your contact details, you authorize VPOS to use your email and mobile number to send service communications, including system-generated reports and notifications. WhatsApp delivery may use the WhatsApp Business API through approved third-party providers.

We do not sell personal data and do not send unsolicited marketing messages without a lawful basis.

4. Legal Basis for Processing

We process personal data under one or more of the following legal bases:

• Consent (where required)
• Contractual necessity (to deliver agreed services)
• Legal obligation
• Legitimate interests (service delivery, security, and operations)

5. Data Sharing & Third Parties

We may share limited data with service providers strictly for service delivery, including:

• Email service providers
• WhatsApp Business API providers / messaging gateways
• Hosting, infrastructure, and monitoring providers
• Regulators or law enforcement where required by law

Third parties are required to protect personal data and use it only for the agreed purpose.

6. Data Retention

We retain personal data only as long as necessary for the purposes described above, including:

• Website inquiries and quote requests: up to 24 months
• Client account records: for the duration of the relationship
• Legal and accounting records: as required by applicable law

7. Your Rights

Subject to applicable law, you may request to:

• Access your personal data
• Correct inaccurate or incomplete data
• Withdraw consent (where processing is based on consent)
• Object to certain processing
• Request deletion (subject to legal requirements)

8. Security

We implement reasonable administrative, technical, and organizational safeguards such as access controls, secure hosting configurations, and monitoring. No system is 100% secure, but we apply industry best practices.

9. Contact

For privacy requests, contact:
Email: info@vpos.co.ke
Location: Nairobi, Kenya