Legal

Privacy Policy

Last updated: 28 May 2025

1. Who We Are

DigiLaw Technologies Limited ("DigiLaw", "we", "us", or "our") operates the DigiLaw mobile application and website (collectively, the "Service"). We are incorporated in Kenya and operate as a legal-services marketplace connecting clients with verified advocates.

This Privacy Policy explains what personal data we collect, how we use it, and your rights in relation to it. By using the Service you agree to this Policy.

2. Data We Collect

2.1 Account & Profile Information

When you register, we collect your full name, email address, phone number, and password (stored as a secure hash). If you use Google Sign-In or Apple Sign-In, we receive the information your identity provider shares with us.

2.2 Legal Matter Information

You may upload documents, describe your legal issue, or share case notes with your lawyer through the Service. This information is processed and stored solely to provide the Service and is not used for any other purpose.

2.3 Payment Information

Payments are processed via M-Pesa (Safaricom) and Stripe. We store transaction references and amounts for billing records. We do not store your M-Pesa PIN, full card numbers, or other raw payment credentials — these are handled directly by the payment processor.

2.4 Communications

Messages exchanged between clients and advocates through the in-app chat are stored on our servers to maintain conversation history and for dispute resolution purposes.

2.5 Video & Audio (Meetings)

If you join a video consultation, the app requests access to your device camera and microphone. We use Jitsi Meet for video calls. Video sessions are not recorded by DigiLaw unless both parties explicitly consent within the call.

2.6 Location

We may request your approximate location to show lawyers near you. Precise location is never shared with third parties. You can deny this permission at any time in your device settings.

2.7 Device & Usage Data

We automatically collect device type, operating system version, app version, IP address, pages viewed, and crash logs. This data is used to improve the Service and diagnose technical issues.

3. How We Use Your Data

  • To create and manage your account
  • To match you with and connect you to advocates
  • To process payments and issue receipts
  • To facilitate chat and video consultations
  • To send booking confirmations and reminders via SMS or email
  • To detect and prevent fraud or misuse of the Service
  • To comply with legal obligations under Kenyan law
  • To improve and develop new features

We do not sell your personal data. We do not use your data to serve third-party advertisements.

4. Legal Basis for Processing

We process your data on the following bases under the Kenya Data Protection Act, 2019:

  • Contract — processing necessary to deliver the Service you signed up for.
  • Legitimate interests — fraud prevention, security monitoring, and product analytics.
  • Legal obligation — compliance with tax laws, court orders, and regulatory requirements.
  • Consent — for optional features such as marketing emails (you may withdraw at any time).

5. Sharing Your Data

We share your data only with:

  • Advocates on the platform — limited to the information needed to handle your matter (name, contact, documents you share).
  • Payment processors — Safaricom (M-Pesa) and Stripe, each subject to their own privacy policies.
  • Cloud infrastructure — our servers and databases are hosted on reputable cloud providers (e.g. AWS, Google Cloud) with data processed in or near Kenya/Africa where possible.
  • Legal authorities — if required by a valid court order or statutory obligation.

All third-party service providers are contractually bound to process your data only for the purposes we specify.

6. Data Retention

We retain your account data for as long as your account is active. If you delete your account we will erase your personal data within 30 days, except where we are required to retain it longer by law (e.g. financial records for 7 years under the Kenya Tax Procedures Act).

7. Security

We use industry-standard security measures including TLS encryption in transit, encrypted storage at rest, and access controls. However, no system is completely secure. Please use a strong, unique password and enable two-factor authentication if available.

8. Your Rights

Under the Kenya Data Protection Act, 2019 you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Lodge a complaint with the Office of the Data Protection Commissioner (ODPC)

To exercise any right, email us at privacy@digilaw.app. We will respond within 30 days.

9. Children

The Service is not directed at children under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has provided us with personal data, contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Policy from time to time. We will notify you of material changes via in-app notification or email at least 14 days before the change takes effect. Continued use of the Service after that date constitutes acceptance of the updated Policy.

11. Contact Us

DigiLaw Technologies Limited
Nairobi, Kenya
Email: privacy@digilaw.app

Terms & Conditions← Back to DigiLaw