← Back to Home

Data Policy

Last Updated: November 21, 2025

1. Overview

This Data Policy explains how Aqua Pranah Pranah collects, processes, stores, and protects data within our application. This policy complements our Privacy Policy and provides detailed information about our data handling practices.

2. Types of Data We Collect

2.1 User Account Data

  • Full Name: Required for account creation
  • Email Address: Required for authentication
  • Phone Number: Required for account verification
  • Password: Encrypted and stored securely
  • Account Creation Date: Automatically recorded

2.2 Farm Financial Data

Expense Records:

  • Amount (KES)
  • Description
  • Category (feed, labor, equipment, etc.)
  • Date of expense
  • Quantity and unit price (optional)
  • Supplier information (optional)
  • Pond ID (optional)

Income Records:

  • Sale amount (KES)
  • Quantity sold (kg)
  • Price per kg
  • Buyer/market information
  • Fish size category
  • Sale date
  • Pond ID
  • Additional notes

2.3 Device and Usage Data

  • Device model and operating system version
  • App version and build number
  • Screen resolution and device language
  • App usage patterns and feature interactions
  • Session duration and frequency
  • Error logs and crash reports

2.4 Camera Data

When you use the camera scanning feature:

  • Images are temporarily processed for receipt/document scanning
  • Extracted text data is stored with expense records
  • Original images are only stored if you explicitly save them
  • Camera feed is not recorded or transmitted without your action

3. How We Process Your Data

3.1 Data Processing Purposes

Data TypePurpose
Account DataAuthentication, personalization, communication
Financial DataExpense tracking, income analysis, reporting
Usage DataApp improvement, feature optimization
Camera DataReceipt scanning, expense documentation

3.2 Data Processing Legal Basis

We process your data based on:

  • Consent: You provide explicit consent when creating an account
  • Contract Performance: Processing necessary to provide app services
  • Legitimate Interest: Improving app functionality and security
  • Legal Obligation: Compliance with applicable laws

4. Data Storage

4.1 Storage Locations

Your data is stored in secure cloud infrastructure with the following characteristics:

  • Primary servers located in secure data centers
  • Encrypted data transmission (TLS/SSL)
  • Encrypted data at rest (AES-256)
  • Regular automated backups
  • Geographic redundancy for data availability

4.2 Local Storage

Some data is cached locally on your device for:

  • Offline functionality
  • Faster app performance
  • Temporary image storage before upload

Local data is encrypted and automatically synced with cloud servers when you have an internet connection.

5. Data Retention Periods

Data CategoryRetention Period
Account InformationUntil account deletion + 30 days
Financial RecordsUntil account deletion + 90 days (tax compliance)
Usage Analytics24 months, then anonymized
Crash Logs90 days
Camera ImagesUser-controlled (deletable anytime)

6. Data Security Measures

6.1 Technical Security

  • End-to-end encryption for data transmission
  • AES-256 encryption for data at rest
  • Secure password hashing (bcrypt)
  • Multi-factor authentication support
  • Regular security audits and penetration testing
  • Automated threat detection systems

6.2 Organizational Security

  • Limited employee access to personal data
  • Mandatory security training for staff
  • Strict data access logging and monitoring
  • Non-disclosure agreements with all personnel
  • Incident response procedures

7. Data Sharing and Third Parties

We only share data with trusted third-party service providers:

  • Cloud Hosting Provider: Stores encrypted data (AWS/Google Cloud/Azure)
  • Analytics Service: Anonymized usage data for app improvement
  • Email Service: Sends account-related emails (transactional only)

All third parties are contractually bound to protect your data and use it only for specified purposes.

8. Your Data Rights

8.1 Access and Portability

You can request a complete copy of your data in JSON or CSV format by contacting us at clintondavid46@gmail.com. We will provide your data within 30 days.

8.2 Correction and Updates

You can update your account information directly in the app settings. For other data corrections, contact our support team.

8.3 Deletion

You can delete your account and all associated data through the app settings. Upon deletion request:

  • Your account is immediately deactivated
  • Personal data is deleted within 30 days
  • Financial records are retained for 90 days (legal requirement)
  • Anonymized analytics data may be retained

9. Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

  • Notify affected users within 72 hours of discovery
  • Provide details about the nature of the breach
  • Explain steps we're taking to address the breach
  • Recommend actions you can take to protect yourself
  • Notify relevant regulatory authorities as required

10. Cookie and Tracking Policy

Our mobile app does not use cookies. However, we do collect:

  • Device Identifiers: Unique app installation ID
  • Session Data: Temporary authentication tokens
  • Analytics IDs: Anonymized usage tracking

You can opt out of analytics tracking in the app settings.

11. Updates to This Data Policy

We may update this Data Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via:

  • In-app notification
  • Email notification (for significant changes)
  • Updated "Last Updated" date on this page

12. Contact Information

For data-related inquiries, requests, or concerns:

Data Protection Officer

Aqua Pranah Pranah

Email: clintondavid46@gmail.com

Phone: +254 701 176 923

Response time: Within 48 hours for urgent matters, 7 days for standard requests