Privacy Policy

1. Introduction

This Tinker Payments Privacy Policy (the "Agreement" or "Policy") is entered into between you as a registered user ("Registered User") of our payment middleware platform ("Platform") and Tinker Digital Limited (Kenya) and Tinker Digital LLC (USA), collectively referred to as "Tinker Digital," "we," "us," or "our." Tinker Digital Limited is a Private Limited Company registered in Kenya, with a registered address at 663 Olenguruone Road, Nairobi, 00200, Kenya. Tinker Digital LLC is a Limited Liability Company registered in the United States, with a registered address at 30 N Gould St Ste N, Sheridan, WY 82801, USA.

The security of your personal information is very important to Tinker Payments and we appreciate you for trusting us in safekeeping your personal information. We will not sell or loan your personal information to a third party under any circumstances.

2. What Personal Information Do We Collect?

You may choose to access our Platform without revealing any personal and transactional information about yourself, but you will need to register and create an account in order to use our payment processing services.

Tinker Payments collects personal information that you provide when using the Platform. This information includes:

• Your first and last name, email address, password, and other information required when you create your Tinker Payments account
• Business information including company name, registration details, and tax identification numbers
• Payment gateway credentials and API keys (encrypted and stored securely)
• Transaction data including payment amounts, currencies, customer information, and payment references
• Technical information including IP addresses, device identifiers, and browser information

3. Payment and Transaction Information

When you process payments through our Platform, we collect and process:

• Payment amounts, currencies, and transaction references
• Customer payment information (email addresses, phone numbers) as required by payment gateways
• Merchant references and transaction descriptions
• Payment gateway responses and callback data
• Fraud detection and risk assessment data

Important: Tinker Payments does not store full credit card numbers or sensitive payment card data. All payment processing is handled by third-party payment gateways (M-Pesa, Paystack, Stripe, Adyen) in accordance with PCI DSS standards. We only store transaction metadata and references necessary for payment reconciliation and reporting.

4. How Do We Use Your Personal Information?

We do not sell, loan, trade, or exchange any user's personal information. The information we collect on the Platform will be used to:

• Register you as a member of Tinker Payments and manage your account
• Process and facilitate payment transactions through integrated payment gateways
• Provide payment status updates and transaction notifications
• Respond to customer service inquiries and requests
• Resolve disputes and prevent prohibited and illegal activities
• Customize, measure, and improve our services and your experience
• Communicate service updates, security alerts, and important notices
• Prevent and detect fraud through our fraud detection systems
• Comply with legal obligations and regulatory requirements
• Enforce our Terms of Use and related agreements

5. Does Tinker Payments Share the Information it Receives?

We do not sell or loan your personal information to any third parties under any circumstances. However, we will share your personal customer information only with:

• Payment Gateway Providers: We share necessary transaction data with payment gateways (M-Pesa, Paystack, Stripe, Adyen) to process payments. These providers have their own privacy policies governing how they handle your data.
• Service Providers: We may share information with trusted third-party service providers who assist us in operating our Platform, conducting business, or serving our users, including cloud hosting providers, analytics services, and customer support tools.
• Legal Requirements: We may disclose information when required by law, government authorities, law enforcement bodies, or other legal requirements, including to comply with court orders, subpoenas, or regulatory requests.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.

6. How Can We Protect the Security of Your Personal Information?

Your personal information is protected by the password you created when you created an account on the Platform. Please keep this password confidential. No Customer Service Associate or any other representative of Tinker Payments will ever ask you for your password.

We implement industry-standard security measures to protect your information:

• Encryption: We use Secure Sockets Layer (SSL) technology to encrypt sensitive information before it is sent over the Internet
• Secure Storage: Payment gateway credentials and API keys are encrypted at rest using AES-256 encryption
• Access Controls: Access to personal information is restricted to authorized personnel only
• Regular Audits: We conduct regular security audits and assessments
• PCI DSS Compliance: We follow Payment Card Industry Data Security Standards (PCI DSS) best practices

7. Data Retention

We retain your personal information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. Transaction data is retained in accordance with financial record-keeping requirements and may be kept for up to 7 years as required by law.

8. Your Rights

You have the right to:

• Access and review your personal information
• Request correction of inaccurate or incomplete information
• Request deletion of your personal information (subject to legal and contractual obligations)
• Object to processing of your personal information
• Request data portability
• Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided in the "Contact Us" section below.

9. Cookies and Tracking Technologies

When you visit our Platform, you will be assigned a permanent "cookie" (a small text file) that will be stored on your computer's hard drive. The purpose of the cookie is to identify you when you visit our Platform so that we can enhance and customize your experience.

We also collect certain technical information from your computer each time you request a page during a visit to the Platform. This information may include your Internet Protocol (IP) address, your computer's operating system, browser type, and the address of a referring website if any.

10. Changes to This Privacy Policy

We realize that using payment services online requires trust on your part. We highly value your trust and pledge to you, our clients, that we will work hard to protect the security and privacy of any personal information you provide to us and that your personal information will only be used as set forth in this Policy.

Our business changes constantly, and our Privacy Policy will change accordingly. Tinker Payments reserves the right to update or modify this Policy at any time without prior notice. You should check our website frequently to learn about recent changes. The "Last Updated" date at the top of this page indicates when this Policy was last revised.

11. Contact Us

If you have any questions or concerns about this privacy policy, please contact us at: