1. Introduction and Scope
Effective Date: This Privacy Policy is effective as of July 1, 2026, and applies going forward unless replaced by a newer version.
Who We Are: Neer Technologies Ltd ("Neer", "we", "us", or "our") is the legal entity responsible for developing and operating the Neer Point of Sale (POS) and ERP software described in this policy.
Scope: This policy applies to everyone who accesses or uses Neer's services, including our web platform, desktop applications, mobile companion apps, and any associated APIs or support services (collectively, the "Services"). It covers business owners, staff members operating the Services on behalf of a business, and any individual whose data is processed through the Services.
This policy has been designed to align with the stringent requirements of the Kenya Data Protection Act, 2019 and global best practices.
2. Information We Collect
To provide you with a reliable and fully operational POS and ERP system, we collect information across four main categories:
A. Account & Profile Information
- Account Data: Business name, individual name, email address, physical location, and phone number provided during registration to create and secure your account.
- Business Details: Business registration numbers, industry type, and staff roles used to configure and personalize your account.
B. Financial & Payment Data
- Compliance Data: KRA PINs, VAT details, and business registration numbers necessary for setting up KRA eTIMS integrations.
- Payment Identifiers: Mobile payment identifiers (such as M-Pesa phone numbers, PayBill, and Till numbers), transaction timestamps, and payment gateway logs required to process and reconcile transactions.
- Customer Data: Phone numbers, names, and purchase histories of your customers that you input to operate your loyalty programs and CRM.
C. Business & Tax Operations Data
- Transaction Data: Sales records, inventory levels, invoice details, items sold, amounts, and payment methods processed through the platform.
- Regulatory Data: Data routed through virtual sales control units and eTIMS integrations for tax and regulatory compliance purposes.
D. Technical & Usage Data
- Device & Usage Data: IP addresses, browser types, device identifiers, login timestamps, and logs of how users interact with the interface, collected to monitor platform security and performance.
E. Information from Third Parties
- Payment Processors: We receive confirmation data from Safaricom (Daraja API) and Payhero Kenya when an M-Pesa STK Push, PayBill, or Till Number transaction is completed, so we can reconcile your accounts.
3. How We Use Your Information
We do not use your data for advertising purposes. Your information is used strictly to operate, secure, and improve the Neer platform:
- To Provide the Service: Operating core POS functionalities, managing inventory, and processing daily transactions.
- To Automate Payments: Processing payments securely via M-Pesa and card terminals.
- For Analytics and Insights: Analyzing retail data to generate automated business intelligence, revenue forecasts, and inventory recommendations that help you run your business more effectively.
- For Legal and Regulatory Compliance: Automatically generating and submitting required fiscal receipts to the Kenya Revenue Authority (KRA) via eTIMS, and ensuring transaction records meet applicable tax authority requirements and reporting standards.
- For System Improvement: Troubleshooting bugs, monitoring for fraudulent activity and unauthorized access, and improving the user interface and overall experience.
- For Operational Communications: Sending critical emails such as password resets, subscription renewals, and system downtime alerts.
4. How We Share Your Information
We never sell or rent your personal or business information to third-party marketers. We only share information with trusted third parties when necessary to operate our service:
- Payment Service Providers: We exchange necessary transaction tokens and confirmation data with Safaricom and Payhero Kenya to facilitate M-Pesa and card payments.
- Third-Party AI & Analytics Providers: Where you use features such as automated business insights, revenue forecasts, or reporting summaries, relevant business data may be securely processed by third-party artificial intelligence models or analytics services solely to generate those insights on your behalf.
- Regulatory Authorities: We transmit invoice and sales data to the Kenya Revenue Authority (KRA) as required for real-time tax compliance and eTIMS obligations.
- Infrastructure Providers: We use secure, enterprise-grade cloud hosting providers to store your data. These providers are bound by strict confidentiality and data processing agreements.
- Legal Requirements: We may disclose information where required to comply with a subpoena, court order, regulatory request, or other legal obligation, or to protect the rights, property, or safety of Neer, our users, or the public.
5. Data Security and Retention
Securing your data is our highest priority. We deploy rigorous technical and organizational measures:
- Encryption: All data in transit is secured using TLS 1.3, and sensitive database information is encrypted at rest using AES-256 standards.
- Access Control: We enforce strict Role-Based Access Control (RBAC) and secure authentication protocols. Neer support staff cannot access your raw sales data without your explicit, temporary authorization.
- Backups: Your business data is backed up daily across geographically distributed, secure servers to prevent data loss.
Data Retention: We retain your personal and business data only for as long as your account is active or as needed to provide our services. In compliance with Kenyan tax laws and the Tax Procedures Act, specific financial and transaction records (such as fiscal receipts) are securely retained for a minimum of five (5) years, even if you close your account. Once data is no longer required for legal, financial, or operational purposes, it is securely and permanently deleted from our systems.
6. Cookies & Tracking Technologies
Neer uses essential cookies and similar tracking technologies to keep you logged into your POS dashboard securely across sessions. We also use minimal analytics tracking to understand how our software is performing and where we can improve the user experience. You can manage your cookie preferences through your browser settings.
7. Your Privacy Rights
Under the Kenya Data Protection Act, 2019, you retain full control over your personal data. You have the right to:
- Access & Correction: View, update, or correct your profile and business information at any time from your account settings, or request a full, machine-readable export of your business data.
- Data Deletion: Request the permanent deletion of your account and associated non-regulatory personal data, subject to the legal financial retention requirements described in Section 5.
- Opt-Outs: Unsubscribe from marketing or feature announcement emails at any time using the link provided in those emails, without affecting critical operational notifications such as security or billing alerts.
- Objection: Lodge a formal complaint with the Office of the Data Protection Commissioner (ODPC) if you believe your rights have been violated.
8. Changes to this Policy
We may update this Privacy Policy periodically to reflect new system features or changes in our legal obligations. Whenever this policy is updated, we will revise the "Last Updated" date at the top of this page, and we will notify all active account holders via email or a prominent dashboard notification at least 14 days before material changes take effect.