Effective Date: June 27, 2026
We collect several categories of information to provide and secure our platform: ⢠Account Data: Your name, email address, telephone number, hashed credentials, and billing profile details. ⢠Profile Information: Student and child profile details supplied directly by a parent or guardian, including age, interests, and diagnostic test responses. ⢠Technical & Log Data: System logs, IP addresses, browser types, user-agent details, access times, and diagnostic telemetry. This is processed automatically when you interact with our services. ⢠Platform Activity: Booking records, tutor match results, learning progress statistics, attendance logs, and completed lessons. ⢠Payment Information: Transaction receipts, payment reference codes, and billing metadata connected to M-Pesa or other processed payments. Note: We do not collect or store your private payment PINs.
We process personal information under strict lawful grounds to fulfill the following objectives: ⢠Service Delivery: To facilitate student onboarding, coordinate bookings, manage class paths, and enable the Tutor Marketplace. ⢠Security & Protection: To detect, investigate, and prevent malicious activities, unauthorized access, or unauthorized scraping/crawling of our codebase and materials. ⢠Analytics & System Improvements: To run telemetry diagnostics, evaluate user experiences, refine our curricula, and optimize browser compatibility. ⢠Communications: To send administrative notifications, billing alerts, platform system updates, and opt-in updates via email or WhatsApp.
We do not sell your personal data. We disclose your data only to trusted partners and services under standard data-processor agreements: ⢠Tutors and Mentors: Standard contact and learning profiles are shared with assigned tutors/mentors strictly to complete requested and scheduled tutoring sessions. ⢠Hosting & Storage: Secure cloud database engines and hosting platforms (such as Google Cloud Run and Firebase). ⢠Payment Processors: Transaction details are shared with certified payment gateways (e.g. M-Pesa / Daraja API) solely to process valid memberships and marketplace transactions.
We retain your personal data only as long as is necessary to satisfy the objectives specified in this policy: ⢠Active Accounts: Personal and progress records are stored for as long as your account is active or as required to continue providing platform access. ⢠Security Logs: System logs and diagnostic telemetry are retained for up to 90 days to verify system integrity and prevent cyberattacks before automatic removal. ⢠Financial Data: Transaction histories and billing receipt records are retained for a longer period in accordance with statutory accounting and tax compliance laws.
Subject to your local jurisdiction (e.g., Kenyan Data Protection Act, GDPR), you hold several core rights regarding your personal data: ⢠Access & Portability: You may request a complete export of the personal data we hold about you. ⢠Correction: You can demand immediate modification or correction of inaccurate, outdated, or incomplete profile data. ⢠Deletion: You can request the erasure of your account and related personal details from our systems. To exercise any of these rights, please contact our team at legal@davinxicabin.com.
Our platform uses cookies and similar storage technologies to sustain active sessions, authenticate users, remember local interface preferences, and analyze site traffic patterns. ⢠Essential Cookies: Necessary for security and user sessions (such as NextAuth token cookies). ⢠Analytics Cookies: Used to observe anonymized user paths and optimize page load performance. ⢠Opt-Out: You can adjust your browser settings to reject cookies, though doing so may prevent access to parts of our interactive dashboard interfaces.
We deploy robust, modern security protocols (including TLS/HTTPS transport protection, encrypted databases, and token-gated content distribution) to safeguard your files and personal records. However, no digital transmission or cloud storage is completely impregnable. If we detect any unauthorized breach of data, we will immediately execute containment protocols and alert affected users.
If you have any questions, concerns, or complaints about this Privacy Policy, please send a message to our legal compliance desk at legal@davinxicabin.com or hello@davinxicabin.com.