Matterwise – Privacy Policy (Kenya & Rest of Africa)

Effective Date: 5 February 2025
Last Updated:  8 December 2025

This Privacy Policy explains how Matterwise (“We”, “Us”, “Our”) collects, uses, stores, and protects personal information. By using matterwise.net or any Matterwise service, you agree to the terms in this Policy.

We are committed to transparency and responsible data handling across all markets where we operate.

1. Scope of This Policy

This Policy applies to:

  • Visitors to our website

  • Clients using our CRM, practice management tools, or portals

  • Users of our training, consultancy, cybersecurity, or marketing services

  • Prospective clients contacting us for information

It covers all data processed through matterwise.net, subdomains, mobile interfaces, and connected systems.

2. Legal Framework

Matterwise complies with:

  • Kenya Data Protection Act (2019)

  • Applicable African data laws (e.g., Nigeria NDPR, South Africa POPIA where relevant)

  • International best-practice privacy and security standards

Where local laws differ, the stricter requirement applies.

3. Information We Collect

We collect data to deliver our services effectively and securely. The types of information include:

A. Information You Provide Directly

  • Name, phone number, email, law firm or organisation name

  • Account login details

  • Billing information

  • Messages sent to our support team

  • Information entered in the CRM (e.g., client matters, contacts, deadlines)

  • Documents you upload to the platform

  • Preferences and settings

B. Information Automatically Collected

  • IP address

  • Device type & browser

  • Usage logs

  • Access dates & times

  • Page views

  • Cookies (essential and functional)

  • Error logs for system improvement

C. Information Collected Through Services

For professional services (e.g., website development, AI training, cybersecurity):

  • Project details

  • Content you provide

  • System configuration data

  • Logs used during security assessments

  • Training documents uploaded for AI assistance

D. Third-Party Integrations

We may receive data from:

  • Payment providers (Paystack, Flutterwave, etc.)

  • Email providers

  • AI tools used during training (Perplexity, NotebookLM, etc.)

  • Analytics platforms

We only collect information necessary to deliver or improve services.

4. How We Use Your Information

We process your data for legitimate purposes, including:

A. To Provide Services

  • Powering CRM and practice management features

  • Delivering websites, marketing, and consultancy services

  • Running AI training sessions

  • Providing IT and cybersecurity support

  • Sending notifications, reminders, or service updates

B. To Improve the Platform

  • Debugging errors

  • Enhancing performance

  • Developing new features

  • Analysing anonymised usage patterns

C. To Communicate With You

  • Responding to support requests

  • Sending onboarding instructions

  • Billing, invoices, and renewal notices

  • Security alerts

  • Product updates

D. Legal & Compliance Purposes

  • Meeting regulatory requirements

  • Preventing fraud, misuse, or security threats

We do not sell personal data.

5. Legal Basis for Processing

We process data under the following bases:

  • Consent – when you register or submit information

  • Performance of a contract – service delivery, support, billing

  • Legitimate interest – system improvement, fraud prevention

  • Legal obligation – documentation required by regulators

6. Cookies & Tracking Technologies

Matterwise uses cookies to:

  • Enable essential site functions

  • Improve user experience

  • Track performance and analytics

  • Secure login sessions

You may disable non-essential cookies through your browser, but essential cookies cannot be turned off because they ensure the system works properly.

7. Data Sharing

We only share data in the following cases:

With Trusted Service Providers

  • Payment processors

  • Hosting providers

  • Email delivery services

  • Security vendors

  • AI training tools used during authorised sessions

All third parties are bound by confidentiality obligations.

When Required by Law

For example, compliance with court orders or regulatory authorities.

Within the Client’s Own Organisation

Administrators of your firm may access user activity within your account.

What We Do NOT Do

  • We do not sell your data.

  • We do not monetise your client information.

  • We do not share data with advertisers.

8. Data Security

We implement strong security measures including:

  • Encrypted data transfer (HTTPS/SSL)

  • Access control and permissions

  • Activity logging

  • Regular backups

  • Server hardening

  • Cybersecurity best practices

No system is 100% secure, but we take reasonable steps to protect your information.

9. Data Retention

We retain your information only as long as necessary to:

  • Deliver services

  • Maintain legal and financial records

  • Prevent fraud or misuse

When you cancel your account:

  • Your active data is stored for a limited retention period

  • Backups may retain encrypted copies for security and compliance purposes

You may request deletion of data where legally allowed.

10. Your Rights (Kenya & Africa)

You have the right to:

  • Access your data

  • Correct inaccurate information

  • Request deletion where applicable

  • Withdraw consent for non-essential processing

  • Object to certain types of processing

  • Request a copy of your data (data portability)

Requests may be submitted to our support email.

11. AI Data Use Disclaimer

When using AI training, consultancy, or drafting support:

  • We DO NOT send your private CRM data to AI tools

  • Only documents you explicitly provide during training may be used

  • You must avoid uploading confidential client information to public AI tools

  • AI outputs must be reviewed and verified by you

  • We do not store or archive training prompts unless required for support

12. International Data Transfers

Data may be processed or stored on servers in or outside Kenya.
We ensure all transfers follow applicable privacy laws and security requirements.

13. Children’s Data

Matterwise is not intended for people under 18.
We do not knowingly collect or process children’s personal information.

14. Updates to This Policy

We may update this Privacy Policy to reflect legal changes or service improvements.

Changes take effect when posted. Continued use of Matterwise means you accept the updated policy.

15. Contact Information

For questions, access requests, or privacy concerns:

Matterwise – Data Protection Office
Email: info@matterwise.net
Website: https://matterwise.net