Privacy Policy

Last Updated: January 12, 2026

                Summary: We collect minimal data necessary to provide our services. We never sell your personal information. Children's data is protected with extra care under COPPA and Kenya's Data Protection Act.
            

1. Introduction

Tija Kids ("we," "our," or "us") operates the Tija Kids mobile application and website (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and complying with applicable data protection laws, including:

Kenya's Data Protection Act, 2019
Children's Online Privacy Protection Act (COPPA)
General Data Protection Regulation (GDPR) where applicable

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide when using our Service:

Account Information: Name, email address, password (encrypted)
Profile Information: Profile pictures, display names, household settings
Child Information: Child's name, age/birthdate, avatar preferences (collected with parental consent)
Registry Information: Baby registry details including names, email addresses, due dates, and item preferences
Communication Data: Support tickets, feedback, and correspondence with us

2.2 Information Collected Automatically

When you use our Service, we automatically collect:

Device Information: Device type, operating system, unique device identifiers
Usage Data: Features used, time spent, interaction patterns
Log Data: IP address, browser type, access times, pages viewed
Analytics Data: Aggregated usage statistics to improve our Service

2.3 Information from Third Parties

We may receive information from:

Authentication providers (Google Sign-In)
Payment processors (for premium subscriptions)
Analytics services (Firebase Analytics)

3. How We Use Your Information

We use collected information to:

Provide, maintain, and improve our Service
Create and manage your account
Process transactions and send related information
Send administrative messages, updates, and security alerts
Respond to your comments, questions, and support requests
Send promotional communications (with your consent)
Monitor and analyze usage patterns and trends
Detect, prevent, and address technical issues and fraud
Comply with legal obligations

4. Children's Privacy

                Important: We take children's privacy seriously. Child accounts are created and managed by parents/guardians only.
            

Our Service is designed for families with children. We comply with COPPA and Kenya's Data Protection Act regarding children's data:

We do not knowingly collect personal information from children under 13 without verifiable parental consent
Parents/guardians create and control child profiles
Children access the app using a PIN code, not personal credentials
We collect minimal data from children (name, age, task/reward activity)
Parents can review, modify, or delete their child's information at any time
We do not display targeted advertising to children
We do not share children's personal information with third parties for marketing

5. Data Sharing and Disclosure

We do not sell your personal information. We may share information in these circumstances:

5.1 With Your Consent

We share information when you explicitly consent, such as sharing a baby registry with family members.

5.2 Service Providers

We use trusted third-party services to operate our Service:

Firebase (Google): Authentication, database, hosting, analytics
Brevo: Email communications
Apple/Google: In-app purchases and subscriptions

5.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, privacy, safety, or property.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

Encryption of data in transit (TLS/SSL) and at rest
Secure authentication with hashed passwords and PIN codes
Regular security audits and updates
Access controls limiting employee access to personal data
Firestore security rules enforcing data access permissions

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specifically:

Account Data: Retained until account deletion
Transaction History: Retained for 7 years for legal/tax purposes
Registry Data: Retained until you delete it or 2 years of inactivity
Analytics Data: Aggregated and anonymized after 26 months

You can request deletion of your data at any time (see Your Rights section).

8. Your Rights

Under Kenya's Data Protection Act and other applicable laws, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Limit how we process your data
Portability: Receive your data in a structured, machine-readable format
Objection: Object to processing for direct marketing
Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, contact us at privacy@tija.kids.

9. Marketing Communications

With your consent, we may send promotional emails about new features, products, or services. You can opt out at any time by:

Clicking "unsubscribe" in any marketing email
Updating your preferences in the app settings
Contacting us directly

We will never send marketing communications to children.

10. International Data Transfers

Your information may be transferred to and processed in countries other than Kenya, including the United States (where Firebase servers are located). We ensure appropriate safeguards are in place for such transfers in compliance with Kenya's Data Protection Act.

11. Cookies and Tracking

Our website uses cookies and similar technologies to:

Remember your preferences
Analyze website traffic
Improve user experience

You can control cookies through your browser settings. Disabling cookies may affect some features.

12. Third-Party Links

Our Service may contain links to third-party websites. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Posting the new policy on this page
Updating the "Last Updated" date
Sending an email notification for significant changes

Your continued use of the Service after changes constitutes acceptance of the updated policy.

14. Kenya Data Protection Act Compliance

In accordance with Kenya's Data Protection Act, 2019:

We are registered with the Office of the Data Protection Commissioner (ODPC) as required
We process personal data lawfully, fairly, and transparently
We collect data for specified, explicit, and legitimate purposes
We implement appropriate security measures
We respect data subject rights as outlined in the Act

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@tija.kids

Support: support@tija.kids

Address: Nairobi, Kenya