eSaccoFlow

Our Privacy Policy

Privacy Policy

Last updated: 20 June 2026

eSaccoFlow respects your privacy and is committed to protecting the personal and financial information entrusted to us. This Privacy Policy explains how we collect, use, store, share, and protect information when SACCOs, cooperatives, administrators, members, staff, and other users access or use the eSaccoFlow platform, website, portals, reports, dashboards, and related services.

Data Protection Registration

eSaccoFlow is registered with the Office of the Data Protection Commissioner (ODPC) in Kenya as both a Data Controller and a Data Processor. This means eSaccoFlow is committed to handling personal data responsibly, lawfully, transparently, and securely in accordance with applicable data protection laws and regulations.

When you use eSaccoFlow, we may collect information such as your name, email address, phone number, organization or SACCO details, user role, login information, member records, contribution records, loan records, repayment history, accounting entries, reports, documents, transaction references, audit logs, and technical information such as device, browser, IP address, and usage activity. We collect this information to create and manage user accounts, operate SACCO management features, process financial and operational records, generate reports, provide support, improve platform performance, secure the system, and comply with applicable legal and regulatory requirements.

eSaccoFlow may act as a Data Controller where it determines the purposes and methods of processing personal data, including data collected through its website, platform administration, customer onboarding, support, billing, security, and service improvement activities. eSaccoFlow may also act as a Data Processor where it processes SACCO member, financial, and operational data on behalf of a SACCO, cooperative, or organization using the platform. In such cases, the SACCO or organization may also have its own responsibilities as the primary controller of the member data it collects and enters into eSaccoFlow.

We do not sell personal information. We may share information only where necessary to provide the service, support users, meet legal obligations, protect the platform, or work with trusted service providers such as hosting providers, database providers, payment service providers, email providers, auditors, professional advisers, or regulatory authorities where required. Where third-party service providers are used, we take reasonable steps to ensure they handle data securely and only for the intended purpose.

We use reasonable technical, administrative, and organizational safeguards to protect data against unauthorized access, loss, misuse, alteration, or disclosure. These safeguards may include access controls, authentication, role-based permissions, audit logs, secure hosting, encrypted connections, backups, and monitoring. However, no digital system can be guaranteed to be completely secure, and users are responsible for keeping their login credentials confidential and reporting any suspected unauthorized access immediately.

We retain personal and operational data only for as long as necessary to provide the platform, support the SACCO’s operations, comply with legal, accounting, audit, tax, dispute resolution, and regulatory requirements, or as instructed by the relevant SACCO or organization. When data is no longer required, we may delete, anonymize, archive, or securely dispose of it in accordance with applicable policies and legal requirements.

Users may have rights over their personal data, including the right to be informed, access their personal data, request correction of inaccurate data, object to certain processing, and request deletion where legally applicable. The ODPC lists data subject rights including the right to be informed of how personal data is used and the right to access personal data held by a data controller or processor. Requests relating to SACCO member records should normally be directed first to the relevant SACCO or organization, since they control the member data entered into eSaccoFlow.

eSaccoFlow may use cookies or similar technologies to support login sessions, improve security, remember user preferences, analyze platform usage, and improve the website or application experience. Users may control cookies through their browser settings, but disabling some cookies may affect login, security, or platform functionality.

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, security practices, or business operations. Updated versions will be posted on our website or made available through the platform. Continued use of eSaccoFlow after an update means you accept the revised Privacy Policy.

For privacy questions, data access requests, correction requests, security concerns, or complaints, please contact us through the official contact details provided on the eSaccoFlow website or platform. SACCO members should also contact their SACCO administrator for requests relating to their member account, contributions, loans, repayments, or financial records.

Ready to modernize your SACCO operations?

Request a demo and see how eSaccoFlow can support your SACCO operations.

Request a Demo