Privacy Policy

Last updated: 2026-06-09

This page explains what data Pangaji collects, how we use it, and the choices you have. We aim to collect the minimum needed to run the service.

1. What we collect

• Account info: your name, email, phone (optional), and a hashed password (we never store passwords in plaintext).
• Property data: properties, units, tenancies and tenants you add — names, phone numbers, rent amounts, billing dates.
• Payment metadata: M-Pesa transaction confirmations sent to us by Safaricom Daraja when your tenants pay your Paybill. We do not see your tenants' M-Pesa PINs or full M-Pesa account details — only the confirmation message (transaction ID, amount, payer phone, account reference).
• Daraja credentials: the API keys you provide to connect your Paybill. Sensitive parts (Consumer Secret, Passkey) are encrypted at the column level using AWS KMS envelope encryption before being written to the database.
• Technical logs: IP address, user-agent, requests to our API. Used for debugging and abuse mitigation. Rotated regularly.
• Bug reports: if you file one, we keep the title, description, your email, and any files you attach.

2. How we use it

• To run the service: match payments to the right unit, send reminders, surface defaulters.
• To contact you about your account: verification, password reset, important changes.
• To improve the product: aggregated, non-identifying usage stats.
• We do not sell your data, ever. We do not run advertising.

3. Money flow

Pangaji never holds rent money. Tenants pay via M-Pesa STK Push directly into your Paybill/Till at Safaricom. We orchestrate the payment prompt and reconcile the confirmation — we do not custody funds. This is a load-bearing design decision for both your trust and Kenyan regulatory compliance.

4. Service providers we share data with

• Safaricom Daraja — for M-Pesa payment prompts and receipt confirmations.
• SMS Leopard — for transactional SMS to tenants (reminders, receipts).
• Zoho Mail — for transactional email to you (verification, password reset, bug-report notifications).
• Amazon Web Services (AWS Lightsail) — for hosting and encrypted storage of secrets.
• Google — if you sign in with Google, we receive your email address and name from your Google profile. Nothing else.

5. Security

• Passwords hashed with argon2id.
• Per-landlord M-Pesa secrets encrypted at the column level via AWS KMS.
• HTTPS everywhere (TLS via Let's Encrypt).
• Database not exposed to the public internet.
• Rate-limited public endpoints to mitigate abuse.

6. Your rights

You can:

• See your data — your dashboard shows what we have on you.
• Edit your data — directly in the dashboard.
• Delete your account and data — email hello@pangaji.site and we'll honor it within 30 days. Some records (audit trails, financial transaction logs) may be retained as required by Kenyan law.

7. Cookies / local storage

We store a session token in your browser's localStorage to keep you signed in. We use a short-lived cookie during Google sign-in to prevent cross-site request forgery. We do not use tracking cookies or third-party analytics scripts.

8. Children

Pangaji is for landlords — adults. We don't knowingly collect data from anyone under 18.

9. Changes to this policy

If we materially change this policy, we'll notify account holders via email at least 14 days before the change takes effect.

10. Contact

Questions: hello@pangaji.site

← Back to homepage