Your privacy is critically important to us. This policy explains how PesaBass Music ("PesaBass," "we," "us," or "our") collects, uses, protects, and shares your personal information.
Effective Date: March 1, 2026
1. Information We Collect
We collect information to provide and improve our services. The types of information we gather include:
1.1 Information You Provide Directly
Account Information: Name, email address, phone number, username, password, profile picture, and date of birth when you create an account.
Payment Information: Billing address, mobile money numbers, and card details (processed securely through our payment partners — Paystack). We do not store full card numbers on our servers.
Artist/Organizer Information: If you register as an artist or event organizer, we collect additional details such as stage name, biography, bank/mobile money details for payouts, and portfolio information.
User Content: Music, videos, images, comments, messages, reviews, and any other content you upload or share on the platform.
Communications: Emails, support tickets, and feedback you send to us.
Survey & Contest Data: Responses to surveys, competitions, or promotional activities you participate in.
1.2 Information Collected Automatically
Device Information: Device type, operating system, browser type, screen resolution, unique device identifiers, and mobile network information.
Usage Data: Pages visited, features used, search queries, listening history, playback duration, clicks, timestamps, and interaction patterns.
Location Data: Approximate location based on IP address. We do not collect precise GPS location without your explicit consent.
Cookies & Tracking Technologies: We use cookies, local storage, web beacons, and similar technologies. See our Cookie Policy for details.
Log Data: IP address, access times, referring URLs, and error logs.
1.3 Information from Third Parties
Social Login Providers: If you sign in using Google or Facebook, we receive your name, email, and profile photo as permitted by your social account settings.
Payment Processors: Transaction status and reference information from Paystack.
Analytics Partners: Aggregated, anonymized usage analytics from services like Google Analytics and Firebase Analytics.
2. How We Use Your Information
We use the collected information for the following purposes:
Provide & Operate Services: Deliver the PesaBass platform, process transactions, manage your account, and enable core features like streaming, uploads, and social interactions.
Personalization: Recommend music, videos, artists, and content tailored to your listening habits and preferences using AI-assisted algorithms.
Communication: Send transactional emails (receipts, verification, security alerts), service updates, newsletters, and promotional content. You can opt out of marketing emails at any time.
Analytics & Improvement: Analyze usage trends, diagnose technical issues, measure feature effectiveness, and improve the platform experience.
Safety & Security: Detect and prevent fraud, abuse, spam, and unauthorized access. Enforce our Terms of Service and Community Guidelines.
Legal Compliance: Comply with applicable laws, regulations, legal processes, and governmental requests.
Artist Payments: Calculate royalties, process payouts, and maintain accurate financial records for artists and organizers.
Advertising: Display relevant advertisements and promotional content within emails and on the platform. We do not sell your personal data to third-party advertisers.
3. How We Share Your Information
We do not sell your personal information. We may share data in these circumstances:
Service Providers: Trusted third parties that help us operate the platform (e.g., Paystack for payments, Mailtrap for email delivery, Bunny.net for content delivery, Firebase/Google Cloud for hosting and infrastructure).
Artists & Event Organizers: Limited information (such as your display name) may be visible to artists or organizers when you interact with their content, attend events, or make purchases.
Legal Requirements: When required by law, court order, or governmental request, or to protect the rights, property, or safety of PesaBass, our users, or others.
Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred. We will notify you of any such change.
With Your Consent: We may share data with third parties when you explicitly consent to such sharing.
Aggregated Data: We may share anonymized, aggregated data with partners for industry research and analytics purposes.
4. Data Security
We implement industry-standard security measures to protect your data including:
Encryption of data in transit (TLS/SSL) and at rest.
Secure authentication using Firebase Authentication with support for multi-factor authentication.
Regular security audits and vulnerability assessments.
Role-based access controls for employee access to user data.
PCI-compliant payment processing through Paystack.
Automated threat detection and account protection systems.
While we strive to protect your data, no system is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication.
5. Your Rights & Choices
Depending on your jurisdiction, you may have the following rights:
Access: Request a copy of the personal data we hold about you.
Correction: Request correction of inaccurate or incomplete data.
Deletion: Request deletion of your personal data (subject to legal obligations).
Data Portability: Request your data in a structured, machine-readable format.
Withdraw Consent: Withdraw consent for data processing where consent was the legal basis.
Object to Processing: Object to processing of your data for direct marketing or profiling purposes.
Restriction: Request restriction of processing in certain circumstances.
Communication Preferences: Unsubscribe from marketing emails via the link in each email, or manage notification settings in your account.
We retain your personal data for as long as your account is active or as needed to provide services. Specific retention periods:
Account Data: Retained while your account is active. Deleted within 90 days of confirmed account deletion.
Transaction Records: Retained for 7 years for tax, legal, and financial compliance purposes.
Usage Logs: Retained for up to 24 months for analytics and security purposes.
Support Communications: Retained for 3 years after ticket resolution.
Content you upload: Removed from public access within 30 days of deletion request, and permanently purged within 90 days.
7. Children's Privacy
PesaBass is not directed at children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If we discover that we have collected data from a child, we will promptly delete it. If you believe a child has provided us with personal information, please contact us at privacy@pesabass.music.
8. International Data Transfers
PesaBass is headquartered in Nairobi, Kenya. Your data may be processed and stored in Kenya, the United States, the European Union, or other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers, including contractual data protection agreements compliant with applicable data protection laws including the Kenya Data Protection Act (2019), the EU General Data Protection Regulation (GDPR), and the South African Protection of Personal Information Act (POPIA).
9. Account Deletion
You can request deletion of your PesaBass account at any time through your Account Settings or by contacting support. Upon deletion:
Your profile, playlists, and social data will be removed from public view immediately.
Uploaded content (music, videos) will be delisted within 30 days.
Financial records will be retained as required by law.
Account recovery is possible within a 30-day grace period.
After 90 days, all personal data is permanently deleted (except as legally required).
10. Third-Party Services & Links
PesaBass may contain links to third-party websites, services, or integrations (e.g., YouTube, payment processors, social media platforms). We are not responsible for the privacy practices of these third parties. We encourage you to review their respective privacy policies before sharing personal information.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email and/or a prominent notice on the platform at least 30 days before the changes take effect. Continued use of PesaBass after changes constitutes acceptance of the updated policy.
12. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: