Privacy Policy

This Policy explains how CashBass Africa Limited, trading as PesaBass ("PesaBass," "we," "us"), collects, uses, shares, and protects your personal data when you use our websites, apps, marketplace, and services (the "Services").

Effective Date: 1 March 2026 · Last updated: 15 June 2026

1. Who we are

The PesaBass platform is operated by CashBass Africa Limited, a company registered in the Republic of Kenya and trading as PesaBass. We are the data controller for the personal data described here.

We are registered with the Office of the Data Protection Commissioner (ODPC) of Kenya as a Data Controller under the Data Protection Act, 2019, with registration / identification number 348-239B-4746. We process personal data in accordance with that Act and its regulations.

Data Protection Officer (DPO): you can reach our DPO for any privacy, data-rights, or data-protection matter at dpo@pesabass.music. General privacy questions: privacy@pesabass.music.

If you believe we have not handled your personal data lawfully, you have the right to lodge a complaint with the Office of the Data Protection Commissioner (Kenya) at www.odpc.go.ke.

2. Information we collect

Information you give us:

  • Account details: name, username, email, password, profile photo, bio.
  • Creator/seller verification: full legal name, phone, address, ID number and ID document images, next-of-kin (for applications/KYC).
  • Content you upload or stream: videos, audio, images, thumbnails, posts, comments, messages, product listings.
  • Transactions: purchases, gifts, PPV, wallet top-ups, payouts, shipping/billing details. Card details are handled by our payment processor — we do not store full card numbers.

Information collected automatically: device and browser type, IP address, approximate location, pages and content viewed, watch/stream activity, interactions, and identifiers via cookies and similar technologies (see our Cookie Policy).

From third parties: if you sign in with Google or Facebook, we receive basic profile data you authorise; and we receive transaction status from payment processors.

3. How we use your data

  • To provide, personalise, and improve the Services (e.g. recommendations, your feed, search).
  • To process payments, payouts, orders, gifts, PPV, and to prevent fraud.
  • To verify identity for creator/seller/organiser accounts (KYC) and comply with law.
  • To moderate content, enforce our Terms, and keep the platform safe.
  • To communicate with you about your account, security, transactions, and (with your consent where required) marketing.
  • To produce aggregated, non-identifying analytics.

Where required, our legal bases are: performance of a contract with you, your consent, our legitimate interests (e.g. security and improvement), and compliance with legal obligations.

4. How we share data

We do not sell your personal data. We share it only:

  • with service providers who run the platform on our behalf — hosting and database (Supabase), media storage and delivery (Bunny CDN), live infrastructure, payment processing (e.g. Paystack), and email — under contracts that limit their use of the data;
  • between users as needed to complete a transaction (e.g. a buyer's shipping details to the seller fulfilling the order);
  • publicly, for the parts of your profile and content you choose to make public;
  • to comply with law, enforce our Terms, or protect rights, safety, and security;
  • in a merger, acquisition, or asset sale, subject to this Policy.

5. Cookies & tracking

We use cookies and similar technologies for sign-in, preferences, security, and analytics. Manage them via your browser and our Cookie Policy.

6. How long we keep data

We keep personal data while your account is active and as long as needed for the purposes above. After you delete your account we delete or anonymise your data within a reasonable period, except where we must retain certain records (e.g. transaction and tax records, fraud-prevention, or legal holds) for the period required by law.

7. Your rights & choices

  • Access, correct, or update your information in your profile and settings.
  • Delete your account and data — see Data Deletion.
  • Object to or restrict certain processing, and withdraw consent (e.g. marketing) at any time.
  • Request a copy of your data (portability) where applicable.

To exercise these rights, email privacy@pesabass.music. We may need to verify your identity first.

8. Security

We use technical and organisational measures — including encryption in transit, access controls, and optional two-factor authentication — to protect your data. No method is 100% secure, so we cannot guarantee absolute security; keep your password and 2FA safe and tell us of any suspected misuse.

9. Children

The Services are not directed to children under 13, and we do not knowingly collect their data. Users 13–17 may use basic features only with parental consent and supervision. If you believe a child has provided us data, contact us and we will delete it.

10. International transfers

Our providers may process data in countries other than yours. Where we transfer data internationally, we use appropriate safeguards (such as reputable providers with contractual protections) consistent with applicable law.

11. Third-party services

The Services link to or rely on third parties (payment processors, social login, embedded media). Their handling of your data is governed by their own privacy policies, which we encourage you to read.

12. Changes to this Policy

We may update this Policy. Material changes will be notified in-app or by email. The "Last updated" date above shows the latest revision; continued use means you accept the updated Policy.

13. Contact us

Privacy questions or requests: privacy@pesabass.music. See also our Terms of Service and Cookie Policy.