Lockpesa Get the app for better experience
Install

Privacy Policy

Last updated: January 2, 2026

1. Purpose of Lockpesa’s Privacy Policy

The Platform is owned and operated by Teelpay Technologies Ltd (“Lockpesa trademark for it's escrow service”), a company incorporated in Kenya, registration number PVT-OD1KBYJ5. In this policy, “we”, “us” and “our” refer to Lockpesa and references to “you” and “your” refer to you, the user of the Platform and our customer (“Customer”). For the purposes of the applicable Kenyan data protection laws, including the Data Protection Act 2019, we are the data controller.
The adopted policy is in accordance with legislative requirements and the standards in place to protect the data obtained, collected, recorded, and processed about individuals. The information provided to us by individuals is necessary and incidental to:
Providing the products and services that we offer;
Facilitating secure payments and escrow transactions through M-PESA and other supported payment methods;
The normal day-to-day operations of our business;
Pursuing the legitimate interests of Lockpesa and any other third parties in connection with the above activities.
This Policy (together with our Terms of Service and any other documents referred to in it) is published with the aim of making it easy for our users, customers, and the public to understand what data we collect, store, and process, why we do so, how we receive and/or obtain that information, and the rights an individual has with respect to their data in our possession.
By using the Platform, including our products and services, individuals consent to how we obtain and process personal data, including the purposes for which we process data and how we share data internally and with third parties. We take the security of personal information very seriously.
Payments and transaction settlements on the Platform may be processed through M-PESA and other approved financial service providers in Kenya.

2. Who and What This Policy Applies To

We handle data in our own right and also for and on behalf of our customers and users. Our policy does not apply to information we collect about businesses or companies; however, it does apply to information about the people in those businesses or companies which we store.
The policy applies to all forms of information, physical and digital, whether collected or stored electronically or in hard copy.
If, at any time, an individual provides data or other information about someone other than themselves, the individual warrants that they have that person’s consent and authorisation to provide such information for the specified purpose.
Lockpesa is not available to children (persons under the age of 18 years).
When applicable, individuals may be contacted by Lockpesa where legitimate interest is established as a lawful basis for communication. Communication in the form of customer support, transactional support, payment confirmations, M-PESA transaction notifications, and transactional emails may be made where it is deemed that an individual can reasonably expect their data to be processed for particular contexts.
All communication will contain no marketing material unless the individual has expressly consented to receive such communication. Individuals will have the option to opt out of non-essential communications at all times.

3. Information We Collect

We collect information that you provide directly to us, including:
  • Name, email address, and phone number
  • Payment information and transaction history
  • Identity verification documents (KYC)
  • Account credentials and preferences
When you use our Platform, we automatically collect:
  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • Location data (if permitted)
  • Cookies and similar tracking technologies

4. How We Use Your Information

We use the information we collect to:
  • Provide, maintain, and improve our services
  • Process transactions and manage your account
  • Verify your identity and prevent fraud
  • Send you important updates and notifications
  • Respond to your inquiries and provide customer support
  • Comply with legal obligations
  • Analyze usage patterns to improve user experience

5. Disclosure of Personal Data

  • We will disclose information upon your authorisation and instruction to your advisers (such as accountants, lawyers, financial or other professional advisers). It may be necessary for us to disclose an individual’s data to third parties in a manner compliant with applicable Kenyan laws during the course of our business operations, including processing activities such as verification, due diligence, website hosting, data analytics, and payment processing through Lockpesa and M-PESA services.

    We may disclose your data to credit reference agencies and verification partners for the purposes of verifying your identity and M-PESA account information. We will not disclose or sell an individual’s data to unrelated third parties under any circumstances unless we engage other companies to perform tasks on our behalf and need to share your information with them in order to provide products and services to you, and we have obtained your consent to do so.

    There are certain circumstances in which we may disclose an individual’s information:

    • When you have given us explicit permission

      Where we reasonably believe that an individual may be engaged in fraudulent, deceptive, or unlawful activity that a governmental authority should be made aware of;

    • As required by any applicable law, regulation, court order, or legal process in Kenya;

    • To provide individuals and customers with information about other goods and services we may offer that are similar to those that you have used or enquired about with Lockpesa;

    • As required by Kenyan and overseas regulators and authorities in connection with their duties, including regulators or authorities having access to payment details (including information about others involved in the payment);

    • Fraud prevention agencies. In particular, we will always notify fraud prevention agencies if you provide false or fraudulent information. These agencies may also allow other organisations (within Kenya or abroad), including law enforcement agencies, to access this information for the purposes of preventing and detecting fraud, money laundering, or other crimes;

    • In connection with the sale, merger, acquisition, financing, liquidation, or transfer of our business assets, where personal data may be transferred to a new owner or successor entity.

    We will not disclose an individual’s data to any entity outside Kenya unless adequate safeguards are in place to ensure that personal data is protected in accordance with the Kenya Data Protection Act, 2019, and any other applicable privacy laws. We will take reasonable steps to ensure that any disclosure to an entity outside Kenya will not occur until that entity has agreed in writing to safeguard personal data in a manner consistent with this Privacy Policy.

    If the Company becomes involved in a merger, asset sale, financing, liquidation, bankruptcy, or acquisition of all or part of the business by another company, we may share information with that company before and after the transaction closes.

    Here is your revised version with “Trustap” replaced by “Lockpesa” in Kenya and reference to M-PESA included where relevant:

6. Consent To Collection Of Data

  • An individual may opt to not have us collect their data and communicate with them at certain times. This may prevent us from offering them some or all of our services and may terminate their access to Lockpesa, or other services they access with or through us.

    Opt In: Where relevant, the individual will have the right to choose to have information collected and/or receive information from us.

    Opt Out: Where relevant, the individual will have the right to choose to exclude himself or herself from some or all collection of information and/or receiving information from us. An individual may revoke their consent at any time, and the decision to opt out will be made through the same media by which the individual opted in.

    If an individual believes that they have received information from us that they did not opt in or out to receive, they should contact us using the details below.

7. The Safety & Security Of Data

  • We will take all reasonable precautions to protect an individual’s data from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.

    The security of online transactions, including payments made via M-PESA or other electronic means, and the security of communications sent electronically or by post cannot be fully guaranteed. Each individual that provides information to us via the internet or by post does so at their own risk.

    We cannot accept responsibility for misuse, loss, or unauthorised access to data where the security of information is not within our control. We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose an individual’s data to in accordance with this policy or any applicable laws).

    If an individual suspects any misuse, loss, or unauthorised access to their data, they should notify us immediately. We are not liable for any loss, damage, or claim arising from another person’s use of the data where we were authorised to provide that person with the data.

8. How To Access And/Or Update Information

  • The applicable data protection laws give you the right to request from us the data that we have about you.

    If an individual cannot update their own information, we will correct any errors in the data we hold promptly after receiving written notice. It is the individual’s responsibility to provide accurate and truthful data. We cannot be liable for incorrect information provided to us.

    Where updates are made, we may require further verification, including from third parties such as financial service providers or payment systems like M-PESA.

    We may charge a reasonable fee for data access requests, not exceeding the equivalent of €10 per request. Information will be provided within 40 calendar days of receipt of the request.

9. Complaints And Disputes

  • You have the right to object to us processing your information in relation to:

    • Processing based on legitimate interests or public interest tasks (including profiling)

    • Direct marketing

    • Processing for scientific, historical research, or statistical purposes

    If an individual has a complaint about our handling of their data, they should submit it in writing using the contact details below.

    You also have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been infringed.

    If a dispute arises, both parties will first attempt to resolve it directly. If we become aware of any unauthorised access to data that may pose a high risk to individuals, we will notify affected individuals without undue delay.

10. Additions To This Policy

  • We may update this policy from time to time to comply with legal obligations or changes in our practices. Any updates will take effect once we notify users.

    If we make material changes, we will inform users and publish updates on our Platform at: www.lockpesa.com/privacy

    It is the user’s responsibility to review this policy regularly. We may also take additional steps to comply with applicable data protection laws, and nothing in this policy limits those obligations.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Platform and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

12. Children's Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

14. Contacting Us

  • All correspondence relating to privacy should be addressed to:

support@lockpesa.com or via phone call to 011 909 1062