Cookie Policy

Codian Concepts ("Codian", "we", "us", or "our") operates codian.co.ke, a unified API platform for developers, businesses, and the Kenyan tech community, offering payment processing, messaging, government services integration, and community features (collectively, the "Platform"). This Cookie Policy explains how we use cookies and similar tracking technologies to enhance your experience, ensure Platform functionality, and analyze usage.

This policy applies to all users of the Platform, including developers integrating our APIs, businesses processing payments, and community members participating in forums or events. It is designed to comply with the Kenyan Data Protection Act 2019 and other applicable data protection laws. By using the Platform, you agree to our use of cookies as described herein. If you do not agree, you may adjust your browser settings or refrain from using the Platform.

For further details on our data practices, please refer to our Privacy Policy. For inquiries, contact our support team as provided in our contact section.

Cookies are small text files stored on your device (e.g., computer, smartphone) when you visit a website. They help websites remember your preferences, maintain sessions, and collect usage data. We also use similar technologies, such as local storage, session storage, and tracking pixels, to provide and improve our services.

• Cookies: Store small amounts of data (e.g., session IDs, preferences) to enable functionality and personalization.
• Local/Session Storage: Used for temporary or persistent data storage to support Platform features, such as dashboard settings or API authentication.
• Tracking Pixels: Small images embedded in pages or emails to track user interactions, such as page views or email opens.
• Device Identifiers: Collect device-specific information (e.g., IP address, browser type) to monitor usage and ensure security.

We categorize cookies based on their purpose and necessity. The following types are used on the Platform:

• Essential Cookies: Necessary for the Platform to function properly, such as maintaining user sessions, authenticating API requests (e.g., OAuth tokens), and enabling secure payment processing. These cookies cannot be disabled as they are critical to core functionality.
• Functional Cookies: Enhance user experience by remembering preferences, such as language settings, dashboard configurations, or community profile settings. Disabling these may limit certain features.
• Analytics Cookies: Collect aggregated data on how users interact with the Platform, such as page views, API usage patterns, and navigation flows. These help us improve performance and user experience (e.g., via Google Analytics or similar tools). You may opt out of these cookies.
• Marketing Cookies: Used to deliver personalized promotions or content, such as targeted emails about new API features or community events. These are only set with your explicit consent and may involve third-party advertising networks.

We use cookies and tracking technologies for the following purposes:

• Authentication and Security: To verify your identity, maintain active sessions (e.g., during dashboard or API usage), and protect against unauthorized access. For example, cookies store session tokens for secure logins and API key validation (e.g., client_id, client_secret).
• Platform Functionality: To enable features like app creation, payment processing (e.g., M-Pesa STK Push), and community interactions. Cookies ensure seamless navigation and data persistence across pages.
• Performance and Analytics: To monitor Platform performance, track API request volumes, and analyze user behavior (e.g., time spent on developer.codian.co.ke). This helps us optimize services and troubleshoot issues.
• Personalization: To tailor your experience, such as remembering your dashboard settings, community preferences, or preferred government service forms.
• Marketing and Communication: With your consent, to deliver targeted promotions, such as emails about new API features or community events, and to track engagement (e.g., email opens via pixels).
• Compliance and Fraud Prevention: To detect and prevent fraudulent activities, such as excessive API requests or suspicious payment transactions, by analyzing usage patterns.

We may use third-party services that set cookies or tracking technologies on our behalf to support Platform functionality. These include:

• Analytics Providers: Tools like Google Analytics may set cookies to collect aggregated usage data (e.g., page views, session duration). These providers are contractually obligated to protect your data and comply with applicable laws.
• Payment Processors: Partners like M-Pesa may use cookies or tracking pixels to facilitate secure transactions and verify payment activities. Their cookie practices are governed by their own policies.
• Marketing Partners: If you consent to marketing cookies, third-party advertising networks may set cookies to deliver personalized content or track campaign performance.
• Community Features: Cookies may be used by third-party tools integrated into the Codian Kenya Tech Community to manage forums or event registrations.

We ensure third parties adhere to data protection standards, such as the Kenyan Data Protection Act 2019, and we do not allow them to use your data for unrelated purposes.

You have control over non-essential cookies and can manage your preferences as follows:

• Cookie Consent Tool: On your first visit to the Platform, you may see a cookie consent banner allowing you to accept or reject non-essential cookies (e.g., analytics, marketing). You can update your preferences at any time through the cookie settings link on our website (if available).
• Browser Settings: Most browsers allow you to block or delete cookies. You can configure your browser to reject all cookies, accept only essential cookies, or prompt you for each cookie. Note that disabling essential cookies may impair Platform functionality, such as login or payment processing.
• Do Not Track (DNT): We respect browser DNT signals for non-essential cookies, though some analytics tools may not fully support DNT.
• Opting Out of Analytics: For analytics cookies (e.g., Google Analytics), you can opt out via browser extensions or by contacting our support team to disable tracking for your account.

Instructions for managing cookies in common browsers are available online (e.g., for Chrome, Firefox, Safari).

Cookies are retained for varying periods based on their purpose:

• Session Cookies: Expire when you close your browser or log out (e.g., for authentication).
• Persistent Cookies: Remain on your device for a set period, such as 30 days for functional cookies (e.g., remembering preferences) or up to 2 years for analytics cookies, unless deleted earlier.
• Third-Party Cookies: Retention periods are set by third-party providers (e.g., Google Analytics cookies may last up to 24 months). Refer to their policies for details.

You can delete cookies at any time through your browser settings. We retain cookie-related data only as long as necessary for the purposes described or as required by law (e.g., for audit logs).

We take reasonable measures to protect cookie-related data, but no system is entirely secure. Our security practices include:

• Encryption: Cookies containing sensitive data (e.g., session tokens) are transmitted via HTTPS and stored securely.
• Access Controls: Only authorized personnel and trusted third parties have access to cookie data for operational purposes.
• Audits: Regular security audits to ensure compliance with the Kenyan Data Protection Act 2019 and industry standards.
• Breach Notification: If a data breach affects cookie-related data, we will notify affected users within 72 hours, as required by Kenyan law.

You are responsible for securing your device and browser to prevent unauthorized access to cookies.

Under the Kenyan Data Protection Act 2019, you have rights regarding cookie-related data, including:

• Right to Access: Request details of cookies and related data we collect about you.
• Right to Deletion: Request deletion of non-essential cookie data, subject to legal retention requirements.
• Right to Object: Opt out of non-essential cookies (e.g., analytics, marketing) at any time.
• Right to Restrict Processing: Request limitations on how we use cookie data in certain cases.

To exercise these rights, contact our support team as provided in our contact section. We will respond within 30 days. You may also lodge complaints with the Kenyan Office of the Data Protection Commissioner (ODPC).

We may update this Cookie Policy to reflect changes in our practices, technologies, or legal requirements. Material changes will be communicated at least 30 days in advance via email, Platform notifications, or by updating the effective date above.

Continued use of the Platform after changes constitutes acceptance of the updated policy. If you disagree, you may adjust your cookie preferences or stop using the Platform.

For questions about this Cookie Policy, to manage cookie preferences, or to exercise your data rights, contact our support or legal team as provided in our contact section.

• Data Protection Officer: Available to address cookie-related inquiries.
• Complaints: If unsatisfied with our response, contact the Kenyan Office of the Data Protection Commissioner (ODPC).