Privacy Policy

Last updated: 23 December 2025

Back to Portal

1. Overview

This Privacy Policy explains how DPL Festive (“DPL”, “we”, “us”) collects, uses, stores, and protects information when you use the DPL Festive Internal App (mobile application) and the DPL Festive Admin Portal (web application) (together, the “Services”). These Services are intended for internal business operations.

2. Information We Collect

Account and identity information

We collect information needed to create and manage user accounts, such as name, phone number, username, role, permissions, and authentication-related data.

Operational and transactional information

We collect operational records generated through usage of the Services, including loading sheets, confirmations, routes/warehouses, crate movements and balances, dispatch records, and related operational metadata.

Verification photos and biometric-related inputs

The mobile application may request camera access to capture verification photos (for example, product photos during a random verification step) and may support driver verification workflows that involve capturing a photo for verification. These photos are used for operational verification and audit purposes.

Device and usage information

We may collect basic technical data needed to operate and secure the Services, such as device identifiers (where available), timestamps, app version, and network-related information.

3. How We Use Information

  • Authenticate users and enforce role-based access control.
  • Run operational workflows (loading, crates, dispatch, reporting).
  • Provide audit trails and accountability (including verification evidence where applicable).
  • Maintain security, prevent misuse, and investigate incidents.
  • Operate, maintain, and improve the Services (performance, reliability, and support).

4. Sharing and Service Providers

We use service providers to host and operate the Services. For example, the Services may use Google Firebase (Firestore, Authentication, Cloud Functions, and Storage) to store and process data. These providers process data on our behalf to deliver the Services.

We do not sell personal information. Access to data is restricted to authorized personnel and internal stakeholders based on role and operational need.

5. Data Retention

We retain information for as long as needed to support operations, compliance, auditability, and security, and as required by applicable policies and law. Retention periods may vary by record type (for example, audit logs and verification evidence).

6. Security

We implement administrative, technical, and organizational safeguards designed to protect information against unauthorized access, alteration, disclosure, or destruction. No method of transmission or storage is 100% secure; however, we continuously work to improve security.

7. Your Choices

Access to the Services is managed by DPL administrators. If you need your account updated, deactivated, or require help accessing your data for internal operational needs, contact your administrator or the support contact below.

8. Contact

For privacy or security questions about the Services, contact DPL Festive support.

Company: DPL Kenya
Email: kalpen@festivebrands.co.ke

Note: This policy is provided as an internal operational document and should be reviewed by the legal/compliance team.

© 2026 DPL Festive. All rights reserved.