Privacy Policy

Overview
Brimukon Labs (“Brimukon”, “we”, “our”, or “us”) is committed to protecting your privacy and ensuring that your personal data is handled securely and responsibly. This Privacy Policy explains how we collect, use, share, store, and protect personal information when you use our website, services, and applications — including our mobile application Flip.IQ (collectively referred to as “Services”). By using Brimukon Services, you agree to the practices described in this policy.

1. Compliance with Kenyan Law

Brimukon Labs is registered and operates in Kenya. We comply with the Kenya Data Protection Act, 2019, including principles relating to:

• Lawfulness, fairness, and transparency
• Purpose limitation — collecting data only for legitimate reasons
• Data minimization — collecting only what is necessary
• Accuracy and integrity of personal data
• Storage limitation — retaining data only as long as required
• Confidentiality and security of data
• Respect for your privacy rights as a Data Subject

Users have the right under Kenyan law to request access, correction, restriction of processing, objection, and deletion of their personal data. You may exercise these rights by contacting us at[email protected].

2. Scope of This Policy

This Privacy Policy applies to:

• The Brimukon website: brimukon.com
• Brimukon applications including Flip.IQ and M-Ficha (Messaging & Privacy App).
• Any digital platforms, tools, or services operated by Brimukon Labs

This Policy does not cover third-party services or platforms beyond our control.

3. Information We Collect

a. Information You Provide

• Account details (name, email, password)
• Optional profile information
• Support communication messages
• Payment details for premium features (processed securely by trusted third-party payment providers)

b. Information Collected Automatically

• Device type, OS, and browser type
• IP address and general location
• Usage activity and analytics
• Error reports and performance logs

c. Sensitive Data: SMS Content(M-Ficha)
M-Ficha is an offline-first application. All SMS processing, including the redaction of financial balances, occurs locally on your device. We do not transmit, upload, or store your SMS content on our servers.

d. Financial Information
When you make a purchase, we collect information regarding the transaction status (e.g., success/failure) provided by Google. We do not have access to your full payment card details or M-Pesa credentials; these are processed securely by Google Play.

e. Sensitive Data
Brimukon does not intentionally collect highly sensitive personal data unless necessary for the service, lawful, and with user consent.

4. Google Play / Play Store Compliance

For mobile applications like Flip.IQ and M-Ficha, we comply with:

• Google Play User Data Policy
• Google Play Data Safety Section Requirements
• Play Families Policy where applicable

Our apps:

• Do NOT sell personal data
• Do NOT share personal data without consent
• Only request permissions necessary for functionality
• Provide ways to delete accounts and associated data

Default SMS Handler(M-Ficha): M-Ficha requires READ_SMS, SEND_SMS, and RECEIVE_SMS permissions to function as your default messaging client. "SMS Data" is considered ephemeral/on-device processing and is not "collected" as defined by Google’s Data Safety standards because it never leaves the device.

Financial Privacy & Redaction(M-Ficha): M-Ficha locally analyzes incoming SMS from financial service providers (e.g., M-PESA) to identify and mask account balances. This is a local UI-only feature intended to protect user privacy during 'Proof of Payment' scenarios. No financial data is ever extracted or shared.

Any third-party SDKs used in our apps (analytics, crash reporting, etc.) are required to follow strict privacy and security standards.

5. How We Use Your Information

• Provide and improve our services
• Personalize user experience
• Process payments for premium features
• Enhance security and prevent abuse
• Communicate updates and service notices
• We use your purchase history to activate the 'Ad-Free' features of the app and to restore your purchase if you switch devices or reinstall the app.

6. Data Sharing

Brimukon does not sell personal information. Data may only be shared with:

• Trusted service providers under confidentiality
• Regulatory or legal authorities where lawfully required
• Business acquisition or merger situations

b. Third-Party Service Providers
We use Google Play Billing for in-app purchases and storing of purchase history. Their collection and use of your payment information is governed by the Google Payments Privacy Notice."

7. Your Rights

• Access your data
• Update your information
• Request account deletion
• Withdraw consent where applicable

Account deletion is available within our apps (where supported) or by contacting us directly.

8. Cookies & Analytics

We may use cookies and analytics tools to understand performance and usage. You may disable cookies via browser settings; however, some features may be affected.

9. Data Security

We implement reasonable technical and organizational safeguards to protect your information, but no system is 100% secure.

10. International Transfers

Data may be processed outside Kenya where necessary, with appropriate safeguards.

11. Children

Our services are not intended for children under age 16 without guardian consent.

12. Changes to This Policy

We may update this Privacy Policy. Continued use of our services means acceptance of updates.

13. Contact Us

For privacy inquiries, rights requests, or concerns, contact: