This Privacy Policy explains how Breve Africa Limited collects, uses, stores, shares, and protects personal data across the Breve website, app, and related service workflows.
Breve processes personal data in a manner intended to respect the right to privacy under Article 31 of the Constitution of Kenya and the statutory duties that apply to data controllers and data processors under the Data Protection Act, 2019 and its regulations.
If any part of this policy is inconsistent with a mandatory legal requirement, the applicable law will prevail to the extent of the inconsistency.
Breve Africa Limited is the controller of personal data processed through the Breve platform unless a specific workflow or agreement states otherwise.
The current controller contact details reflected in the policy materials are P.O. Box 78862-00507, Nairobi, telephone 0734738243, and email breve@breve.co.ke.
This policy applies to the website, app, support channels, notifications, onboarding flows, payments, dispute handling, and related services used to register advocates, post jobs, exchange instructions, upload documents, and manage payment release.
The service is intended for adults and, where a workflow is reserved for advocates or other regulated professionals, only for users who are legally permitted to perform that role.
Breve collects only the categories of data reasonably necessary to operate the platform, verify users, process payments, reduce misuse, and meet legal or operational duties.
Breve obtains data directly from users, from activity on the platform, from device or browser interactions, from payment or messaging providers involved in a transaction, and from verification or support processes needed to run the service safely.
If a user provides personal data relating to another person, the user is responsible for having a lawful basis and any necessary permission to disclose that information.
Some workflows may request access to device features only where the feature is relevant to the action being performed.
Breve may process personal data where necessary for the performance of a contract, to take steps at the request of a user before entering a contract, to comply with legal obligations, to pursue legitimate interests that are not overridden by the rights of the data subject, or on consent where consent is the appropriate legal basis.
These purposes include account creation, advocate verification, publishing and matching jobs, sending workflow notices, processing escrow and payout events, responding to support matters, maintaining audit trails, securing the platform, investigating abuse, and resolving complaints or disputes.
Breve recognises that uploaded instructions, pleadings, case notes, and related legal material may be confidential, privileged, commercially sensitive, or subject to professional duties.
Users must upload only the information reasonably necessary for the requested work. Breve uses administrative, contractual, and technical controls intended to limit access to those with a valid operational reason to handle the material.
Breve may use system rules, search filters, location signals, professional profile data, and workflow logic to help surface jobs, route alerts, match advocates, prevent duplicate activity, or flag operational risk.
Where automated handling has a significant effect on a user, Breve may provide a path for human review or support escalation, subject to operational and legal limits.
Breve may share personal data with service providers and partners only where reasonably necessary to operate the platform, complete a transaction, comply with law, prevent harm, or enforce rights.
Because some infrastructure and software providers may process data outside Kenya, certain data may be transferred across borders.
Where Breve transfers personal data outside Kenya, it intends to do so subject to applicable safeguards, contractual controls, security measures, and any requirements imposed by Kenyan data protection law.
Breve keeps personal data for as long as reasonably necessary for the purpose for which it was collected, including service delivery, verification, financial reconciliation, dispute resolution, fraud prevention, legal compliance, and record retention.
Breve uses technical and organisational safeguards intended to protect confidentiality, integrity, and availability, but no online service can promise absolute security. Breve may maintain access logs, payment logs, audit trails, and security logs to support lawful operation, investigation, and accountability.
Subject to applicable law, users may request to be informed about processing, access their personal data, correct inaccurate data, object to certain processing, request deletion or restriction where appropriate, and exercise any additional rights available under Kenyan data protection law.
Some requests may be limited where Breve must retain information for legal, regulatory, fraud-prevention, dispute, or evidential purposes.
Breve encourages users to contact breve@breve.co.ke first so that the issue can be reviewed and resolved directly where possible.
Users also have the right to lodge a complaint with the Office of the Data Protection Commissioner in Kenya in accordance with the Data Protection Act, 2019 and the applicable complaints procedures.
This Privacy Policy is subject to change from time to time to reflect legal, operational, security, or product updates.
Where a change is material, Breve may publish the revised version in the app or on the website and may send notice to the registered email address on the account before or when the change takes effect, unless a shorter period is required for legal, security, or abuse-prevention reasons.
These public pages are drafted against the following Kenyan legal and regulatory sources. Breve should still have Kenyan counsel review them before production launch or before material changes are published.
For a current version of Breve legal documents, a privacy request, or a question on policy changes and notices, contact the team directly.