Privacy Policy

This Privacy Policy explains how Rexius Lited handles personal information across our websites, shop, ERP systems, client platform data, support channels, WhatsApp and customer communications, CSR booking flows, loyalty programs, careers portal, consulting services, and internal operations.

By using our platforms or giving us information, you agree that we may process it for the purposes described here and for related operational, legal, security, and customer support needs.

We may collect your name, email address, phone number, delivery location, billing details, order history, payment references, loyalty profile, inquiry details, uploaded documents, job application details, recruitment CV files, newsletter confirmation and unsubscribe records, preferences, and communication history.

For ERP, HR/payroll support, KRA/eTIMS workflow support, and client user accounts, we may process staff records, roles, approvals, payroll workflow data, statutory workflow references, customer records, audit logs, inventory records, invoices, reports, user activity, and system configuration data as needed to provide the requested service.

For CSR bookings, we may collect the name or alias you provide, contact details, preferred session date and time, booking notes, calendar confirmation details, and meeting link status. We do not ask for unnecessary sensitive information through the booking form.

Our systems may also record technical information such as IP address, browser type, device information, session activity, and security logs.

We use information to process orders, generate receipts and invoices, deliver products, confirm payments, allocate loyalty points, verify redemption requests, respond to support inquiries, send service updates, manage bookings, review job applications, provide consulting or CSR services, operate ERP workflows, support HR/payroll processes, organize KRA/eTIMS-related workflows, and maintain client audit logs.

We may also use information to prevent fraud, improve our platforms, keep accurate accounting and audit records, comply with law, and send relevant newsletters or offers where permitted. Newsletter emails may include confirmation and unsubscribe links so you can manage your subscription.

Payments may be handled through providers such as M-Pesa, PesaPal, card networks, bank transfer channels, Airtel Money, or other approved processors. Rexius does not store your card number, PIN, or mobile money PIN.

We keep transaction references, payment status, invoice records, receipt details, and accounting entries because they are needed for order support, reconciliation, tax, audit, and financial reporting.

If you contact Rexius through WhatsApp, email, contact forms, newsletters, or support channels, we may store the conversation and use it to respond, complete orders, send receipts, confirm loyalty codes, or follow up on service issues.

Messages sent through third-party platforms are also subject to those platforms privacy and security practices. Avoid sending card PINs, one-time passwords, passwords, or unnecessary sensitive information through chat.

CSR safe-space sessions are treated with care and confidentiality inside Rexius. Booking details are used to reserve slots, create calendar invites, send meeting links, and manage follow-up where appropriate.

Rexius CSR support is not an emergency medical service, crisis hotline, or substitute for professional medical care. If you or someone else is in immediate danger, contact local emergency services or an emergency support provider immediately.

Where Rexius provides ERP systems, customer communication tools, reporting workflows, or operational dashboards, client platform data is processed to provide the contracted or requested service, maintain security, support users, generate reports, and improve service delivery.

Client user accounts and audit logs may be kept to support access control, accountability, troubleshooting, compliance review, and operational continuity.

When you apply for a role, we process your CV, contact details, application answers, interview notes, uploaded recruitment documents, and recruitment status so we can evaluate your suitability and communicate with you.

We may keep recruitment records for future opportunities, compliance, and audit purposes unless you ask us to delete them where deletion is legally and operationally possible.

Our websites may use cookies, session storage, analytics, logs, or similar tools to keep you signed in, remember preferences, protect accounts, measure performance, and improve the user experience.

You can control some cookies through your browser settings, but disabling them may affect checkout, login, forms, and saved preferences.

We do not sell your personal information. We may share limited information with service providers who help us operate, including payment processors, delivery partners, email providers, cloud services, Google Workspace tools, WhatsApp Business services, IT support, auditors, and professional advisers.

We only share what is necessary for the service, support, compliance, or protection purpose.

We keep information only as long as needed for the purpose collected, including customer support, warranty handling, accounting, tax, audit, legal obligations, security, and legitimate business records.

Some records, such as invoices, receipts, payment confirmations, and ledger records, may need to be retained longer than general support conversations.

We use reasonable technical and organizational controls to protect information, including role-based access, database-backed workflows, secure providers, server controls, and internal review of important operations.

No online system is perfectly risk-free, so please also protect your account, email, phone, and payment credentials.

You may ask us to confirm what information we hold about you, correct inaccurate information, update your communication preferences, unsubscribe from marketing, or request deletion where the law and our operational obligations allow it.

To make a privacy request, contact us through the contact page or email info@rexiuslited.co.ke with enough detail for us to identify the relevant record.

We may update this policy as our services, systems, and legal obligations change. The latest version will be published on this page with the effective month.