Legal

Data & Compliance

Template — review with qualified counsel before launch. Last updated 11 June 2026.

This page summarises how Karibu protects data and meets its regulatory obligations. It complements our Privacy Policy and Terms of Use.

Regulatory framework

Sub-processors

ProviderPurposeData
ClerkAuthentication & identityName, email, auth identifiers
NeonApplication databaseAccount profile & trip data
ResendTransactional emailEmail address, delivery metadata
SentryError monitoringTechnical diagnostics
UpstashRate limitingRequest counters
VercelHostingRequest logs

Security measures

Data subject & deletion requests

To access, correct, export, or delete your data, email privacy@karibu.co.ke (placeholder). We respond within the timeframes set by the DPA/GDPR. Deleting your account removes your profile and associated trip data, subject to limited legal retention.

Breach notification

In the event of a personal-data breach likely to result in risk to your rights, we will notify the relevant supervisory authority and affected users without undue delay, as required by law.

Contact

Data protection point of contact: privacy@karibu.co.ke (placeholder).