Privacy Policy

Last updated: July 11, 2026

1. Overview

This Privacy Policy explains how RootTeck ("we," "us," "our") collects, uses, and protects information when you use our website and client portal (collectively, the "Services"). It should be read alongside our Terms of Service.

2. Information We Collect

Account and organization information — name, email address, phone number, billing/contact address, password (stored only as a salted hash, never in plain text), and your organization's primary market (currently Somalia or Kenya).

Service usage information — domain search and registration requests, hosting subscriptions, custom project details and milestones, support tickets and messages, and knowledge base activity (such as article feedback).

Payment information — RootTeck does not store full card numbers or mobile-money credentials. Payments are processed by third-party providers (Stripe, M-Pesa, or EVC Plus, depending on your market); we retain only transaction metadata needed for invoicing and support (amount, status, provider reference).

Technical information — standard web request data (IP address, browser/user agent, timestamps) logged for security and rate-limiting purposes, and an authentication token stored in your browser's local storage to keep you signed in (see our Cookie Notice).

3. How We Use Information

We use the information above to:

  • Create and maintain your account and organization workspace;
  • Provide the Services you request (domain registration, hosting, development projects, support);
  • Process payments and issue invoices;
  • Send account-related emails (email verification, password reset, service notifications);
  • Detect, prevent, and respond to fraud, abuse, and security incidents;
  • Comply with legal obligations, including domain registry (e.g. ICANN/WHOIS) requirements.

We do not sell your personal information, and we do not use it for third-party advertising.

4. How We Share Information

We share information only as necessary to provide the Services:

  • Payment processors (Stripe, M-Pesa, EVC Plus) — to process transactions.
  • Domain registrars and registries — to complete and maintain domain registrations, which may include WHOIS publication as required by registry policy.
  • Infrastructure providers — for hosting, file storage, and email delivery.
  • Legal and regulatory bodies — where required by law, court order, or to protect RootTeck's or others' rights and safety.

We require these parties to handle your information consistently with this Policy and only for the purposes we specify.

5. Data Security

We apply industry-standard safeguards, including password hashing, token-based API authentication with expiring and revocable access tokens, encrypted connections (HTTPS), and rate limiting on sensitive endpoints (login, password reset). No system is perfectly secure, and we cannot guarantee absolute security, but we work to keep these protections current.

6. Data Retention

We retain account and transaction data for as long as your account is active and afterward as needed to meet legal, tax, and accounting obligations, resolve disputes, and enforce our agreements. You may request deletion of your account as described in Section 7, subject to these retention requirements.

7. Your Rights

Depending on your location, you may have the right to request access to, correction of, export of, or deletion of your personal information. To exercise any of these rights, contact privacy@rootteck.com or raise a support ticket from your dashboard; we will respond within a reasonable time and may need to verify your identity first.

8. Children's Privacy

The Services are intended for businesses and individuals operating a business, not for children. We do not knowingly collect personal information from anyone under 16.

9. International Data Transfers

RootTeck serves clients primarily in Somalia and Kenya, and may process or store data using infrastructure located in other countries. Where we transfer information across borders, we take reasonable steps to ensure it continues to receive an appropriate level of protection.

10. Changes to This Policy

We may update this Policy from time to time; the "Last updated" date above reflects the most recent revision. Material changes will be communicated to active clients where reasonably possible.

11. Contact

Questions about this Policy can be sent to privacy@rootteck.com, or raised as a support ticket from your dashboard.