Privacy Policy

Last Updated: January 23, 2026

1. Introduction

Welcome to Build Savanna (“we,” “our,” or “us”). Build Savanna is a comprehensive Business Operating System designed to help small and medium enterprises (SMEs) across Africa manage their entire business operations through a unified platform.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our website at https://www.buildsavanna.com, mobile applications, and all related services (collectively, the “Platform”).

We are committed to protecting your privacy and ensuring you understand how your data is handled. Please read this Privacy Policy carefully. By accessing or using our Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

2. Who We Are

Build Savanna is an integrated business platform providing enterprise-grade tools across 14 business domains:

• Communications Hub – Omnichannel messaging (WhatsApp, SMS, Email, Voice)
• Commerce Hub – E-commerce and online store management
• Sales Hub – CRM, pipeline management, and sales automation
• Service Hub – Customer support and helpdesk
• Marketing Hub – Campaigns, automation, and analytics
• Finance Hub – Invoicing, payments, and accounting
• HR Hub – Employee management, payroll, and attendance
• Operations Hub – Workflow automation and task management
• Projects Hub – Project and team collaboration
• Content Hub – Document and media management
• Collaboration Hub – Team communication and workspaces
• Analytics Hub – Business intelligence and reporting
• CRM Hub – Contact and relationship management
• DocStudio Hub – Document creation and e-signatures

Contact Information:

• Website: https://www.buildsavanna.com
• Email: privacy@buildsavanna.com
• Support: support@buildsavanna.com

3. Information We Collect

3.1 Information You Provide Directly

Account Registration:

• Organization name
• Full name (first and last name)
• Email address
• Phone number
• Password (stored in encrypted form)
• Country and timezone
• Industry/business sector

Organization & Workspace Data:

• Business information (name, type, size, industry)
• Workspace configurations and preferences
• Team member information (names, emails, roles)
• Billing and payment information

Business Data You Store on Our Platform:

• Customer and contact records
• Sales and transaction data
• Financial records and invoices
• Employee information (if using HR Hub)
• Communications and message history
• Documents and files you upload
• Project and task information

Communications with Us:

• Support tickets and inquiries
• Feedback and survey responses
• Email correspondence

3.2 Information Collected Automatically

Device & Technical Information:

• IP address
• Browser type and version
• Operating system
• Device identifiers
• Screen resolution and device type

Usage Information:

• Pages visited and features used
• Time spent on the Platform
• Click patterns and navigation paths
• Error logs and performance data

Location Information:

• Country and region (derived from IP address)
• Timezone settings

3.3 Information from Third Parties

Social Login Providers: When you sign up or log in using Google, Facebook, Microsoft, or Apple, we receive:

• Your name
• Email address
• Profile picture (if available)
• Unique identifier from the provider

Payment Processors: When you make payments, our payment partners (Paynow, Paystack, Flutterwave, Stripe, PayPal) may share:

• Transaction confirmation
• Payment status
• Partial payment method details (last 4 digits of card, mobile money number)

Integrated Services: If you connect third-party services (e.g., QuickBooks, Xero, Shopify, HubSpot), we receive data necessary to provide the integration functionality you requested.

4. How We Use Your Information

4.1 To Provide and Operate the Platform

• Create and manage your account
• Process transactions and payments
• Deliver the services you request
• Enable communication features (SMS, WhatsApp, Email)
• Provide customer support
• Send service-related notifications

4.2 To Improve and Personalize the Platform

• Analyze usage patterns to improve features
• Personalize your experience based on preferences
• Develop new products and services
• Conduct research and analytics
• Train and improve our AI features (Savanna Brain)

4.3 To Communicate with You

• Send account-related notifications
• Provide product updates and announcements
• Respond to inquiries and support requests
• Send marketing communications (with your consent)
• Deliver security alerts

4.4 To Ensure Security and Compliance

• Detect and prevent fraud
• Enforce our terms of service
• Comply with legal obligations
• Protect our rights and property
• Maintain audit trails for security purposes

4.5 AI and Automation Features

Our platform includes AI-powered features (Savanna Brain) that may:

• Analyze your data to provide insights and recommendations
• Automate responses and workflows
• Generate content suggestions
• Provide intelligent search and categorization

Your business data used for AI features is:

• Processed within your organization’s boundaries
• Never shared with other customers
• Never used to train models for other organizations

5. How We Share Your Information

5.1 With Your Consent

We share information when you explicitly authorize us to do so, such as when you:

• Connect third-party integrations
• Share data with team members
• Authorize communications to your customers

5.2 Service Providers

We share data with trusted third-party service providers who assist us in:

All service providers are bound by data processing agreements and are prohibited from using your data for their own purposes.

5.3 Within Your Organization

• Data is shared among authorized users within your organization based on roles and permissions
• Organization administrators can access organization-wide data
• Workspace members can access workspace-specific data

5.4 Legal Requirements

We may disclose information if required to:

• Comply with applicable laws or regulations
• Respond to valid legal processes (subpoenas, court orders)
• Protect our rights, privacy, safety, or property
• Enforce our terms of service
• Respond to emergency situations

5.5 Business Transfers

If Build Savanna is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.

5.6 What We Never Do

• ❌ Sell your personal data to third parties
• ❌ Share your business data with other customers
• ❌ Use your data for advertising by third parties
• ❌ Share customer contact lists without authorization

6. Data Retention

6.1 Active Accounts

We retain your data for as long as your account is active and as needed to provide services to you.

6.2 After Account Closure

6.3 Deletion Requests

You may request deletion of your data at any time. We will delete your data within 30 days, except where retention is required by law.

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

7.2 Essential Cookies (Required)

These cannot be disabled as they are necessary for the Platform to function:

• Authentication tokens
• Session management
• Security tokens (CSRF protection)
• Load balancing

7.3 Managing Cookies

You can control non-essential cookies through:

• Your browser settings
• Our cookie preference center (available in account settings)

Note: Disabling certain cookies may affect Platform functionality.

7.4 Do Not Track

We currently do not respond to “Do Not Track” browser signals as there is no industry standard for this.

8. Data Security

8.1 Security Measures

We implement comprehensive security measures including:

Technical Safeguards:

• Encryption in transit (TLS 1.3)
• Encryption at rest (AES-256)
• Secure password hashing (bcrypt)
• Multi-factor authentication (2FA)
• Regular security audits and penetration testing

Organizational Safeguards:

• Role-based access control (RBAC)
• Employee security training
• Background checks for staff with data access
• Incident response procedures
• Regular security reviews

Infrastructure Security:

• Firewalls and intrusion detection
• DDoS protection
• Regular backups
• Geographic redundancy
• Continuous monitoring

8.2 Your Security Responsibilities

You are responsible for:

• Maintaining the confidentiality of your login credentials
• Enabling two-factor authentication
• Ensuring appropriate access controls within your organization
• Reporting any suspected security incidents

8.3 Data Breach Notification

In the event of a data breach affecting your personal data, we will:

• Notify you within 72 hours of discovery
• Provide details of the breach and affected data
• Describe measures taken to address the breach
• Offer guidance on protective steps you can take

9. International Data Transfers

9.1 Where Your Data is Stored

Your data may be stored and processed in:

• South Africa (primary)
• European Union (backup and CDN)
• United States (certain service providers)

9.2 Transfer Safeguards

When transferring data internationally, we ensure protection through:

• Standard Contractual Clauses (SCCs)
• Data Processing Agreements with all providers
• Selecting providers with appropriate certifications (SOC 2, ISO 27001)

10. Your Rights

10.1 Rights You Have

Depending on your location, you may have the following rights:

10.2 How to Exercise Your Rights

To exercise any of these rights:

1. Self-Service: Many actions can be performed in your account settings
2. Email: Contact privacy@buildsavanna.com
3. Support: Submit a request through our support portal

We will respond to requests within 30 days. We may ask for verification of your identity before processing requests.

10.3 Data Export

You can export your data at any time through:

• Account Settings → Data Export
• API access (for programmatic export)
• Contacting support for large exports

11. Children’s Privacy

Build Savanna is designed for business use and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

12. Third-Party Links and Integrations

12.1 External Links

Our Platform may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies.

12.2 Integrations

When you connect third-party integrations (e.g., QuickBooks, Shopify, Salesforce), those services have their own privacy policies governing their use of your data. Our integration only accesses data necessary for the functionality you authorize.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes:

• We will update the “Last Updated” date at the top
• For significant changes, we will notify you via email or Platform notification
• Continued use after changes constitutes acceptance

We encourage you to review this Privacy Policy periodically.

14. Region-Specific Provisions

14.1 South Africa (POPIA)

If you are in South Africa, the Protection of Personal Information Act (POPIA) applies. You have additional rights including:

• The right to lodge a complaint with the Information Regulator
• The right to be notified of data breaches
• Special protections for sensitive personal information

14.2 European Union (GDPR)

If you are in the EU/EEA, the General Data Protection Regulation (GDPR) applies. Our legal bases for processing include:

• Contract performance (providing services)
• Legitimate interests (improving services, security)
• Legal obligations (compliance)
• Consent (marketing communications)

14.3 Zimbabwe and Other African Jurisdictions

We comply with applicable data protection laws in all jurisdictions where we operate, including:

• Zimbabwe Data Protection Act
• Nigeria Data Protection Regulation (NDPR)
• Kenya Data Protection Act

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Inquiries:

• Email: privacy@buildsavanna.com

General Support:

• Email: support@buildsavanna.com
• Website: https://www.buildsavanna.com/support

Mailing Address: Build Savanna [Your Business Address] Harare, Zimbabwe

16. Summary of Key Points

This Privacy Policy is effective as of January 23, 2026.