Legal

Privacy Policy

Last updated: 25 April 2026

This Privacy Policy explains how Miraajtech Trading Academy, operated by Miraaj-tech Africa Trading Unit (Reg. BN-VZSEKPAV), ("Miraajtech", "we", "us", or "our") collects, uses, shares, and protects your personal data when you visit our website, purchase a membership, or interact with our community channels.

We respect your privacy and are committed to handling personal data responsibly and in accordance with applicable laws, including the Kenya Data Protection Act, 2019, and the EU General Data Protection Regulation (GDPR) where applicable.

1. Data Controller

The data controller is Miraaj-tech Africa Trading Unit (Reg. BN-VZSEKPAV), trading as Miraajtech Trading Academy, based in Mombasa, Kenya. For any privacy-related questions or to exercise your rights, contact legal@miraajtech.com.

2. What We Collect

2.1 Information you provide

  • Account & billing information — name, email address, country, and payment details — collected and processed by Whop when you purchase a membership. We receive your name, email, and membership status.
  • Community identifiers — your Discord and/or Telegram username, user ID, and avatar — when you link your account to access private channels.
  • Communications — messages you send us via email or community support channels.

2.2 Information collected automatically

  • Network data — IP address, approximate location (country/region), browser type, device type, referrer URL, and timestamps — collected by Cloudflare for security, performance, and DDoS protection.
  • Usage data — pages visited, links clicked, time on page — to improve the Service. We do not currently use Google Analytics or behavioural advertising trackers.
  • Cookies — see Section 7 below.

3. Why We Use Your Data

We process personal data for the following purposes:

  • To provide and operate the Service (account access, signal delivery, community access).
  • To process payments and manage your membership (via Whop).
  • To communicate with you about your account, updates, and important changes.
  • To improve and secure the Service (analytics, fraud prevention, abuse mitigation).
  • To comply with legal obligations and enforce our Terms of Service.

Our legal bases for processing (under GDPR) include: performance of a contract with you, your consent (where required), our legitimate interests (security, service improvement), and compliance with legal obligations.

4. Third-Party Processors

We share personal data with carefully selected third-party processors who help us deliver the Service. Each processor handles your data under their own privacy policy:

We do not sell your personal data, and we do not share it with advertisers.

5. International Data Transfers

Some of our processors operate globally and may transfer or store data outside your country of residence (including the United States and the European Union). Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms to protect your data during international transfers.

6. Data Retention

We retain personal data only for as long as necessary to provide the Service and to comply with legal obligations:

  • Active membership data: for the duration of your membership plus up to 24 months.
  • Billing records: as required by applicable tax and accounting laws (typically 5–7 years).
  • Community access data: while your membership is active; revoked when membership ends.
  • Support communications: up to 3 years from the last interaction.
  • Server logs (via Cloudflare): retained for short periods (typically up to 30 days) for security purposes.

7. Cookies & Similar Technologies

Our website uses a minimal set of cookies and similar technologies:

  • Strictly necessary cookies — required for the site to function (e.g. Cloudflare security cookies). These cannot be disabled.
  • Performance cookies — basic, anonymised analytics to understand site usage.

Most browsers allow you to refuse cookies or alert you when one is being set. Disabling strictly necessary cookies may affect your ability to use the Service.

8. Your Rights

Depending on your jurisdiction (GDPR, Kenya DPA, and others), you have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data (the "right to be forgotten"), subject to legal retention obligations.
  • Restrict or object to certain processing.
  • Data portability — receive a copy of your data in a structured, commonly used format.
  • Withdraw consent at any time, where processing is based on consent.
  • Lodge a complaint with your local data protection authority (in Kenya, the Office of the Data Protection Commissioner).

To exercise any of these rights, email us at legal@miraajtech.com. We will respond within 30 days.

9. Security

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit (TLS), restricted access, infrastructure hardening, automated security updates, and DDoS/web-application-firewall protection through Cloudflare. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

10. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email. The "Last updated" date at the top reflects the latest revision.

12. Contact

Questions, requests, or complaints? Contact our privacy team at legal@miraajtech.com.

Miraajtech Trading Academy · Mombasa, Kenya