data privacy statement

Data Privacy Statement

Effective Date: 25th November, 2019

At CYBER.CO.KE, we prioritize the protection of your personal information submitted to us when you request for the online services that we offer and are dedicated to maintaining the highest standards of data privacy and data security in Kenya.

This comprehensive Data Privacy Statement outlines the types of data that we collect, how we use the collected data, the security measures we take to safeguard your submitted information and your rights as a user of our website and services here in Kenya.

Your privacy is important to us and thus this Data Privacy Statement explains the personal data CYBER.CO.KE collects, how we processes it and for what purposes the collected date is used for. Please read this statement carefully to understand how we handle your personal information here in Kenya. 

This Data Privacy Statement should be read together with the Privacy Policy and Terms and Conditions of use of CYBER.CO.KE Services. Where there is a conflict, this Data Privacy Statement will prevail. This Data Privacy Statement provides information on how and why CYBER.CO.KE collects and processes your personal data.

This privacy statement applies to all customers, clients, residents, non-residents, companies, organizations, parastatals, groups, societies, schools, churches, consultants, partners and 3rd parties in Kenya and globally who use CYBER.CO.KE on a day to day basis.

1. Definitions

i. CYBER.CO.KE – is an online cyber cafe platform/portal that enables both Kenyan Residents and Non Kenyan Residents to place and submit their orders/requests for the offered KRA Services online and pay conveniently for those services offered to them with much ease and convenience.

ii. Data Protection Officer  – is a person designated or appointed by CYBER.CO.KE to monitor compliance with the Data Protection Act, No. 24 of 2019 and the Regulations made under the Act.

iii. Data Collection – means gathering of information that relates to you as provided in the filled and submitted online services requests forms.

iv. Personal Data – means information about you that identifies you directly or indirectly as a unique individual such as name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of a natural person.

v. Processing – means any operation or sets of operations which is performed on your personal data whether or not by automated means, such as: collection, recording, organization or structuring; Storage, adaptation or alteration; Retrieval, consultation or use; Disclosure by transmission, dissemination, or otherwise making available; Alignment or combination, restriction, erasure or destruction.

vi. Sensitive Personal Data – is data revealing your racial or ethnic origin, political opinions, professional membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s gender.

vii. Third Party – means a natural or legal person, public authority, agency or body other than you and CYBER.CO.KE, who under the direct authority of CYBER.CO.KE are authorized to process your personal data.

2. Data Collection and Data Usage

CYBER.CO.KE collects your personal data both directly and indirectly in accordance with the law. We collect your personal information with your knowledge and consent with exception to cases where prior consent cannot be obtained for real reasons and the processing of the data is permitted by law.

CYBER.CO.KE also collects information that cannot be used to personally identify you such as anonymous usage data, general demographic information, referring/exit pages and URLs, platform types, preferences that are generated based on the data that you submit and number of clicks.

CYBER.CO.KE shall ensure that sensitive personal data about you is processed in accordance to your right of privacy and as permitted in Part V of the Data Protection Act, 2019. We collect various types of personal information when you interact with our website or use our services. The data we may collect includes, but is not limited to:

  • Identity Information: Name, Date of birth and ID Number.
  • Contact Information: Email address, phone number, physical address, county, town and district.
  • Technical Information: IP address, browser type, operating system, device information.
  • Usage Data: Pages visited, time spent on the website, interactions, and preferences.
  • Payment Information: Where applicable service fees is charged for services offered i.e. M-PESA payment details.

We collect and use this data for legitimate purposes, including:

  • Providing you with access to our services and website functionality.
  • Processing your online service requests, transactions and fulfilling submitted orders and requests.
  • Responding to your inquiries, requests and customer support needs.
  • Personalizing your experience on our website, based on your preferences and usage.
  • Analyzing and improving our website’s performance, content and user interface.
  • Sending you updates, newsletters, and promotional materials (if you have consented to receive them).

3. Data Sharing and Data Disclosure

CYBER.CO.KE shall transfer personal data with your consent and in a manner that is compatible with the purpose for which it was collected. We may transfer or disclose the personal data we collect to a third party who provides support to CYBER.CO.KE in providing its services to you.

We shall also disclose or process your personal data to a third party when required by law and the request has been authorized by the designated Data Protection Officer. It is our policy to use only a third-party provider that is bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us.

In the event that CYBER.CO.KE undergoes a business transformation, your personal data may be among the assets to be transferred to new platforms or entities and the acquirer of data assets may continue to process the personal data.

We respect your privacy and do not sell, trade or rent your personal information to third parties for marketing purposes without your explicit consent. However, to enhance your experience and provide efficient services, we may share your data with the following entities:

  • Trusted Service Provider: We may engage third-party service provider to assist us in various aspects of our business services provision to you as our customer. This provider is contractually bound to handle your information securely and only use it for the purposes specified in this Data Privacy Statement.
  • Legal Compliance: We may disclose your personal information to comply with applicable Kenyan laws, regulations or legal proceedings. We will also share data when required to protect our rights, safety and the rights and safety of others who use our website on a day to day basis.

4. Data Security and Data Protection

CYBER.CO.KE ensures that access to electronic and physical repositories containing your personal data is controlled based on reasonable and appropriate administrative, physical and organizational safeguards. 

We implement security measures designed to protect your information from unauthorized access. We employ strict security measures to safeguard your personal information from unauthorized access, disclosure, alteration, and destruction. Our security practices include:

  • Encryption of sensitive data during transmission and storage.
  • Secure access controls, limiting access to personal data to authorized personnel only.
  • Regular monitoring, testing and updating of our security systems.
  • Staff training on data privacy and security best practices in Kenya.

We ensure the utmost security of the data that you provide to us when you request our various online services that you are looking for here in Kenya.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations. Once the data is no longer necessary, we will securely dispose of or anonymize it to prevent unauthorized access or use.

We will only retain your personal data to fulfill the purposes for which we collect your data and to satisfy any legal requirements to which we are subject.  To determine the appropriate retention period, we consider the size, nature and sensitivity of the personal data, the purposes for which we process the data, the need to comply with internal policies and the applicable legal requirements.

We will only retain your personal data to fulfil the purposes for which we collect your data and to satisfy any legal requirements to which we are subject.  To determine the appropriate retention period, we consider the size, nature and sensitivity of the personal data, the purposes for which we process the data, the need to comply with internal policies and the applicable legal requirements.

You may however request destruction of your personal data before expiry of the retention period as provided in law. Such requests shall be processed in accordance with the Data Protection Act, 2019 and CYBER.CO.KE Data Protection and Privacy Policy. 

6. Cookies and Tracking Technologies

CYBER.CO.KE website use “cookies” to give you more personal, convenient website visits. This enables us to recognize you during subsequent visits. Our website may utilize cookies and similar tracking technologies to enhance your user experience, improve website performance and analyze user behavior. Cookies are small text files that are stored on your device when you visit our website.

Data stored in a cookie is created by the server upon your connection. This data is labelled with an ID unique to you and your computer or smartphone and can only be read by a web server in the domain that issued the cookie to you. They help us recognize you and remember your preferences, allowing for a more personalized experience.

You can accept or decline cookies. If you choose to decline cookies, you may not be able to fully experience the interactive features of CYBER.CO.KE services or websites you visit. By using our website, you consent to the use of cookies as outlined in our Privacy Policy, where you can also manage your cookie preferences.

Within the CYBER.CO.KE website, there are third party advertisements, embedded applications, plugins, widgets or external links to non-CYBER.CO.KE websites (collectively “sites”). These sites operate independently of the CYBER.CO.KE and have their own privacy policies.

When you visit these sites, you leave our website and no longer will be subject to our privacy and security policies. CYBER.CO.KE is not responsible for the privacy or security practices or the content of other sites and as such does give an endorsement of those sites or their content.

7. Your Rights

As a user, you have certain rights regarding your personal information. These include:

  • Right of Access: You have the right to request a copy of the personal information we hold about you.
  • Right of Correction: If you believe that any information we hold about you is inaccurate or incomplete, you can request its correction.
  • Right of Erasure: You have the right to request the deletion of your personal information under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.
  • Right to Object: You can object to the processing of your data for certain purposes, such as direct marketing.
  • Right to Withdraw Consent: If you have given your consent for specific data processing activities, you have the right to withdraw that consent at any time.

To exercise any of these rights or inquire about your data privacy, please contact us using the contact information provided at the end of this statement.

8. Changes to this Data Privacy Statement

We reserve the right to update and modify this Data Privacy Statement to reflect changes in our data handling practices or for legal, operational or regulatory reasons here in Kenya. Any updates will be posted on this page, and the “Effective Date” at the top will be revised accordingly. We encourage you to check this page regularly for any changes. Unless otherwise stated, the current version shall supersede and replace all previous versions of the Data Privacy Statement.

9. Contact Us

CYBER.CO.KE welcomes your questions or concerns about how it processes your personal data or if you want to exercise any of your rights in relation to your personal data. If you have any questions, concerns, or requests regarding your personal information or this Data Privacy Statement, please contact us at:

CYBER.CO.KE 

Data Privacy Officer 

P.O.Box 97484 – 80112

Mombasa, Kenya

Mobile: 0723 737 740

Email: [email protected] 

Thank you for using CYBER.CO.KE for all your online services in Kenya and for entrusting us with your personal information. We are dedicated to maintaining the utmost confidentiality and ensuring a safe and secure online environment for all our users in Kenya and the world at large.