Privacy Policy

This policy informs on the management of Personal Data in the information life cycle and the commitment of South-End Tech Limited to protect the Personal Data including the Personal Sensitive Data. This is in compliance with Article 31 of the Constitution of Kenya, The Data Protection Act No. 19 of 2019 and its General Regulations of 2021.

1. Audience

This policy applies to South-End Tech Limited (hereinafter called “the company”) employees and its clients both natural persons and corporate entities.

• Purpose

The Data Privacy Policy is intended to provide a framework for the protection of personally identifiable information and the responsibilities with which South- End Tech Limited employees must comply.  In the regular course of business, South-End Tech, its subsidiaries, and third-party vendors, from time to time accumulate consumer and employee information that may be deemed private or sensitive in nature.  The Company will take appropriate steps to protect personally identifiable information in its possession or control.

• Scope

This policy informs you of our policies/processes regarding the collection, use and disclosure of personal information we receive from our employees, customers and third-party vendors.

• Consent to Collection

We generally collect and process your personal data to be able to provide you with the services, products and information you request, and to perform actions in connection with a contract we have with you. We may also ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personal data, as defined in the Data Protection Act No. 24 of 2019, means information relating to identifed or identifiable natural person.

1. Information relating to race, gender, sex, pregnancy, marital status, national, ethnic or social origin, colour, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language and birth of the person;
2. Information relating to the education or the medical, financial, criminal or employment history of the person;
3. Any identifying number, symbol, e-email address, physical address, telephone number, location information, online identifier or other particular assignment to the person;
4. The biometric information of the person;
5. The personal opinions, views or preferences of the person;
6. Correspondence sent by the person that is implicitly or explicitly of a private or confidential nature of further correspondence that would reveal the contents of the original correspondence;
7. The views or opinions of another individual about the person; and
8. The name of the person if it appears with other personal information relating to the person or if the disclosure of the name itself would reveal information about the person.

• Policy Statements

Notice, Collection, Use and Retention of PII

1. Provide notice and choice to individuals regarding information collection and use
2. Review purpose of PII collected, used and retained for appropriate business needs annually or as needed
3. Do not store, use, or process consumer or employee PII without a valid business need and/or incompatible with the Company’s Privacy Notice
4. Do not sell, rent or lease PII to any third-party vendor
5. PII may be disclosed to Third Parties only for Company sponsored activities.  Third Parties used for processing or storing information must agree to conform to the Company’s Data Privacy Policy and Privacy Notice
6. Disclosure of PII will be limited to the Company’s employees who have a legitimate business need
7. PII will be retained only as long as needed to fulfil the business purpose or as required by law and as outlined in the Company’s Record Retention Guidelines

Information Accuracy and Integrity of PII

1. Consumers and Employees will have reasonable access to verify and challenge the accuracy of their PII
2. In accordance with the Company’s Information Asset Classification Policy and Information Asset Classification Technical Standards and Guidelines, industry standard methods will be used to help ensure the integrity of collected data, including various error checking schemes
3. Regular backups of critical information will be created and stored to help ensure that corrupted data can be restored

Information Protection of PII

1. In accordance with the Company’s Information Asset Classification Policy and Information Asset Classification Technical Standards and Guidelines, industry standard encryption is needed to protect the confidentiality and integrity of PII transmitted over public networks
2. Access will be physically and logically restricted and limited to only those Company  employees with a valid business need to access PII

Enforcement and Oversight

1. PII will be reviewed annually by the Office of the Data Protection Commissioner (ODPC) to help ensure that better commercial practices are in place to obtain and protect PII.
2. TheData Protection Officer will work with ODPC to help ensure that reviews are complete and accurate
3. The Data Protection Officer will help ensure that collection and use policies comply with relevant privacy and data protection laws and regulations i.e. Data Protection Act.
4. The DPO will provide oversight for all third-party relationships, helping ensure that authorized third parties are notified of and agree to conform to Company’s Data Privacy Policy and Privacy Notice.
5. If a breach of this policy is suspected, the Information Officer must be notified

• Log Data

Like many site operators, we collect information that your browser sends whenever you visit our website https://southendtech.co.ke/.

This data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages and other statistics.

In addition, we may use third party services such as Google Analytics that collect, monitor and analyse this data.

• Communications

We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that browsed on the website.

• Cookies

Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive.

Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.

• Changes to this Privacy Policy

This Privacy Policy is effective as of (July2022-July 2023) will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

We reserve the right to update or change our Data Privacy Policy at any time and you should check this Data Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Data Privacy Policy.

If we make any material changes to this Data Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

10. Contact Us

If you have any questions, comments, or concerns about this Data Privacy Policy, please contact us using the contact information below. You may also reach out to our Data Protection Officer at info@southendtech.co.ke

Email:          info@southendtech.co.ke

Website:      www.southendtech.co.ke

LinkedIn:     https://www.linkedin.com/company/south-end-tech-limited/

11. Document Change Control

Version	Change Description	Date	Author