Akengo Kenya Company Limited, a company incorporated in Kenya (“we,” “us,” “our”) is committed to protecting the privacy and security of your Personal Data.
The objective of this policy is to affirm our commitment to protecting your privacy rights as users of our services.
“Personal Data” means information about a natural person who is identified or can be identified from that information (either by itself or when combined with other information).
Name, telephone number, age, gender, location, income, livelihood, education level, work history, asset ownership, goals and aspirations, skills, interest in products/services, persistence through content, social connections (through referrals), trust/influence, health concerns / needs, literacy, numeracy, relationship to our partners, product/service consumption history (related to our partners products or others), time/frequency/depth of engagement, farm size, savings, and loans and other financial targets, rating of content, grammar, language preference, religion, locus of control, favourite football team, usage statistics and language preference]
a) To compile and display content and information that might be of interest to learners.
b) Use Personal Data on an aggregate basis (without personal identifiers) to develop and display new features and content for the Services or to provide our partners with aggregate information about the users and usage patterns of the Services.
c)Perform statistical analyses of user behaviour (on an aggregate basis) to measure interest in and use of the various areas of the Services.
d)To determine qualification for airtime or other financial rewards offered as incentives for some projects and to identify based on criteria who to invite into new projects, some of which have financial incentives., e.g. airtime rewards or unconditional cash transfers.
We may disclose and transfer your Personal Data to select third parties, agents, contractors and service providers or partners in connection with such partners’ use of the services with restrictions that they may not use your Personal Data for any other purposes and on the basis of a Non-Disclosure agreement and subject to compliance with Data Protection Laws..
Outlined below are the various ways in which we share Personal Data
a)Learning using citing analysis of aggregate data may be shared broadly to investors, team, partners and published to the general public [no individual level is included, and not individual identification is made.]
b)Where content is accessed via Short Code 22744, partners have access to anonymized individual level Personal Data including engagement figures, topics engaged with, performance data, certificates earned.
c)Where content is shared via Arifu X, partners have access to individual level Personal Data including phone numbers, engagement figures, topics engaged with, performance data, certificates earned.
d)Research partners may get access to phone numbers and individual learner Personal Data for research purposes upon signing a Non-Disclosure Agreement.
e)Partners who pay for a premium lead generation feature will have access to phone numbers, where a learner is asked if they want to be contacted by the partner organization.
f) Our various service providers included but not limited to content application providers, channel partners, data management service providers.
g)Internal teams - Data, Project Management, Business Development.
From time to time, Arifu may need to transfer your Personal Data outside of Kenya or may receive Personal Data from outside of Kenya as part of its service delivery. Both the receiving and disclosing parties shall ensure adequate safeguards with respect to security and protection of Personal Data are in place in compliance to Data Protection laws.
The security of any Personal Information is important to us. To this end, we have in place the following security measures to ensure your Personal Data is secure.
a)A firewall to prevent unauthorized external access to our system
b)Password protection and on-demand access to critical system servers that hold Personal Data.
c)SSL certificates for customer-facing websites and external connections, except connections that go through a secured VPN.
d)Our systems have capability to detect any data security breaches and timely appropriate action taken to remedy.
e)All our employees are trained to ensure high standards in relation to data protection.
f) We use best efforts to keep confidential any information collected which may be of confidential nature, with the exception of such information which:
g)Our security practices and procedures are certified and are audited on a regular basis.
h)Although we make best possible efforts to transmit and store all the Personal Data in a secure operating environment that is not open to the public, there is no such thing as complete security, and we do not guarantee that there will be no unintended disclosures of any Information Collected. If We become aware that any Personal Data has been disclosed in a manner that is not in accordance with this Policy, We will use best efforts to notify you of the nature and extent of such disclosure (to the extent of our knowledge) as soon as reasonably possible and as permitted by Law.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for. Your data is stored in a secure environment.
We have mechanisms in place to ensure that you can exercise the following legal rights.
a)Right to give and withdraw consent at any time
b)Right to be informed of the use to which Personal Data is to be put
c)Right to access your Personal Data
d) Right to object to the processing of all or part of your Personal Data unless there is a compelling legitimate interest or for legal purposes
e)Right to request confirmation of what Personal Data is held
f)Right to request correction of any errors, omissions, out-dated, Personal Data inaccurate, incomplete or misleading personal data, and request third parties processing the personal data of the request. This will however not apply to Personal Data required for legal purposes
g)Right to request cessation of use the Personal Data
h)Right to request removal from any contact/mailing list
i)Right to restrict use of your Personal Data
j)Right to request deletion of Personal Data that is irrelevant, excessive or obtained unlawfully, and request third parties processing the Personal Data of the request. This will however not apply to Personal Data required for legal purposes
k)Right to request transfer of Personal Data to another organisation