Introduction

ACTSERV is committed to protecting your privacy.

This Data Privacy Policy (“Policy”) will help you understand how ACTSERV uses and protects the data you provide to us.

It applies to all clients, suppliers, visitors, employees, contractors and other third parties as well as everyone who visits our premises. This Policy should be read together with the Cookie Policy and Terms of Use.

Definition

  • Consent an express, specific indication, given freely, of your wishes, by which you signify you agree to the processing of your personal data.
  • Personal Data any information relating to a person including their name, identity card number, physical, postal or email address etc.
  • Processing operations performed on personal data such as to collect, record, organise, store, alter, retrieve, disclose, combine or erase data.
  • You”, “Your means a client, supplier, visitor, employees, contractor and other third parties as well as everyone who visits our premises.
  • We”, “Us”, “Our”, andOurs means ACTSERV and its affiliates.

Data We Collect

We collect and process your information with your knowledge and consent in various ways and includes but is not limited to:

  • Your identity, contact information and data profile, interests and preferences from your contact with us via our website or subscription to our articles and reports.
  • Your preferences for particular services, based on information provided by you or from your subscription to our articles and reports.
  • Your identity and contact information from when we provide services to you or your organisation.
  • Your identity, contact information, vehicle registration details and National Identification Number (ID) when you visit our office. Collected for safety and security purposes.
  • Your employment and education information, sensitive personal information in your employment with us.
  • Photograph, footage and voice recording when you visit our office as we use Closed Circuit Television (CCTV) surveillance. Collected for safety, security and prevention of crime.
  • From meetings, telephone conversations, social media applications and other forms of communication.

The information that is collected includes:

  • Identity and contact information- name, position, role, company or organisation, telephone number, email and postal address and social media account.
  • Information from the government – national identification number (ID), KRA Pin, NHIF number, NSSF number, Passport number etc.
  • Business information- identifying you in relation to the services which you may need from us or in which you are involved.
  • Marketing and communications information.
  • Employment and education information.
  • Sensitive personal information

Why We Collect Your Data

We are collecting your information for a lawful basis and the following reasons:

  • Performance of a contract – this is when the processing of your personal information is necessary in order to perform our obligations under a contract.
  • Know Your Client (KYC) and to conduct due diligence.
  • Legal obligation to process your personal information such as keeping records for tax purposes, litigation purposes or providing information to a public body or law enforcement agency.
  • To protect our information, assets and technology platforms from unauthorised access or usage and to monitor for malware and other security threats.
  • To offer information or services to individuals who visit our website or offer information about employment opportunities.
  • To communicate to with and to you.
  • To pursue legitimate business interests such as quality control, training, debt recovery and to ensure effective operations.
  • To verify identity and information through publicly available or restricted access government databases to comply with regulatory responsibilities.
  •  To keep you informed about our existing and new products and services. You may opt out of receiving marketing messages at any time by contacting us.

Legitimate Interests

Personal data shall only be collected for specified, explicit and legitimate purpose and shall not be further processed in a manner that is incompatible with those purposes.

Direct Marketing

You may be asked to opt in or give any other form of consent before receiving marketing messages from us.

You may ask us to stop sending you marketing messages at any time by writing to us at dpo@actserv-africa.com or logging on to our website, www.actserv.co.ke  and adjusting your marketing preferences, or by following the optout links on any marketing message sent to you.

Use of Cookies

We may store some information using “cookies” on your computer when you visit our website. They collect and store information about how you use our website, and may record your use of the website. The personal data we collect through these technologies will also be used to provide you with better service and experience when browsing, for analytics and to manage your session.

For more information about cookies and how we use them, please see our Cookies Policy on our website www.actserv.co.ke.

Retention of Information

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for. This includes for the purpose of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may maintain your personal data for a longer period, in the event of a complaint, or if we reasonably believe there is a possibility of litigation with regard to our relationship with you.

So as to determine the suitable retention period for personal data, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of your data, the purposes for which we process your data and whether we can achieve those purposes through other means. We also consider the need to comply with our internal policy and the applicable regulatory, tax, accounting or other requirements.

Disclosure of Information and Third-Party Providers.

Disclosure of information will be in accordance with applicable law and regulations. We will not release information to any person that is acting beyond their legal mandate.

Information may be disclosed to:

  • Regulatory authorities, courts of law with authority and competent jurisdiction as demanded.
  • Survey agencies.
  • Debt collection agencies.
  • Our subsidiaries or affiliates.
  • Third-party providers.
  • Business partners.
  • Industry associations.

They will be bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by ACTSERV, and to follow the same obligations we follow.

International Transfer

We may need to transfer your personal information outside the Republic of Kenya to provide a particular product or service.

Where we send your information outside Kenya, we will ensure that your information is appropriately protected and is based on the legal and regulatory standards of the applicable Data Protection Laws.

Your legal rights in relation to personal data

You have certain rights under law in respect to the personal information we hold about you. In particular, you have a legal right to:

  • Be informed that we collect personal data and the use to which your data is to be put.
  • Obtain confirmation as to whether we process personal data about you.
  • Access the personal data in our custody, request a copy of it and obtain other information about how and why we process your personal data.
  • Request for your personal data to be amended or rectified where it is inaccurate (for example, if you change your name or address) and to have incomplete personal data completed.
  • Request that we delete your personal data. Please note that we may continue to hold your personal data if we are obligated or entitled by law to do so.
  • Restrict, object or withdraw consent to the processing of your personal data. Please note that we may continue to process your personal data if we have a legitimate reason to do so.
  • Request transfer of your personal data provided by you to us, or to request us to send the data to another organisation if technically feasible.

If you would like to exercise any of your rights above, contact us at dpo@actserv-africa.com

Safeguarding and Securing the Data ACTSERV is committed to securing your data and keeping it confidential.  We have put in place technical and organisational measures to ensure the integrity of your data and to prevent theft, unauthorized access, and unauthorised disclosure. Such measures include requiring confidentiality from our employees and any other person who handles personal data and information technology security measures such as access controls and firewalls.

Contact Us

If you would like to reach out to us about this privacy policy or our use of your personal data, kindly submit your request or contact us at:

Data Protection Officer,
ACTSERV,
1113 Kayahwe Rd, Off Galana Rd, Kilimani.
P. O. Box 10472 – 00100,
NAIROBI.
Email: dpo@actserv-africa.com

Phone:

+254 111 037 100
+254 20 271 74 03 || +254 20 271 00 28
+254 708 710 028 || +254 785 710 028
Website: www.actserv.co.ke

Statement Effective Date

We reserve the right to change this policy at any given time, of which it will be promptly updated. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page.

This Privacy Notice was last updated on November 2023.