Contact Us
Your Privacy Matters to Us

Privacy Policy

Contact us

Privacy Policy

South Consulting Africa Limited
Learn how we collect, use, and protect your personal information

Last Updated Date: 25 July 2025

1. Introduction

At South Consulting Africa Limited (“we,” “our,” or “us”), we value your privacy and are committed to protecting your personal data in accordance with Kenya’s Data Protection Act, 2019 and regulations from the Office of the Data Protection Commissioner (ODPC).

This policy outlines how we collect, use, share, and protect your data when you engage with our services—whether via our website, mobile platforms, or any other digital touchpoints.

By using our services, you consent to this policy. If you disagree, please discontinue use immediately.

2. Key Definitions

  • Personal Data: Information that identifies you directly or indirectly (e.g., name, ID number, email).

  • Data Subject: You—the individual whose personal data we process.

  • Processing: Any action performed on personal data, such as collection, storage, use, or deletion.

  • Consent: Your freely given, specific, informed, and unambiguous agreement to data processing.

3. Information We Collect

3.1 Data You Provide

We may collect the following personal data when you:

  • Create an account or profile (e.g., name, phone, email)

  • Apply for jobs or internships (e.g., CV, education history)

  • Submit inquiries (via forms or email)

  • Make payments (e.g., M-Pesa, card details)

  • Participate in surveys or research activities

3.2 Automatically Collected Data

  • Device Information: IP address, device type, browser, OS

  • Usage Data: Pages visited, session duration, interaction data

  • Cookies & Tracking: See Section 8 for details

3.3 Third-Party Sources

We may receive additional data from:

  • Payment providers and partners

  • Social media platforms (if linked)

  • Public or regulatory databases

4. Legal Basis for Processing

We process your personal data on the following legal grounds, as permitted by Kenya’s Data Protection Act:

Legal Basis Description
Consent For optional services like marketing (can withdraw anytime)
Contractual Necessity To deliver services or respond to requests
Legal Obligation For tax, audit, and regulatory compliance
Legitimate Interest To prevent fraud or improve our services, provided your rights are not overridden

5. How We Use Your Data

Purpose Legal Basis
Deliver services Contract
Process transactions Legal obligation
Send newsletters or updates Consent
Improve user experience Legitimate interest
Detect or prevent fraud Legitimate interest
Comply with applicable laws Legal obligation

6. Data Sharing & Disclosure

We may share personal data with:

  • Service providers (e.g., hosting, analytics, payment gateways)

  • Regulatory authorities (e.g., ODPC, KRA) when legally required

  • Mergers & acquisitions: In case of business transfer

We do not sell personal data. All third parties must adhere to Kenya’s data protection laws.

7. Cross-Border Data Transfers

If personal data is transferred outside Kenya:

  • We ensure the receiving country has adequate data protection, or

  • We use ODPC-approved safeguards, such as Standard Contractual Clauses

8. Cookies & Tracking Technologies

8.1 Types of Cookies

Type Purpose Example
Essential Site functionality Login sessions
Analytics Improve service Google Analytics
Marketing Ads personalization Facebook Pixel

8.2 Your Choices

  • Manage preferences via the cookie banner

  • Disable cookies in your browser settings

  • Opt out of tracking by rejecting cookies consent

9. Data Security Measures

We implement technical and organizational safeguards in line with Section 43 of the DPA:

  • Encryption: SSL/TLS for secure data transmission

  • Access Controls: Role-based user access and authentication

  • Breach Response: In the event of a data breach, we notify ODPC and affected individuals within 72 hours

10. Your Rights Under Kenya’s Data Protection Act

As a data subject, you have the right to:

  1. Access – Request your personal data

  2. Rectification – Correct inaccurate or incomplete data

  3. Erasure – Request deletion of your data where applicable

  4. Restrict Processing – Limit how your data is used

  5. Data Portability – Receive your data in a portable format

  6. Object – Decline certain types of processing, like marketing

  7. Complain – Lodge a complaint with the ODPC

11. Data Retention

We retain your data only as long as necessary for the following purposes:

  • Account data: Retained until user requests deletion

  • Legal compliance: Retained up to 7 years (e.g., tax records)

  • Marketing: Until you opt out or withdraw consent

12. Children’s Privacy

We do not knowingly collect data from children under the age of 16 without verifiable parental or guardian consent.

13. External Links

Our platforms may contain links to external sites. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

14. Policy Updates

This policy may be updated periodically. We will notify you of any material changes via email or on our website.

Feedback? Contact us

Logo

Feel free to contact our team if you have any questions or feedback.

+254-722-207-851 or +254-700-585-220

Karen, Miotoni Rd.
P.O. Box 24114 – 00502

Karen, Nairobi, Kenya

Our Sustainability Policy
News & Insights
Get involved
Resources
Social media

Follow us on the social media networks.

©South Consulting Africa Limited. All rights reserved.
Website powered by Softzone Limited.