PhiTech Solutions Group (K) Ltd
Data Privacy Policy

Last Updated: 20/05/2025

Table of Contents

Introduction Data We Collect How We Use Your Data Legal Basis for Processing Data Sharing and Third Parties Data Retention Data Security Your Rights Cookies and Tracking International Data Transfers Children’s Privacy Updates to This Policy Contact Information

Have a Question?

+254 716 191600

info@phitech.co.ke

Introduction

PhiTech Solutions Group (K) Ltd is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information across all our platforms including websites, mobile applications, and services in compliance with Kenya’s Data Protection Act, 2019

PhiTech Solutions Group (K) Ltd is the Data Controller responsible for your personal data


Data We Collect

We collect personal and technical information from you directly when you interact with us, including:

  • Personal identifiers: full name, email address, phone number, company name, job title
  • Project details or inquiries submitted through forms like “Contact Us” or “Get Started”
  • Technical data such as IP address, device type, browser information when accessing our servicess
  • Usage data related to how you use our services and platforms
  • Other information necessary for delivering our IT consultancy, cloud, network, security, bulk SMS, software development, and related solutions

We may also collect operational logs or data generated automatically during service provision


We rely on the following lawful bases under Kenya’s Data Protection Act:

  • Your consent when you provide data through our platforms or communications
  • The necessity to perform contracts or deliver services you have requested
  • Compliance with legal or regulatory obligations
  • Our legitimate interests in ensuring service quality, security, and operational efficiency, balanced against your privacy rights

Data Sharing and Third Parties

We do not sell or rent your personal data

We may share your data with:

  • Trusted service providers and partners who assist in service delivery under strict confidentiality agreements and security standards
  • Regulatory, legal, or governmental authorities when required by law or to protect our rights

All third parties are vetted to ensure compliance with applicable data protection laws


Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy, typically until your project or service engagement ends. In some cases, we may retain data longer to comply with legal obligations or for legitimate business purposes such as dispute resolution or fraud prevention

When retention is no longer necessary, your data is securely deleted or anonymized


Data Security

We apply robust technical and organizational security measures, including but not limited to:

  • Data encryption in transit and at rest
  • Strong access controls limiting data access to authorized personnel only
  • Regular security audits, monitoring, and vulnerability testing
  • Incident response procedures to address and mitigate data breaches
  • Ongoing staff training on data privacy and cybersecurity best practices

We continuously update our security measures to protect against emerging threats


Your Rights

Under Kenya’s Data Protection Act, you have the right to:

  • Access your personal data held by us
  • Request correction or updating of inaccurate or incomplete data
  • Request deletion or restriction of processing where applicable
  • Object to certain types of processing, including processing based on legitimate interests
  • Request data portability for data you provided to us
  • Withdraw consent at any time without affecting the lawfulness of processing before withdrawal

To exercise any of these rights, contact us through any of our official contact points i.e. Telephone, and/or a written email encompassing the request. We will respond promptly in accordance with legal requirements


Cookies and Tracking

Our website and platforms use cookies and tracking technologies to enhance your browsing experience, analyze site traffic, and provide personalized content and advertisements. By continuing to use our website and platforms, you consent to the collection and use of these cookies. If you wish to, you can manage your cookie preferences through your browser settings


International Data Transfers

Your data may be processed and stored in Kenya, other African countries where we operate or internationally from any of our data center partners. When transferring data across borders, we ensure appropriate safeguards are in place to protect your data privacy rights, in line with applicable laws


Children’s Privacy

Our services are not intended for individuals under the age of 18, or any under-age persons who have not attained legal adulthood in their jurisdiction. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a minor, we will promptly delete it


Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements or our practices. The latest version will always be posted on our website with an updated “Last Updated” date. We encourage you to review this policy regularly


Contact Information

For any questions, concerns, or to exercise your data privacy rights, please contact:

Data Protection Officer (DPO)
PhiTech Solutions Group (K) Ltd
legal@phitech.co.ke and cc: philip.mwangi@phitech.co.ke
Phone: +254716191600
Address: 31668-00600, Nairobi.

->