Your data privacy is important to us. SCIOERP LTD is committed to keeping your personal data private. This privacy notice explains the personal data SCIOERP collects, how it is processed, for what purposes and how you can exercise your rights in relation to processing of your personal data.
This privacy notice should be read together with the terms and conditions. Where in conflict, the privacy notice shall prevail.
“We,” “our,” “ours,” and “us,” means SCIOERP Ltd and includes its successors in title and assigns, its affiliates and/or its subsidiaries as may from time to time be specified by SCIOERP to you.
“You,” means:
Customer – (which includes personal representatives and assigns) operating an Account held with us and includes (where appropriate) any person you authorize to give us instructions, the person who uses any of our products and services or accesses our websites. “Customer” shall include both the masculine and the feminine gender as well as juristic person.
Any agent, dealer and/or merchants who has signed an agreement with us and is recognized as a merchant or agent in accordance with any applicable laws or Regulations.
Any visitor that is a person (including contractors/subcontractors or any third parties) who gains access to any SCIOERP premises.
We may collect and process your personal data through information that you provide us such as when you fill out application forms, through our website, face-to-face and electronic communication (including telephone conversations) in order to provide our services to you.
Our Privacy notice does not apply when you leave our website, including third-party websites where our online advertisements are displayed or links to third-party websites which we do not operate or control. Please read the privacy statements/notices and terms and conditions of these third-party websites and decide whether they satisfactorily protect your rights.
We may collect, store, and use the following categories of personal data about you:
In addition, we may collect, store and use information about you while you access our services through online means, such as the browser or device you use to access our sites and platforms, how you use the sites, traffic and location data refer to our Cookie Policy.
This privacy notice aims to give you complete and transparent information on how we process your personal data. We are committed to ensure that your personal information is processed in a way that is compatible with the specified, explicit, and legitimate purpose of collection. We process your personal data in accordance with the Data Protection Act No. 24 of 2019
Where personal data relates to a child, we will process the personal data only where parental or legal guardian consent has been given. The processing of such data will be done in a manner that protects and advances the rights and best interests of the child.
We’ll only use your information where we have your consent or where we have another lawful reason including:
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. The statutory legal requirement is 7 years. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, the need to comply with our internal policy and the applicable legal, regulatory, tax, accounting or other requirements. Anonymized information that can no longer be associated with you may be held indefinitely.
Any disclosure of your information shall be in accordance with applicable law and regulations. We shall assess and review each application for information and may decline to grant such information to the requesting party.
We may disclose your information to:
To help us provide services, your data will be processed internally and externally by other third parties. We use third parties for storage of your data. We will outsource some services to third parties whom we consider capable of performing the required processing activities so that there is no reduction in the service standard provided to you by us.
Subject to legal and contractual exceptions, you have rights under data protection laws in relation to your personal data.
These are listed below:
In exercising your right as provided above, we may request specific information from you to help us confirm your identity. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Queries and concerns about your rights should be E-mail: compliance@scioerp.com
Your data is primarily stored in our data centers located within Kenya and some data resides abroad using cloud technologies and in several countries. We ensure an appropriate level of protection by the recipient of the data when we transmit your data outside Kenya, in addition, those jurisdictions must have in place Data Protection Laws.
If you are located outside Kenya and choose to provide information to us for purpose of processing, please note that we transfer the data, including Personal Data, to Kenya and process it there.
Your consent to this Privacy statement followed by your submission of such information represents your agreement to that transfer.
We do not use your information collected on the data collection modes for marketing purposes but if you apply for products and services on the data collection modes, your information may be used to inform you about other related products and services of SCIOERP that may be of interest.
Social Media
We operate and communicate through our designated channels, pages and accounts on some social media sites to inform, help and engage with our customers. We monitor and record comments and posts made about us on these channels so as to improve our services. We are not responsible for any information posted on those sites other than the information posted by our designated officials. We do not give investment, tax or other professional advice on social media sites.
As such we operate the following social channels:
Surveys & feedback
As with any regular survey, our online and mobile surveys are there to help gathering of specific information regarding our various services including transactional. This is in order to enhance the quality of service offering, which eventually will be reflected positively for our customers.
Job applications
Personal information provided on our data collection modes in connection with an application for employment will be used to determine your suitability for a position with SCIOERP. Your information may also be used to monitor our recruitment initiatives and equal opportunities policies. Applicant details may be disclosed to third parties to verify or obtain additional information including education institutions, current/previous employers and credit reference agencies. Unsuccessful applications may be retained to match your skills to future job opportunities. These are usually retained for up for 12 months but please let us know if you do not wish us to retain your information for this purpose.
All information you provide to us is stored in our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We acknowledge that there will be exceptional circumstances where personal data can be processed without the data subjects consent. There may be limitations on data subject rights when required by the law or when there are competing rights and therefore it will require an assessment based on the facts and circumstances.
You have the right to lodge a complaint with the relevant supervisory authority that is tasked with personal data protection within the Republic of Kenya.
SCIOERP reserves the right to amend this policy at any time. All amendments to this policy will be posted on the website. Unless otherwise stated, the current version shall supersede and replace all previous versions of this policy.
This Privacy Statement has been updated on (1st February 2023)
If you have questions about our Privacy Notice, please write to us:
Email: compliance@scioerp.com