NYARUMBA & ASSOCIATES

25+ Years Transforming Africa's Technology Landscape

Linkedin
Menu
Schedule A Call

Privacy Policy

Nyarumba & Associates Limited

1. Data Controller

Nyarumba & Associates Limited (“we”, “our”, “us”) is the data controller for all personal data collected through our website, consulting engagements, and communications.

Contact: info@naa.co.ke

2. Personal Data We Collect

We may collect the following types of personal data:

  • Identity data: name, title, organization
  • Contact data: email, phone number, address
  • Engagement data: project details, stakeholder roles
  • Technical data: IP address, browser type, usage logs

3. Legal Basis for Processing

We process personal data under the following lawful bases:

  • Consent: where explicitly provided by you
  • Contractual necessity: to deliver consulting services and fulfill agreements
  • Legal obligation: for compliance with applicable laws and regulations
  • Legitimate interest: for service improvement, stakeholder engagement, and business operations

4. Data Subject Rights

Under the Kenya Data Protection Act (DPA) and General Data Protection Regulation (GDPR), you have the right to:

  • Access your personal data
  • Request correction or deletion of your data
  • Withdraw consent at any time
  • Object to processing of your data
  • Lodge a complaint with the Office of the Data Protection Commissioner (Kenya) or relevant supervisory authority

To exercise any of these rights, please contact us at info@naa.co.ke.

5. Data Sharing and Transfers

We do not sell personal data. We may share data with trusted service providers under strict confidentiality agreements for purposes such as IT infrastructure, project delivery, or administrative support.

Where data is transferred outside Kenya or the European Union, we apply appropriate safeguards such as Standard Contractual Clauses or rely on adequacy decisions to ensure your data remains protected.

6. Data Retention

We retain personal data only as long as necessary for the purposes stated in this policy, to fulfill our contractual obligations, or as required by applicable law. Once no longer needed, data is securely deleted or anonymized.

7. Data Security

We implement robust technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or loss. These measures include:

  • Encryption of data in transit and at rest
  • Access controls and authentication mechanisms
  • Regular security audits and vulnerability assessments
  • Employee training on data protection best practices

8. Cookies and Website Analytics

Our website may use cookies and analytics tools to enhance user experience, understand site usage, and improve our services.

You can manage cookie preferences through your browser settings. Please note that disabling cookies may affect the functionality of certain features on our website.

9. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or operational needs.

Any updates will be posted on our website with the effective date clearly indicated. We encourage you to review this policy regularly to stay informed about how we protect your personal data.

Effective Date: 24/10/2025

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us at:

Nyarumba & Associates Limited
Email: info@naa.co.ke
Website: www.naa.co.ke

Nyarumba & Associates Limited is committed to protecting your privacy and handling your personal data with integrity, transparency, and in compliance with applicable data protection laws.