Data Protection Statement
Our Commitment
KeshoPay is dedicated to protecting your personal data in line with the Data Protection Act (Kenya), GDPR, and other applicable laws. As an Integration-as-a-Service platform, we do not process or store payment transaction data. Our role is to facilitate secure connections between you and your chosen payment service providers (PSPs).
Data Protection Principles
We adhere to principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and confidentiality in all data processing activities.
Lawful Basis for Processing
We process your data only when there is a lawful basis, such as your consent, contractual necessity, or legal obligation. Data is collected and processed solely for providing and improving our integration services.
Your Rights
You have the right to access, rectify, erase, restrict, or object to processing of your data, and to data portability. You may withdraw consent at any time where applicable.
Security Measures
We use industry-standard technical and organizational measures to protect your data, including encryption, access controls, and regular security reviews.
Data Breach Notification
In the unlikely event of a data breach affecting your personal data, we will notify you and relevant authorities as required by law.
International Transfers
If your data is transferred outside Kenya, we ensure adequate safeguards are in place in compliance with applicable laws.
Data Protection Officer
KeshoPay has appointed a Data Protection Officer (DPO) to oversee compliance. You may contact the DPO at dpo@keshopay.co.ke for any data protection concerns.
Contact
For any data protection inquiries, contact dpo@keshopay.co.ke.