Privacy Policy
USBIT Solutions is committed to protecting your privacy in compliance with the Kenyan Data Protection Act, 2019.
1. Introduction
USBIT Solutions ("we", "our", "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you visit our website usbitsolutions.com or engage with our services.
We are a web design, SEO, branding, and digital marketing agency based in Nairobi, Kenya. This policy applies to all visitors, clients, and users of our services.
Note: By using our website or services, you consent to the data practices described in this policy. If you do not agree with the terms, please do not access or use our services.
2. Information We Collect
2.1 Personal Information
We collect personal information that you voluntarily provide to us when you:
- Fill out contact forms on our website
- Request quotes or consultations
- Subscribe to our newsletter
- Engage our services
- Participate in surveys or promotions
- Contact our customer support
This information may include:
- Full name
- Email address
- Phone number
- Company/organization name
- Physical address (Nairobi location if applicable)
- Payment information (for service payments)
- Project requirements and details
2.2 Technical Information
We automatically collect certain information when you visit our website:
- IP address and device information
- Browser type and version
- Operating system
- Pages visited and time spent
- Referring website URLs
- Clickstream data
2.3 Cookies and Tracking Technologies
We use cookies and similar tracking technologies to track activity on our website. Cookies are files with small amount of data which may include an anonymous unique identifier.
Types of cookies we use:
- Essential Cookies: Necessary for website functionality
- Analytics Cookies: Help us understand how visitors interact with our website
- Preference Cookies: Remember your settings and preferences
- Marketing Cookies: Used to deliver relevant advertisements
3. How We Use Your Information
We use the information we collect for various purposes:
| Purpose | Legal Basis |
|---|---|
| To provide and maintain our services | Contractual necessity |
| To process payments and invoices | Contractual necessity |
| To communicate with you about services | Legitimate interest |
| To send marketing communications (with consent) | Consent |
| To improve our website and services | Legitimate interest |
| To comply with legal obligations | Legal requirement |
| To protect against fraudulent activities | Legitimate interest |
3.1 Marketing Communications
We may use your personal information to contact you with newsletters, marketing or promotional materials, and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link in any email we send.
4. Your Data Protection Rights Under Kenyan Law
In accordance with the Data Protection Act, 2019 of Kenya, you have the following rights:
Right to Access
You have the right to request copies of your personal data that we hold.
Right to Rectification
You have the right to request correction of any inaccurate or incomplete personal data.
Right to Erasure
You have the right to request deletion of your personal data under certain conditions.
Right to Restrict Processing
You have the right to request restriction of processing of your personal data.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used format.
Right to Object
You have the right to object to our processing of your personal data.
Right to Withdraw Consent
Where we rely on consent, you have the right to withdraw consent at any time.
To exercise any of these rights, please contact us using the information in Section 10.
Note for Kenyan Residents: You have the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC) if you believe we have violated your data protection rights.
5. Data Sharing and Disclosure
5.1 Service Providers
We may share your information with third-party service providers who perform services for us, including:
- Payment processing (M-Pesa, bank transfers)
- Website hosting and maintenance
- Email marketing services
- Analytics providers (Google Analytics)
- Customer relationship management (CRM) software
5.2 Legal Requirements
We may disclose your personal data if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency in Kenya).
5.3 Business Transfers
In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction.
5.4 International Transfers
Your information, including personal data, may be transferred to — and maintained on — computers located outside of Kenya where data protection laws may differ. We ensure appropriate safeguards are in place for such transfers.
6. Data Security
We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:
- Secure Socket Layer (SSL) encryption for data transmission
- Regular security assessments and updates
- Access controls and authentication procedures
- Regular data backups
- Employee training on data protection
However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Retention Periods:
- Client Data: 7 years after service termination (for tax and legal purposes)
- Prospect Data: 2 years from last contact
- Marketing Data: Until consent is withdrawn
- Website Analytics: 26 months
After the retention period, we will securely delete or anonymize your personal data.
8. Children's Privacy
Our services are not intended for individuals under the age of 18 ("Children"). We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.
9. Third-Party Links
Our website may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
10. Contact Us
For any questions, concerns, or requests regarding this privacy policy or your personal data, please contact us:
USBIT Solutions
Data Protection Officer
Email: privacy@usbitsolutions.com
Phone: +254 790 913 455
Address: Nairobi, Kenya
Office of the Data Protection Commissioner (Kenya)
For complaints regarding data protection:
Email: info@odpc.go.ke
Website: www.odpc.go.ke
11. Changes to This Privacy Policy
We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last Updated" date.
You are advised to review this privacy policy periodically for any changes. Changes to this privacy policy are effective when they are posted on this page.
