Privacy Policy
1. Who We Are
SecureZaidi is a cybersecurity and GRC consultancy based in Nairobi, Kenya. We help African enterprises achieve compliance, reduce risk, and build resilient security cultures. References to "we", "us", or "our" in this policy refer to SecureZaidi.
2. Information We Collect
We may collect the following types of personal information:
- Contact information (name, email address, organisation) submitted via our contact forms
- Usage data collected automatically when you visit our website (IP address, browser type, pages visited)
- Communications you send to us directly by email or through our website
3. How We Use Your Information
We use the information we collect to:
- Respond to enquiries and provide our services
- Send security insights and updates you have subscribed to
- Improve our website and services
- Comply with applicable laws and regulations, including the Kenya Data Protection Act 2019
4. Legal Basis for Processing
We process your personal data on the basis of your consent, the performance of a contract, and our legitimate interests in operating a cybersecurity consultancy. You may withdraw consent at any time.
5. Data Sharing
We do not sell your personal data. We may share data with trusted service providers (such as our email and form processing tools) who are contractually bound to protect it. We will not share your data with third parties for their own marketing purposes.
6. Data Retention
We retain personal data for as long as necessary to provide our services and comply with legal obligations. Contact enquiries are retained for up to 3 years unless you request deletion.
7. Your Rights
Under the Kenya Data Protection Act 2019, you have the right to access, correct, or delete your personal data, and to object to or restrict its processing. To exercise these rights, contact us at info@securezaidi.com.
8. Contact
For any privacy-related questions, please contact our Data Protection Officer at info@securezaidi.com.