Privacy Policy | ICycleTech

Effective Date: March 2026

At ICycleTech, we are committed to bridging the digital divide while strictly protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information in full compliance with the Kenya Data Protection Act, 2019 (KDPA).

1. Information We Collect

We only collect data that is strictly necessary for our logistics, operations, and communications. This includes:

Identity Data: Full names, organizational titles, and contact persons.
Contact Data: Email addresses, phone numbers, and physical locations/addresses.
Operational Data: Details regarding donated hardware (e.g., serial numbers, device types) or requested hardware for beneficiary tracking.

2. How We Use Your Data

We act as the Data Controller. Your personal data is used exclusively to:

Process, track, and acknowledge hardware donations securely.
Generate verifiable PDF Impact Reports and Certificates of Appreciation.
Communicate with you regarding partnership inquiries, technical support, and deployment updates.
Maintain an immutable Audit Log to prevent fraud and ensure operational transparency.

3. Data Security & Storage

ICycleTech employs enterprise-grade security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way. All data is routed through secure (HTTPS) connections and stored in encrypted databases with strict role-based access control (RBAC). Only authorized personnel can view sensitive donor or recipient details.

4. Data Sharing & Third Parties

We do not sell, rent, or trade your personal data. We may share necessary information with trusted third-party service providers (such as secure email routing services) strictly for the purpose of operating the ICycleTech platform. These providers are bound by strict confidentiality agreements.

5. Your Rights Under KDPA

Under the Kenya Data Protection Act, you have the right to:

Access: Request a copy of the personal data we hold about you.
Correction: Request correction of incomplete or inaccurate data.
Erasure: Request the deletion or removal of personal data where there is no compelling operational or legal reason for us to continue processing it.
Objection: Object to the processing of your personal data.

6. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please reach out to our administration team at [email protected].