Nairobi, Kenya
Get Started Now

Asterisks Data Solutions Ltd Privacy Policy

Last Updated: June 2026


1. Introduction

Asterisks Data Solutions Ltd ("Asterisks", "we", "our", or "us") is committed to protecting the privacy, confidentiality, and security of personal data entrusted to us.

This Privacy Policy explains how we collect, use, process, store, disclose, and protect personal information through:

  • Our website;
  • Software applications and digital platforms;
  • Cloud and on-premises solutions;
  • Managed IT services;
  • Backup and disaster recovery services;
  • Cybersecurity and monitoring solutions;
  • Technical support services;
  • Consulting and advisory engagements; and
  • Any other products or services offered by Asterisks Data Solutions Ltd.

This policy applies to:

  • Customers and clients;
  • Website visitors;
  • End users of our software products;
  • Employees and representatives of client organizations;
  • Business partners and vendors; and
  • Individuals who communicate with us.

2. Legal Framework

Our privacy practices are guided by applicable laws and recognized industry standards, including:

  • The Kenya Data Protection Act, 2019;
  • Applicable international privacy regulations where required;
  • Contractual confidentiality obligations;
  • Industry best practices for information security and risk management.

3. Information We Collect

Depending on the services provided, we may collect:

3.1 Personal Information

  • Full names;
  • Email addresses;
  • Phone numbers;
  • Physical addresses;
  • Company names and job titles;
  • National identification information where legally required.

3.2 Account Information

  • Usernames;
  • Passwords (stored securely and encrypted where applicable);
  • User preferences;
  • Authentication records.

3.3 Technical Information

  • IP addresses;
  • Browser type and version;
  • Device identifiers;
  • Operating systems;
  • Access logs;
  • Session information.

3.4 Business Information

Information necessary to deliver our services, including:

  • Documents and files;
  • System configurations;
  • Backup data;
  • Server information;
  • Software usage records;
  • Operational and performance data.

3.5 Payment Information

Where applicable, billing and transaction information required to process payments and maintain accounting records.


4. Legal Bases for Processing

We process personal data on the basis of:

Contractual Necessity

To provide products and services requested by customers.

Legal Obligations

To comply with applicable laws and regulatory requirements.

Legitimate Interests

To improve our services, maintain security, prevent fraud, and manage our business operations.

Consent

Where consent is required for marketing communications or specific processing activities.


5. How We Use Personal Data

We use personal data to:

Provide Services

Including:

  • Software development and support;
  • Server deployment and administration;
  • Cloud services;
  • Backup and disaster recovery;
  • Monitoring and cybersecurity services;
  • Technical consulting and advisory;
  • Product maintenance and updates.

Customer Support

To respond to inquiries, troubleshoot issues, and provide assistance.

Security

To:

  • Detect unauthorized access;
  • Prevent abuse and fraud;
  • Monitor system health;
  • Investigate incidents.

Service Improvement

To:

  • Enhance user experience;
  • Develop new products and features;
  • Improve performance and reliability.

Communication

To send:

  • Service notifications;
  • Technical updates;
  • Maintenance notices;
  • Marketing communications where consent has been provided.

6. Sharing of Information

We do not sell personal data.

We may share information with:

Service Providers

Including providers involved in:

  • Cloud hosting;
  • Backup infrastructure;
  • Payment processing;
  • Security monitoring;
  • Technical support.

All third parties are required to maintain appropriate confidentiality and security measures.

Legal Requirements

We may disclose information when required by:

  • Applicable laws;
  • Court orders;
  • Regulatory authorities;
  • Law enforcement agencies acting under lawful authority.

Business Transfers

In the event of a merger, acquisition, or restructuring, information may be transferred subject to continued privacy protections.


7. International Data Transfers

Where information is processed outside Kenya, we implement appropriate safeguards to ensure adequate protection of personal data.


8. Security Measures

We employ technical and organizational safeguards including:

  • Encryption of data in transit and at rest where applicable;
  • Access controls and role-based permissions;
  • Firewalls and network security controls;
  • Monitoring and logging;
  • Regular updates and security maintenance;
  • Backup and disaster recovery mechanisms;
  • Security awareness practices for personnel.

While we strive to protect information, no system can guarantee absolute security.


9. Data Retention

We retain information only for as long as necessary to:

  • Deliver services;
  • Meet legal obligations;
  • Resolve disputes;
  • Maintain backups and audit records.

Retention periods may vary depending on the type of service and contractual requirements.


10. Your Rights

Subject to applicable laws, individuals may have the right to:

  • Access personal information;
  • Request correction of inaccurate information;
  • Request deletion of personal data;
  • Restrict processing;
  • Object to certain forms of processing;
  • Withdraw consent where processing is based on consent.

Requests may require identity verification.


11. Cookies and Website Technologies

Our website and applications may use cookies and similar technologies to:

  • Enable functionality;
  • Improve performance;
  • Analyze usage;
  • Remember preferences.

Users may manage cookie settings through their browsers.


12. Data Breach Response

If a security incident affecting personal data occurs, we will:

  • Investigate and contain the incident;
  • Take corrective measures;
  • Notify affected parties where legally required;
  • Cooperate with relevant authorities.

13. Children's Privacy

Our services are not intentionally directed toward children under 18 years of age.

We do not knowingly collect personal information from children without appropriate legal authorization.


14. Confidential Information

Because many of our services involve sensitive business systems and data, we treat customer information as confidential and implement appropriate safeguards to protect it.

Access to customer information is limited to authorized personnel and only where necessary for service delivery.


15. Third-Party Services

Our solutions may integrate with third-party platforms or services.

We are not responsible for the privacy practices of external websites or services not operated by Asterisks Data Solutions Ltd.


16. Changes to this Policy

We may update this Privacy Policy from time to time.

Material changes will be communicated through appropriate channels, including:

  • Website notices;
  • Email notifications where appropriate.

The latest version will always supersede previous versions.


17. Complaints

Individuals may lodge complaints with the relevant data protection authorities where they believe their rights have been violated.

We encourage users to contact us first so that we may address concerns promptly.


18. Contact Information

Asterisks Data Solutions Ltd

Website: https://asterisksdata.co.ke/

Email: info@asterisksdata.co.ke

For privacy-related requests:

Email: privacy@asterisksdata.co.ke


19. Acceptance

By using our services, websites, software platforms, or engaging Asterisks Data Solutions Ltd, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of information as described herein.

Scroll to Top