Asterisks Data Solutions Ltd Privacy Policy
Last Updated: June 2026
1. Introduction
Asterisks Data Solutions Ltd ("Asterisks", "we", "our", or "us") is committed to protecting the privacy, confidentiality, and security of personal data entrusted to us.
This Privacy Policy explains how we collect, use, process, store, disclose, and protect personal information through:
- Our website;
- Software applications and digital platforms;
- Cloud and on-premises solutions;
- Managed IT services;
- Backup and disaster recovery services;
- Cybersecurity and monitoring solutions;
- Technical support services;
- Consulting and advisory engagements; and
- Any other products or services offered by Asterisks Data Solutions Ltd.
This policy applies to:
- Customers and clients;
- Website visitors;
- End users of our software products;
- Employees and representatives of client organizations;
- Business partners and vendors; and
- Individuals who communicate with us.
2. Legal Framework
Our privacy practices are guided by applicable laws and recognized industry standards, including:
- The Kenya Data Protection Act, 2019;
- Applicable international privacy regulations where required;
- Contractual confidentiality obligations;
- Industry best practices for information security and risk management.
3. Information We Collect
Depending on the services provided, we may collect:
3.1 Personal Information
- Full names;
- Email addresses;
- Phone numbers;
- Physical addresses;
- Company names and job titles;
- National identification information where legally required.
3.2 Account Information
- Usernames;
- Passwords (stored securely and encrypted where applicable);
- User preferences;
- Authentication records.
3.3 Technical Information
- IP addresses;
- Browser type and version;
- Device identifiers;
- Operating systems;
- Access logs;
- Session information.
3.4 Business Information
Information necessary to deliver our services, including:
- Documents and files;
- System configurations;
- Backup data;
- Server information;
- Software usage records;
- Operational and performance data.
3.5 Payment Information
Where applicable, billing and transaction information required to process payments and maintain accounting records.
4. Legal Bases for Processing
We process personal data on the basis of:
Contractual Necessity
To provide products and services requested by customers.
Legal Obligations
To comply with applicable laws and regulatory requirements.
Legitimate Interests
To improve our services, maintain security, prevent fraud, and manage our business operations.
Consent
Where consent is required for marketing communications or specific processing activities.
5. How We Use Personal Data
We use personal data to:
Provide Services
Including:
- Software development and support;
- Server deployment and administration;
- Cloud services;
- Backup and disaster recovery;
- Monitoring and cybersecurity services;
- Technical consulting and advisory;
- Product maintenance and updates.
Customer Support
To respond to inquiries, troubleshoot issues, and provide assistance.
Security
To:
- Detect unauthorized access;
- Prevent abuse and fraud;
- Monitor system health;
- Investigate incidents.
Service Improvement
To:
- Enhance user experience;
- Develop new products and features;
- Improve performance and reliability.
Communication
To send:
- Service notifications;
- Technical updates;
- Maintenance notices;
- Marketing communications where consent has been provided.
6. Sharing of Information
We do not sell personal data.
We may share information with:
Service Providers
Including providers involved in:
- Cloud hosting;
- Backup infrastructure;
- Payment processing;
- Security monitoring;
- Technical support.
All third parties are required to maintain appropriate confidentiality and security measures.
Legal Requirements
We may disclose information when required by:
- Applicable laws;
- Court orders;
- Regulatory authorities;
- Law enforcement agencies acting under lawful authority.
Business Transfers
In the event of a merger, acquisition, or restructuring, information may be transferred subject to continued privacy protections.
7. International Data Transfers
Where information is processed outside Kenya, we implement appropriate safeguards to ensure adequate protection of personal data.
8. Security Measures
We employ technical and organizational safeguards including:
- Encryption of data in transit and at rest where applicable;
- Access controls and role-based permissions;
- Firewalls and network security controls;
- Monitoring and logging;
- Regular updates and security maintenance;
- Backup and disaster recovery mechanisms;
- Security awareness practices for personnel.
While we strive to protect information, no system can guarantee absolute security.
9. Data Retention
We retain information only for as long as necessary to:
- Deliver services;
- Meet legal obligations;
- Resolve disputes;
- Maintain backups and audit records.
Retention periods may vary depending on the type of service and contractual requirements.
10. Your Rights
Subject to applicable laws, individuals may have the right to:
- Access personal information;
- Request correction of inaccurate information;
- Request deletion of personal data;
- Restrict processing;
- Object to certain forms of processing;
- Withdraw consent where processing is based on consent.
Requests may require identity verification.
11. Cookies and Website Technologies
Our website and applications may use cookies and similar technologies to:
- Enable functionality;
- Improve performance;
- Analyze usage;
- Remember preferences.
Users may manage cookie settings through their browsers.
12. Data Breach Response
If a security incident affecting personal data occurs, we will:
- Investigate and contain the incident;
- Take corrective measures;
- Notify affected parties where legally required;
- Cooperate with relevant authorities.
13. Children's Privacy
Our services are not intentionally directed toward children under 18 years of age.
We do not knowingly collect personal information from children without appropriate legal authorization.
14. Confidential Information
Because many of our services involve sensitive business systems and data, we treat customer information as confidential and implement appropriate safeguards to protect it.
Access to customer information is limited to authorized personnel and only where necessary for service delivery.
15. Third-Party Services
Our solutions may integrate with third-party platforms or services.
We are not responsible for the privacy practices of external websites or services not operated by Asterisks Data Solutions Ltd.
16. Changes to this Policy
We may update this Privacy Policy from time to time.
Material changes will be communicated through appropriate channels, including:
- Website notices;
- Email notifications where appropriate.
The latest version will always supersede previous versions.
17. Complaints
Individuals may lodge complaints with the relevant data protection authorities where they believe their rights have been violated.
We encourage users to contact us first so that we may address concerns promptly.
18. Contact Information
Asterisks Data Solutions Ltd
Website: https://asterisksdata.co.ke/
Email: info@asterisksdata.co.ke
For privacy-related requests:
Email: privacy@asterisksdata.co.ke
19. Acceptance
By using our services, websites, software platforms, or engaging Asterisks Data Solutions Ltd, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of information as described herein.