This is the policy of Kesilo. It is for the purpose of giving users a comprehensive guide of how they should expect us to use their data.
Personal data: Data privy to an enterprise which would otherwise not be available to the public.
Processing: Deriving any form of information from a given set of collected data.
User: Enterprise or individual using our API.
We gather information pertinent to legitimate purposes only. Kesilo possesses information about an entreprise if:
(a) an entreprise has provided the information,
(b) Kesilo has automatically collected the information, or
(c) Kesilo has obtained the information from a third party.
The various scenarios encompassed by these categories and the information collected in each are outlined below:
1) Account signup: Upon registering for an account to access our services, we request details such as name, contact number, email address, and company name to complete the process. Additionally, users are prompted to select a unique username and password. While optional, users may also furnish further details, such as their organization's logo. Subsequently, users have the option to set a security question and its answer, which are exclusively used for password resetting.
2) Event registrations and other form submissions: We retain information submitted during newsletter subscriptions, survey responses, or any other form submission for customer support requests, quotations, or general inquiries.
3) Payment processing: When making a purchase, users are required to furnish their name,bank account number, contact information or mobile money number, credit card details, or other payment account information. For security reasons, we only store the cardholder's name and address, the card expiry date, and the last four digits of the credit card number. The actual credit card number is not stored.
4) Testimonials: With authorization, testimonials about our products and services may include users' names and other personal details. Users have the opportunity to review and approve the testimonial content before it is published. Additionally, users can request updates or deletion of their testimonials.
5) Interactions with Kesilo: We may record, analyze, and utilize interactions between users and our sales and customer support teams via email, telephone, or chat for the purpose of enhancing user experiences.
1) Information from browsers, devices, and servers: When users visit our websites, we collect data made available by web browsers, mobile devices, and servers, including internet protocol addresses, browser types, language preferences, time zones, referring URLs, access date and time, operating systems, mobile device manufacturers, and mobile network information. This information is included in our log files to gain insights into website visitors.
2) Information from application logs and mobile analytics: We gather data on users' interaction with our products, services, and mobile applications from application logs and in-house usage analytics tools. This information, encompassing clicks, scrolls, features accessed, access times, error reports, performance data, storage usage, user settings, device configurations, and access devices and their locations, is vital for improving our products.
1) Information from reselling partners and service providers: If users contact our reselling partners or express interest in our products or services through them, the partner may provide Kesilo with users' names, email addresses, company names, and other relevant details. Additionally, information may be shared with us by event organizers if users register for or attend Kesilo sponsored events. We may also receive information from review sites if users comment on our products and services, and from other third-party service providers engaged for marketing purposes.
2) Information from social media and publicly available sources: User feedback, reviews, interactions, or engagements with Kesilo on marketplaces, review sites, or social media platforms, including Facebook, Twitter, LinkedIn, and Instagram, may provide us with additional information.
Kesilo utilizes the gathered data for the following purposes:
1) Communication: We use the collected data to communicate with you via email regarding products you have downloaded, services you have signed up for, changes to our Privacy Policy and Terms of Service, and important notices.
2) Information Updates: To keep you informed about new products, services, upcoming events, offers, promotions, and other relevant information that we believe will be of interest to you.
3) Feedback and Surveys: We may request your participation in surveys or seek feedback on our products and services.
4) Account Maintenance: The data is used to set up and maintain your account and to fulfill all other requirements for providing our services, such as facilitating collaboration, providing website and mail hosting, and backing up and restoring your data.
5) Usage Analysis: Understanding how users utilize our products and services, monitoring and preventing issues, and enhancing our offerings.
6) Customer Support: Providing customer support, analyzing and improving our customer interactions.
7) Security and Protection: Detecting and preventing fraudulent transactions and other illegal activities, reporting spam, and safeguarding the rights and interests of Kesilo, its users, third parties, and the public.
8) Marketing and Customer Engagement: Updating, expanding, and analyzing our records; identifying new customers; offering products and services of potential interest; analyzing trends; administering our websites; and tracking visitor navigations to better understand and assist them.
9) Marketing Campaigns: Monitoring and improving marketing campaigns and providing relevant user suggestions.
10) Security Services: Providing and enhancing Kesilo's security services, analyzing security threats and vulnerabilities, communicating with users about their accounts and security posture, and ensuring compliance with legal and regulatory requirements.
Opting out of Non-essential Electronic Communications: You have the option to refrain from receiving newsletters and other non-essential messages by utilizing the 'unsubscribe' function included in all such communications. However, essential notices and emails, such as account notification emails (e.g., password change, renewal reminders), security incident alerts, security and privacy update notifications, and essential transactional and payment-related emails will continue to be sent to you.
Kesilo will not disclose user data to third parties without explicit consent from the user, except in the following circumstances:
1) Third-party Service Providers: We may need to share your personal information as well as aggregated or de-identified information with engaged third-party service providers, such as marketing and advertising partners, event organizers, web analytics providers, and payment processors. These service providers are authorized to use your personal information as necessary to provide these services to us.
2) Reselling Partners: Your personal information may be shared with our authorized reselling partners in your region, solely for the purpose of contacting you about products you have downloaded or services you have signed up for. You will be given the option to opt out of further collaboration with that partner.
3) Mergers or Acquisitions: In the event of a merger or acquisition, we may share your personal information with the involved entity, with the condition that the new combined entity adheres to this Privacy Policy regarding your personal information. If your personal information could be utilized contrary to this policy, you will be provided with prior notice.
4) Legal requests: If disclosure is required by the courts of law or law enforcement agencies.
The financial data of users is processed by Kesilo for the purpose facilitating the issuance of electronic invoices and receipts, ensuring prompt recording and reflection on the URA portal.
Data from users will be retained for as long is necessary to fulfil all the processes in clause 7.
Your rights with respect to information we hold about you as a controller:
1) Right to access: You have the right to access (and get a copy if needed) the categories of personal information we have about you. This includes the information's source, purpose, and period of processing, as well as the an entreprisess with whom the information is shared.
2) Right to rectification: You have the right to update or correct any inaccuracies in the information we have about you. Depending on how we use your information, you can ask us to add additional information about you to our database.
3) Right to erasure: You have the right to ask us to delete your personal information in certain situations, such as when it's no longer needed for the original purpose of collection.
4) Right to restriction of processing: You may also have the right to ask us to limit the use of your information in specific situations, such as when you've objected to our use of your data but we need to check if we have valid reasons to use it.
5) Right to data portability: You have the right to transfer your information to another party in a structured, commonly used, and machine-readable format when your information is processed with your consent or by automated means.
6) Right to object: You have the right to object to the use of your information in certain situations, such as the use of your personal information for direct marketing.
7) Right to complain: You have the right to lodge a complaint with the appropriate supervisory authority if you have any concerns about how we collect, use, or share your information. This right may not be available if there is no data protection supervisory authority in your country.
Kesilo prioritizes the security of the information we handle and complies with GDPR requirements. We employ various measures to keep your data safe, such as:
1) Ensuring all employees and recipients of your data adhere to confidentiality agreements and only process data as outlined in our policy.
2) Enforcing an Information Security Policy for all consultants and authorized an entreprisess.
3) Applying the Information Security Policy to all stored information and related hardware and software.
4) Reviewing and implementing security practices annually, with approval from executive management and communication to all staff.
5) Providing mandatory privacy and security training for employees and consultants.
6) Establishing robust authentication and authorization controls.
7) Continuously monitoring and analyzing data to address new threats and vulnerabilities and update security controls.
8) Regularly updating our servers, workstations, and internet gateway devices with the latest antivirus definitions.
9) Conducting yearly risk assessments.
Confirm compliance with relevant data protection laws, such as Uganda’s Data Protection and Privacy Act.
Users will be notified of any changes to the data privacy policy as soon as is practical.
The law applicable is the law of Uganda
If you have any questions about Kesilo's data policy or security practices, please contact us at:
--> Email: policy@kesilo.tech
--> Phone: +256 764 767838
This Data Policy and Security document is intended to provide an overview of Kesilo's data practices.