Privacy Policy

Effective Date: Jan 01, 2026

Jurisdiction: Kenya

Compliance: Data Protection Act, 2019

1. Personal Data We Process

We process the following categories of information to provide the workforce management service:

Identity & Employment

  • Full Name
  • Email
  • Phone Number
  • Employee ID
  • Role
  • Branch Details

Attendance & Technical

  • Timestamps
  • Check-in Logs
  • IP Address
  • Device Type
  • Audit Trails

2. Lawful Basis for Processing

  • Contract : Service delivery to your organization.
  • Legitimate Interest : Security and fraud prevention.
  • Legal Duty : Compliance with Kenyan regulatory laws.

3. Data Sharing & Transfers

  • We do not sell personal data. Transfers outside of Kenya follow strict ODPC guidelines and utilize Standard Contractual Clauses (SCCs) to ensure your data remains protected regardless of geography.
  • Cross-border transfers are audited for compliance with Section 48 of the Data Protection Act.

4. Security Measures

We implement a defense-in-depth strategy to protect workforce data:

  • AES-256 Encryption at rest
  • TLS 1.3 Encryption in transit
  • Token-based (qzn_...) authentication
  • Granular Role-Based Access (RBAC)

Notice to Employees

Qazeeni processes your data on behalf of your employer. For data access requests, please contact your company's HR or IT administrator first.

Data Breach Protocol

In accordance with Kenyan law, Qazeeni will notify affected clients within 72 hours of discovering a personal data breach and provide full support for ODPC reporting.

Contact Our Office

For inquiries regarding this policy or our data practices:

hello@qazeeni.com