Menu
Contact us

Privacy Policy

Introduction

At DPE, we are committed to protecting and respecting your privacy.

The purpose of this Privacy Policy is to explain how we collect, use and store your personal data.

Data protection and protection of your privacy are core values for us and we are committed to processing and protecting your personal data fairly and transparently in accordance with the law.

By using our websites, applications or by otherwise giving us your personal information you are accepting the practices described in this Privacy Policy.

    1. General

    1. This Privacy Policy is established by DPE Company Ltd (the “Controller”) and applies to all personal data (hereinafter the “data”) that we collect about you for the purposes of delivering the services we offer.

    1. For our customers, we mainly act as Processor. In this case, we process personal data according to the instructions of our customers, who act as Controller. Our processor activities are covered by contractual agreements and Data Protection Agreements (DPA).

    1. By “personal data” or “personal information“, we mean all personal data concerning you, i.e. any information that allows you to be identified, directly or indirectly, as a natural person. These are information that can be used to identify you on its own or in combination with other data that we collect or have access to. In cases where personal and other data is combined (e.g. personal contact information with account login or demographic information), such information is considered to be personal information.

    1. By “processing“, we mean “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”.

    1. This Policy is in line with our desire to act transparently and in compliance with the Data Protection Law, 2019 (hereinafter referred to as the “DPA,19), its Regulations and associated directives by the Office of the Data Protection  Officer (ÖDPC”).

    1. If you wish to react to any of the practices described below, please do not hesitate to contact us by email to DPE.dpo@mzizi-africa.com.

    1. What data do we gather and how do we obtain them?

    1. Context and means of collection

    1. We may combine data that we collect via one method as outlined below with data that we collect via another method also outlined below.

    1. We may collect personal via:

    1. Registration forms which we may collect from you, whether online or offline, inc        luding by post or other in-person events or contests;

    1. Any of our contests, events or campaigns;

    1. Authorised Third Parties; and

    1. Other sources (e.g. third party data aggregators).

    1. When we act as Processor, it is our customers as Controllers who determine the purposes and means of personal data processing. In this specific context, you will be redirected to the privacy policy of the Controller.

    1. Categories of personal data you provide us with.

    1. When we act as Controller, we strive to limit the amount of personal data we collect and store to only that which is reasonably necessary to provide you with the relevant services.

    1. Personal contact information: information that would allow us to contact you personally such         as your surname, forenames, phone number or email address. In some cases it would         include information you give us about someone else (e.g. if you provide a family member’s         email address under a community/public health program).

    1. Account login information.

    1. Demographic information if necessary (e.g. date of birth, age etc).

    1. Language.

    1. The county, city, and country in which you live.

    1. Geo-location.

    1. Other information which we might need to collect for a specific initiative, survey, event or         campaign, form, feature or other service that you use or request.

    1. Non-personal data which does not allow you to be identified directly or indirectly. It may         therefore be used for any purpose, for example, to improving resource allocation to or design         health or social interventions for your community or improve services to you.

    1. When we act as Processor, we process personal data according to the instructions of our customers, who act as Controllers. Our processor activities are covered by contractual agreements and Data Protection Agreements (DPA). The personal data processed by DPE on behalf of our customers may be of different categories, such as, but not limited to:

    1. Personal identification data (surname, first name, postal address, etc.);

    1. Electronic identification data (e-mail address, telephone number, IP address, terminal used,         etc.);

    1. Social/leisure and interest data;

    1. Education, training and work data; etc.

In this specific context, you will be redirected to the privacy policy of the Controller who determines the purposes and means of personal data processing.

    1. For what purposes do we collect your data?

    1. As Controller, DPE shall process your data only to the extent necessary for the purposes for which it was collected. In this context, we have identified these purposes and ensure that only personal data that is necessary and relevant in accordance with the data minimisation principle is processed.

    1. In general, we base the processing of your personal data on the following legal basis:

    1. In order to comply with our legal obligations;

    1. In order to take prior measures and to execute the contract that binds us when you         benefit from our services;

    1. In order to achieve our legitimate interest (in this case we always take care to         respect a balance between our interest and your rights and freedoms);

    1. Finally, on the basis of your consent.

    1. In the event that we are required to carry out processing operations that are not yet provided for in this Policy, we will contact you before using your personal data. The purpose of this contact will be to inform you about this processing and, where appropriate, to ask for your explicit consent.

    1. Compliance with our legal obligations

    1. In certain cases, we are required to process your personal data within the framework         of legal obligations or when cooperating with the competent authorities. In these         cases, we may transfer your personal data in order to comply with our obligations.

    1. Within the framework of our contractual relationship. When you use our services, a         contract exists between you and us. Within this framework, we are required to         process personal data in order to meet our contractual obligations. In order to         execute our contract, we process your personal data for the following purposes:

    1. The preparation, conclusion, execution and termination of the                         contract you have with us;

    1. Ensuring a response to your requests;

    1. Account & membership maintenance;

    1. Customer service.

    1. On the basis of our legitimate interest

    1. In some cases, it is in our legitimate interest to process your personal data insofar         as it prevails over your interests, fundamental rights and freedoms, such as, but not         limited to, ensuring security, preventing fraud, etc.

    1. To this end, we always ensure that we maintain a fair balance between the need to         process your personal data and the respect of your rights and freedoms, including         the protection of your privacy.

    1. Your personal data are processed for the following purposes:

    1. The improvement and personalisation of our services and products;

    1. Commercial prospecting and management of prospects (updating prospecting files,         organisation of promotional operations, etc.);

    1. The preparation of studies, models (risk, marketing and other) and statistics, using         anonymisation and/or pseudonymisation techniques whenever possible;

    1. The preservation of the security of goods and persons, the fight against fraud or         attempts at intrusion, abuse or other offences;

    1. Maintaining a list of users who no longer wish to be contacted;

    1. The management of your requests related to the application of your rights;

    1. The establishment, exercise, defence and preservation of our rights.

    1. On the basis of your consent

    1. If necessary, where we do not have a binding contractual relationship with you or         where processing is not necessary for the performance of a contract, you have the         possibility to give us your consent to process your personal data.

    1. When you create an account or when you give us your consent to send your data         to our partners, we ask you to acknowledge and agree that we process your         personal data in accordance with this Policy.

    1. We process your personal data on the basis of your consent for the following         purposes:

    1. When you give us your consent to do so, we send you by electronic                 means offers and services offered by us (newsletter) and/or our                         partners, knowing that you can subscribe or unsubscribe at any                         time;

    1. Transfer your data to third parties for direct marketing purposes:                         you will be informed in advance so that you can give your consent                 or not to this processing.

    1. Please note that you have the right to withdraw your consent to the                 processing of personal data at any time.

    1. How long do we keep your data for?

    1. We keep your data only for as long as it is reasonably necessary for the purposes for which it was collected, taking into consideration our need to answer queries or resolve problems, provide improved and new services and comply with legal requirements under applicable law(s).

    1. This means that we may retain your personal information for a reasonable period after you stop using our services or stop using our websites. After this period, your personal information will be deleted from all our systems.

    1. As part of the execution of a contract, we archive your contract and your personal data as guided by our data retention policies.

    1. At the end of the retention period, we do everything we can to ensure that the personal data has been made unavailable and inaccessible.

    1. Who can we send your data to?

    1. In order to provide our services effectively, we may need to subcontract some tasks, in whole or in part, to technical subcontractors with whom we have entered into contracts (e.g. the subcontractors responsible for maintaining our infrastructure, IT security, hosting, marketing tools, helpdesk and others).

    1. DPE requires its subcontractors to adhere to data protection legislation and to submit satisfactory guarantees on the implementation of appropriate technical and organisational measures. They are required to demonstrate that their processing system complies with current data protection legislation and that your rights are guaranteed.

    1. We do not sell or in any way disclose to third parties the data that we gather about you. However, if we have a legal obligation, or if a court ruling requires us to do so, we shall pass on your data to the extent necessary to comply with this law or court ruling.

    1. Under certain circumstances, our website and our apps will provide you with plug-ins for various social networks. If you choose to interact with social network sites such as Facebook or Twitter (for example by setting up an account), your activity on our site or via our apps will also be accessible on that social network site. If you are logged onto one of these social network sites during your visit to any of our sites or apps, or if you interact with any of the social network plug-ins, the social network site may also add this information to your profile on that network, depending on your privacy protection settings. If you want to prevent this type of data transfer, please log off your social network site before logging on to any of our sites or apps, or change the app privacy protection settings, if possible. Please read these social networks’ own privacy protection policies for further details on the collection and transmission of personal data, on your rights, and on how you can achieve a satisfactory degree of privacy protection.

    1. We use a third-party messaging service provider to send you our emails and text messages. So that we can send emails and text messages, we provide our partners with certain information, i.e. your phone number, your name and your country. Our partners processes the information on you in accordance with the provisions of its Privacy Policy.

    1. Your rights under the GDPR

    1. These rights allow you to remain in control of what we do with your personal data.

    1. Right of access and to obtain a copy. The right of access applies for all the purposes we have listed above. In particular, this right allows you to ask us whether we process your personal data, for what purposes, the categories of personal data concerned and the recipients of your data. You can also request a copy of all your personal data we process.

You have the right to, at any time and free of charge, view your data or request a copy by sending an e-mail to dpe.dpo@mzizi-africa.com.

    1. Right of correction. You have the right to demand the correction or deletion of any data that is incorrect, inappropriate or no longer required by sending an e-mail to dpe.dpo@mzizi-africa.com.

Please note that you are at all times obliged to ensure that the data you send us is accurate.

    1. Right to be forgotten. When you no longer want your data to be processed and you meet the conditions to invoke the right of deletion under data protection law, we shall delete your data from our database. The right to be forgotten applies when one of the following reasons is fulfilled:

    1. The data are no longer necessary for the purposes of the processing         operation;

    1. You withdraw your consent to the processing of your data and we base this         processing only on the legal basis of your consent;

    1. You object to the processing;

    1. We have processed your personal data unlawfully;

    1. In the event that the data in our possession is incomplete, inaccurate or         obsolete;

    1. We need to delete your personal data in order to comply with a legal         obligation to which we are subject.

    1. Right of portability. If we process your personal data on the basis of a contract or your consent, you can ask us to transfer all your personal data to you or to transfer them to another data controller.

    1. Right of objection. You have the right to object to any use of your data for marketing purposes, including profiling. You can exercise your right to object, at any time, either via the automated procedures provided for that purpose in the email sent to you or, failing that, by sending an e-mail to the following address: dpe.dpo@mzizi-africa.com

In addition, where we base the processing of your personal data on the legal basis of our legitimate interests, you may object to the processing of your data if you demonstrate that your particular situation justifies it.

    1. Right of restriction of processing. In some cases, you may also ask us to limit the processing of your personal data. The situations in which you may ask us to limit the processing of your personal data are as follows:

    1. If you challenge the accuracy of a personal data while we can verify the         accuracy of that data;

    1. If we process your personal data unlawfully and you would prefer us to limit         such processing rather than delete your personal data.

Of course, we will inform you when the limitation of processing no longer applies.

    1. How to exercise your rights?

    1. Identification. In order to help you enforce your rights, and where the context justifies it, we must take all reasonable steps to verify your identity.

To this end, where there is reasonable doubt as to your identity, we may ask you to prove your identity by providing us with additional information, including, if necessary, a photocopy of the front of your identity card.

If you do not provide us with this additional information enabling us to identify you, we are not compelled to comply with your requests to exercise your rights if we are unable to identify you.

    1. When do we reply? We undertake to get back to you as soon as possible and, at the latest, within one month of your request. We may be required to extend this period to one month in the event that your request is complex and we are faced with an excess of requests. If this happens, we will inform you of the reasons for the delay.

    1. Information regarding children

    1. We believe that it is highly important to protect the privacy of children and we encourage parents or guardians to spend time with their children to participate in and monitor their activities, including e-activities.

    1. As a general rule, we do not intentionally gather personal information relating to children. If we discover that we have inadvertently gathered information on children, we shall take steps to delete the information as soon as possible, unless applicable law requires us to retain it.

    1. Links to other websites and services

    1. Our websites may contain links to third-party sites, and some of our services give you access to third-party services such as social networks.

    1. We have no control over the way in which those sites and services process your data. We do not check these third-party sites and services, and we are not responsible for these third-party sites or services or their privacy protection practices. Please read the privacy statements on the third-party sites or services that you access via our sites or services.

    1. DPE is not responsible legally or otherwise for the activities, privacy policies or levels of compliance of these third Parties, neither does DPE endorse the practices and content of any third party websites.

    1. Security

    1. We implement appropriate technical and organisational measures to guarantee an adequate level of security with regard to the processing of your personal data. This level of security is established on the basis of the risks presented by the processing and the nature of the data to be protected.

    1. We have implemented appropriate security measures to protect your personal data, in particular, against loss, theft, falsification, misuse or alteration of the information received, unauthorised disclosure or use of your personal data.

    1. If your personal data under our control is compromised due to a security breach, we will act promptly to identify the cause of the breach and take appropriate corrective measures.

    1. If necessary, in accordance with the applicable law, we will inform you of the incident.

    1. Limitation of liability clause

    1. DPE’s liability shall be restricted to direct harm, to the exclusion of any indirect loss. DPE can never be held liable for harm deemed to be indirect such as, without this list being exhaustive, loss of data, financial or commercial loss, loss of profits, increased general costs, or disruption of planning or scheduling.

    1. Moreover, DPE cannot be held liable for any harm arising from any unlawful manipulation of the data by third parties, such as data theft, introduction of viruses, hacking or any other IT malpractices.

    1. Claims and complaints

    1. If you wish to react to any of the practices described in this Policy, please send us an e-mail to dpe.dpo@mzizi-africa.com. We shall do everything we can to follow it up as soon as possible. All complaints, claims or grievances should be submitted to DPE’s registered office.

    1. If you are not satisfied with your response, you can also file a complaint to the Data Protection Authority at www.odpc.go.ke   

    1. How to contact us?

        If you have any questions and/or complaints regarding this policy, please do not hesitate to contact us: dpe.dpo@ mzizi-africa.com

    1. Applicable law and competent courts

    1. These provisions are to be governed, interpreted and fulfilled in accordance with the laws of Kenya.

    1. All disputes that cannot be settled amicably within a time limit of one month from their occurrence, unless this limit is extended by mutual agreement, may be brought by either party before the Kenyan.

    1. Effective date and modification

    1. This policy was created and brought into force on May 1, 2023.

We reserve the right to make changes to this Privacy Policy at any time. Any changes will be posted in this Privacy Policy. We encourage you to regularly review this Privacy Policy to make sure you are aware of any changes and how your information may be used.

Search

Account

Cart

  • DPE Menu
Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Image
  • SKU
  • Rating
  • Price
  • Stock
  • Availability
  • Add to cart
  • Description
  • Content
  • Weight
  • Dimensions
  • Additional information
Click outside to hide the comparison bar
Compare