I am text block. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

ETSA Privacy Statement

At Ethical Trade Services Africa (ETSA), we are committed to safeguarding the privacy and data protection rights of individuals, clients, employees, and all other stakeholders in compliance with the Kenya Data Protection Act, 2019 (the “Act”). This Privacy Statement outlines how we collect, use, disclose, and protect personal data in the course of our business operations.

Data Controller

ETSA is registered as a Data Controller under the Kenya Data Protection Act, 2019. For any inquiries, concerns, or requests related to data protection, you may contact us at:

Mukima Drive, No.7 Off Alozi Road
E : info@ethicaltradeservices.co.ke
w : www.ethicaltradeservices.co.ke
P.O.Box 401 – 00200 Nairobi, Kenya
P : +254 768 639 774 / +254 786 695 545 / +254 208 000 116

Information We Collect

We may collect and process personal data for the purposes described in this Privacy Statement. This data may include, but is not limited to:

  • Personal and contact information (e.g., names, addresses, phone numbers, email addresses)
  • Client-related data, including data documented in audit and project/research reports, pre-assessment questionnaires, project proposals and financial information.
  • Employee information, including payroll and HR records.
Purposes of Data Processing

We process personal data for the following purposes:

  • To provide consulting services to clients.
  • To manage client relationships, including billing and invoicing.
  • To conduct internal HR and payroll functions.
  • To ensure the security and quality of our audit processes.
  • To meet legal and regulatory requirements.
  • To improve the quality of our services in line with our Quality Management System.
Data Protection Principles

ETSA adheres to the data protection principles outlined in the Kenya Data Protection Act, 2019, which include:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimization
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
Data Security

We employ appropriate security measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. This includes encryption, access controls, and secure data storage.

Data Subject Rights

Under the Act, data subjects have certain rights regarding their personal data, including the right to:

  • Access their personal data
  • Correct inaccuracies
  • Erase data
  • Restrict processing
  • Data portability
  • Object to processing

Requests related to these rights should be submitted to ETSA as the Data Controller using the contact information provided.

Data Sharing and Disclosure

ETSA may share personal data with third parties in compliance with the law and only for legitimate business purposes. Such third parties may include clients, contracted consultants, or associates.

International Data Transfers

In cases where data is transferred internationally, ETSA ensures that adequate safeguards are in place to protect data privacy and security.

Retention Period

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Statement or as required by law.

Changes to this Privacy Statement

This Privacy Statement may be updated to reflect changes in legal requirements or our data processing practices. Any updates will be posted on our website.

Contact Information

If you have any questions or concerns about this Privacy Statement, your personal data, or our data protection practices, please contact us at the address provided above.