Category: data protection and privacy
-
In Kenya, compliance with Data protection laws requires more than a privacy policy. Under the Data Protection Act 2019, organisations must implement structured governance frameworks to manage regulatory exposure, cross-border data risk, and commercial liability. This guide explains how businesses can build defensible data protection systems aligned with statutory and investor expectations. Data Protection Is…
-
AI governance is becoming essential for Kenyan businesses adopting artificial intelligence tools into their operations. This guide explains the legal risks, compliance obligations under the Data Protection Act 2019, and the AI governance structures organisations must implement to limit regulatory and commercial exposure. Many Kenyan businesses are already using artificial intelligence (AI) tools across core…
-
The collection and processing of personal data in Kenya is regulated under the Data Protection Act. Organisations and individuals handling such data, i.e. a data controller and processor, must register with the Office of the Data Protection Commissioner (ODPC) and obtain a certificate of registration. This article explains the registration process, legal requirements, and consequences…