USER PRIVACY NOTICE
1. IMPORTANT INFORMATION AND WHO WE ARE
We take the privacy of our online platform and mobile application users very seriously. We ask that you read
this privacy policy (“Policy”), carefully as it contains important information about how we will use your personal
data.
For the Purposes of the Data Protection Act, No. 24 of 2019, Twiga Foods Limited, a limited liability company
incorporated in Kenya with Company number CPR/2013/124558 of P.O. Box 38714 - 00100, Nairobi, Kenya is the
data controller and responsible for your data.
2. CONTACT DETAILS
Our full Details are:
Full name of legal entity: Twiga Foods Limited
Name or title of DPO: Enterprise Technology Operations Manager
Email address: infosec@twiga.com
Postal address: 38714-00100, Nairobi
Telephone number: 0709 258 000
3. PERSONAL DATA WE PROCESS
We will obtain personal information about you such as your name, email, address, identity data, financial data,
profile data, transaction data whenever you complete forms on the Twiga website (www.twiga.com) and Twiga
mobile applications (including iOS, Android and Web applications (Apps)) together, the Services.
4. HOW WE USE YOUR PERSONAL DATA
We will use your personal data in the following circumstances:
i) where we need to perform the contract we are about to enter into or have entered into with you;
ii) to handle your orders, payments, collect your farm produce and provide you with the right services;
iii) to communicate with you about Twiga’s products and services;
iv) to provide fintech services to you;
v) to provide functionality, analyse performance, fix errors, and improve usability and effectiveness of the Services.
vi) where it is necessary for our legitimate interests (or those of a third party) and your interests and
fundamental rights do not override those interests; and
vii) where we need to comply with a legal obligation.
We adhere to the principles relating to processing of personal data as set out in the Data Protection Act.
5. DISCLOSURE OF PERSONAL DATA
We may disclose your personal data to:
i) other companies within our group;
ii) a third party who acquires or substantially acquires all of its assets, in which case the personal data shall be
one of the acquired assets;
iii) our agents and service providers;
iv) law enforcement and regulatory agencies in connection with any investigation to help prevent unlawful activity or
as otherwise required by applicable law;
v) our business partners in accordance with the ‘Marketing or Opting out “ clause 6.
6. MARKETING AND OPTING OUT
If you have given permission, we may contact you by email, telephone, SMS, about our services, promotions or
offers that may be of interest to you. If you prefer not to receive any direct marketing communications from us,
you can opt out at any time.
7. KEEPING YOUR DATA SECURE
We will use technical and organisational measures to safeguard your personal data, for example:
i) access to your account is controlled by a password and username that are unique to you; and
ii) we store your personal data on secure servers.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the
internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal
data that are transferred from you or to you via the internet.
8. MONITORING
We may monitor and record communications with you (such as telephone conversations and emails) for the
purpose of quality assurance.
9. DATA RETENTION
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected
it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe
there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and
sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your
personal data, the purposes for which we process your personal data and whether we can achieve those
purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
10. YOUR LEGAL RIGHTS
Under certain circumstances, you have rights under data protection laws in relation to your personal data.
These rights include:
i) request access to your personal data;
ii) request correction of your personal data;
iii) request erasure of your personal data;
iv) object to processing of your personal data;
v) request restriction of processing your personal data;
vi) request transfer of your personal data; and
vii) right to withdraw consent.
If you wish to exercise any of the rights set out above, please contact us.
11. CHANGES TO THIS PRIVACY POLICY
We may change this Policy from time to time. You should check this policy frequently to ensure you are aware
of the most recent version that will apply each time you use the Service.
12. CONTACTS, NOTICES
If you have any concern about privacy or want to contact one of our data controllers, please contact us through
the address set out above, with a thorough description and we will try to resolve the issue for you. Further, the
data protection officer for the above mentioned data controllers can be contacted at infosec@twiga.com.