1.0 INTRODUCTION

We know your privacy is important to you, and we want you to know it’s important to us too. This Privacy Policy is meant to explain our practices when it comes to your use of our products, services, and websites. We encourage you to take the time to review it carefully, to understand what information we collect, why we collect it, and what we do with it
This statement should be read together with the Terms and Conditions of Use for other ACS products and services. Where there is a conflict, this statement will prevail.
This statement applies to all customers, suppliers, agents, merchants, dealers and all visitors frequenting any of ACS’s premises and spaces.

2.0 DEFINITIONS

References to:
2.1 “You” means:

  • customer- the person who subscribes to, uses or purchases any of our products and services or accesses our websites and includes any person who accesses any of the products and services you have subscribed to.
  • Any agent, dealer and/or merchants who has signed an agreement with us and is recognized as a merchant or agent in accordance with any applicable laws or Regulations.
  • Any visitor that is a person (including contractors/subcontractors or any third parties) who gains access to any Africa Cloud Space premises.
  • Any supplier who has been contracted by Africa Cloud Space and executed a Supplier contract.

2.2 “Africa Cloud Space”, “ACS”, “we” or “us”, “our” and “ours” means Africa Cloud Space Limited.

2.3 The word “includes” means that what follows is not necessarily exhaustive and therefore the examples given are not the only things/situations included in the meaning or explanation of that text.

3.0 STATEMENT DETAILS

3.1 Who We Are
Africa Cloud Space Ltd., including its corporate affiliates, is a global provider of cloud business solutions. For our business customers, we are a data-driven SaaS technology company. We believe in the power of data to run & manage successfully businesses, schools, institutions, and organizations.
If you are a customer located in the European Economic Area (“EEA”), the following corporate affiliates of Africa Cloud Space Ltd., (“ACS”), may also process your personal data as joint ACS Privacy & Cookies Policy controllers with Africa Cloud Space Ltd., including for the provision of their products and services, marketing and support:
• Grupcash Ltd
• Saferide.co.ke
• Patamali.co.ke

This Privacy Policy applies to our customers, prospective customers, our customers’ customers (both direct and indirect), and visitors to our company websites, including but not limited to www.africacloudspace.com, www.ikomali.com, www.cloudschool.co.ke, and www.cloudspace.com. If you do not agree with this Privacy Policy, do not access or use our services or interact with any other aspect of our business. Note: if you’re a user of an application that is integrated or built using ACS’s products and services, that application’s privacy policy will describe how it collects, uses, stores, and shares your data. We are not responsible for the privacy policies or actions of our customers.

3.2 What information we collect

We collect your information in the following ways:

3.2.1 Information you provide directly to us.

When you subscribe to our newsletters, register for one of our webinars, sign up for our services, request us to contact you, or through other interactions with us, we may ask you for certain personal information, such as your name, birthdate, postal address, e-mail address, telephone number, company name, job title, or payment information. When you request support from us, we may also collect information from you such as contact information, documentation, screenshots, or other information you or we may believe is helpful to solving the issue. When you speak with our customer service or sales representative on the phone, your calls may be recorded and/or monitored for quality assurance, training and research purposes. In certain circumstances, we may collect your tax number from you for a limited purpose, such as for tax reporting relating to a payment for a customer referral or to facilitate an international money transfer.

3.2.2 Information we collect automatically when you visit our websites.

We and our third-party partners, such as our advertising and analytics partners, collect information about your visits to our websites and your interactions with our ads or content, together with information such as your IP address, cookies, and other tracking technologies (e.g., web beacons, device identifiers, and pixels). For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.

3.2.3 Information we get from third parties.

Third party sources of information include:

  • Third party services and social media. If you create an account or access our services through your account with a third-party service, such as Facebook, Google, LinkedIn, GitHub or Twitter, or use a social media feature through our services, certain personal data from those third-party social media services may be shared with us, such as your interests, “likes,” and friends list. We may use this information, for example, to
    ACS Privacy & Cookies Policy personalize your ACS experiences and marketing communications, to enhance our services, and to better serve you. You can control this data sharing via options in your social media accounts. We may also collect information from third party services that are integrated with our services, such as third-party CRMs or other applications that you authorize our services to connect with.
  • Credit agencies. We may obtain your credit information from third party reporting agencies in order to control our own credit risk in onboarding new customers.
  • Demographic, lead, and interest data. We may obtain information from outside companies such as those that collect customer information including demographic and interest data. Examples of this information include your employment status, your job title with your current employer, and your business contact information. We use this data and combine it with other information we have about you to help us predict your preferences and to direct marketing offers that might be more relevant to you. We also obtain where permitted by law contact information and other marketing lead information from third parties, website “refer-a-friend” options or social media platforms and may combine it with information we have to contact you or direct ACS marketing offers to you.
  • Information about our customers’ users. Our customers and other third parties may also provide us with personal information about our customers’ users and others. For example, we may receive personal information and other information from our customers, message senders, mobile network operators, and databases with information relevant to mobile telephone numbers submitted to our services, and other third parties.
  • Information collected in connection with your use of services delivered via our platform. We and our service providers may collect information in connection with your use of communications services delivered via our platform.
  • SaaS usage information. This includes information about your business conducted via our platform such as the time and duration of usage, source and destination identifiers, completion status, location, IP address, and amount of usage.
  • Communications content. To enable you to send and receive communications via our platform, we need to be able to handle the content of the messages, calls, and other communications channels used by you.
  • Device information. Where we have provided end user equipment to you, such as an analog telephone adapter or a VoIP phone, or you have installed our software on your device, we collect device-specific information from you. This includes, for example, your hardware model, operating system version, firmware, browser information, device and network configuration, device identifier, IP address, device performance, signal strength, call quality, telemetry, and mobile or wireless network information. We use the device information we collect in order to deliver and improve our services.
  • Your contact lists and address book. If you use our mobile apps, we may request your permission to access and store the contact list or address book maintained on your mobile phone, tablet, or other broadband-connected device. Your contact list is considered your personal data. We may use your contact list information to facilitate certain services where selected by you such as to enable you to make calls easily and to facilitate calls, texts, and other services. We may also facilitate the delivery of messages to individuals in your contact list that you wish to invite to download our mobile apps so that you can utilize our services with these selected individuals, although it is always your choice to send invites to such individuals. We will not use your contact list information for other purposes without first notifying you of the proposed use. You do not have to allow us to access your contact list information, but if you do not, certain features of our mobile apps may not be available to you. You may at any time opt out from allowing this access via the privacy settings on your device.
  • Mobile device camera, microphone and photos. If you use our mobile apps, we may request your permission to access the camera, microphone, and photos on your mobile device, to make and receive voice and video calls and messages and to send photos to others. You do not have to allow us to access these functions of your device, but if you do not, certain features of our mobile apps may not be available to you. You may at any time opt out from allowing this access via the privacy settings on your device.
  • Your location information. If your mobile device is equipped with GPS or can connect with wireless access points or hot spots, or if your mobile device is also a phone that communicates with cell towers or satellites, then your mobile device is able to use these features to determine its precise geographic location. You may use the mobile app to do a one-time share of your precise geographic location through a message in a chat session by pressing the location attachment button within the mobile app (a “Location Share Event”). We will retain the Location Share Event within your chat session on the mobile app until you delete the message. Your precise geographic location, including a Location Share Event, is considered your personal data. To the extent our mobile apps collect precise geographic location; you may at any time opt out from further allowing us to have access to your mobile device’s precise location information via the mobile app’s location settings on your mobile device.

3.3 Why we collect your information and how we use it.

How we use the information we collect depends on which of our services you use, how you use them, and specific preferences you may have communicated to us. We list below some of the specific purposes for which we collect your information.
 

  • To deliver our services. We use your information because it is necessary to perform our obligations in delivering our services to our customers. This includes delivering your communications to the intended end user, processing transactions with you (such as billing), authenticating you when you log into our platform, providing customer support, and operating and maintaining our services. We also need your information to communicate with you about the services, including registration confirmations, purchase confirmations, expiration or renewal reminders, responding to your requests, and sending you notices, updates, security alerts, administrative messages, and other communications necessary to usage of the services.
  • To carry out core activities relating to our services. To effectively deliver our services to you, we use your information to engage in important supporting activities such as:
  • Billing and collections. including maintenance of records in the event of a subsequent billing dispute;
  • Preventing fraud, violations of our acceptable use policies, and unlawful activities;
  • Troubleshooting, quality control, and analytics; and
  • Monitoring the performance of our systems and platform.
  • For research and development. We are constantly looking for ways to improve our services, to make them more reliable, secure, and useful to you and our users generally. We use data regarding our users’ communications on our platform to understand how our services are performing and how they are being used in order to identify areas where we can do better. For instance, we may use message delivery and call connection information to gauge the effectiveness of our routing to ensure that your messages are delivered and your calls are connected. We and our service providers may use your information to assess the level of interest in, and use of, our services, our communications to our customers, and our other messaging campaigns, both on an individual basis and in the aggregate. We also use information about your use of our websites to understand how our website visitors are using our websites. Among other things, this usage information, along with tracking technologies, enables third-party analytics companies, such as Google Analytics, to generate analytics reports on the usage of our services. To opt out of your usage information being included in our Google Analytics reports, you may follow these instructions.
  • To market, promote, and drive engagement of our products and services. We use data about you to send promotional communications that may be of specific interest to you. Based on information we collect about you, we may decide whether and how to promote certain of our products or services to you over others. These communications are to drive your engagement and maximize the value of our services to you. To perform the above functions and others described in this Privacy Policy, we may match information collected from you through different means or at different times, including personal data and usage information, and use such information along with information obtained from other sources (including third parties) such as contact information, demographic information, and personal interest information. Subject to your ability to opt out, by providing your contact information to us, you consent to receive e-mail messages, text messages, phone calls, faxes and postal mail, including that of a promotional nature, from ACS. Where local law permits, you consent to receive phone calls from ACS and its affiliates even if your phone number is listed on “do not call” registries. Where local law permits, an auto-dialer and/or artificial or prerecorded message may be used to make calls to you. You may not consent on behalf of someone else or provide someone else’s contact information. You are not required to agree to promotional communications in order to purchase goods or services from us. You can control whether you receive these kinds of communications as described below in Opt out of communications.
  • To comply with legal requirements. Applicable laws or regulations may require our processing of your data, such as laws mandating retention of communications data.
  • To protect our legitimate business interests and legal rights. Where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
  • According to your explicit consent. If we wish to use your information for certain purposes which require consent under applicable law, we will first seek out and obtain your consent. This may include, for example, testimonials or case studies that identify you in your individual capacity.

3.4. Sensitive (Special Categories) Data.

We may collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, political opinions, trade union membership, information about your health, criminal convictions and offences, gender, sexual orientation and biometric data). We will rely on any of the legal basis provided in clause

3.5(Legal Basis) below for such collection.

3.5. Lawful Basis for processing your information

We will process your personal information based on any of the lawful basis provided for under the Data Protection Law:

  • The performance of a Product/Service Agreement with you;
  • ACS’s legitimate business interests;
  • Compliance with a mandatory legal obligation;
  • Consent you provide;
  • Public interest;
  • Your vital interest.

3.6 Who we share your information with and why?.

We may share your information as detailed below:

  • Third-party service providers that help us to deliver the services and allow us to operate our businesses.
  • Business operations vendors. We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. We only work with carefully selected vendors, and we require any vendors with whom we share personal data to protect the confidentiality of such information and use it solely for the purposes for which it was shared.
  • Partners. In the event that you purchase services offered by ACS or a partner through a special marketing arrangement (for example, through a co-branded advertisement or offer, or an arrangement where we and a partner market or offer the other’s products or services), we may share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We may also share information with these third parties where you have agreed to that sharing.
  • Third party websites. Our services and websites may include links that direct you to other websites or services whose privacy practices may differ from ours. If you submit information to any of those third party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy policy of any website you visit.
  • Compliance with law enforcement requests and applicable laws; enforcement of our rights. We may disclose personal data as required by applicable law, regulation, legal process or government request; to protect ACS, our services, our customers or the public from harm or illegal activities; and to enforce our agreements, policies and service terms.
  • With your explicit consent. We share information about you with third parties when you give us consent to do so. For example, we often display use cases or testimonials of satisfied customers on our public websites and require your consent to identify you in your individual capacity. If you are a business customer, and have requested this, your business name and phone number may be included in public directories.
  • Sharing with senders and recipients of communications. The name on your account, or a portion thereof, and/or your phone number may be displayed to people that you make calls to and to other users of the services so that they may contact you. Depending on the service you’re using, you may be able to control what’s displayed by adjusting your settings within the mobile app or your customer account, or by contacting customer care at the address provided when you signed up for the services.
  • ACS affiliates; business transactions. We share your information with and among our corporate affiliates in order to operate and improve the services we provide to you; and we may share your information in connection with a sale, merger, liquidation, or reorganization of our business or assets.
  • Credit control. We conduct credit checks on new customers in order to control the risk of non-payment. In the event of non- or late payment, we may disclose your name, address and other details to credit bureaus and agencies. They may use that information to assess your credit rating and provide that rating to other companies.

3.7 How we protect your information.

ACS has implemented administrative, physical, and technical safeguards to help protect the personal data that we transmit and maintain. However, no system or service can provide a 100% guarantee of security, especially a service that relies upon the public internet. Therefore, you acknowledge the risk that third parties may gain unauthorized access to your information. Keep your account password secret and please let us know immediately if you think your password
was compromised. Remember, you are responsible for any activity under your account using your account password or other credentials.

3.8 Where we store your information and international transfers.

3.8.1 Personal information held by ACS is stored on and processed on computers situated in the Republic of Kenya, United Kingdom, the EEA, the United States, and in other jurisdictions. We and/or our service providers also process data in some other countries for customer care, account management and service provisioning.

3.8.2 If you are an EEA resident, your personal data held by ACS may be transferred to, and stored at, destinations outside the EEA that may not be subject to equivalent data protection laws, including the United States. When you sign up for service with ACS or inquire about our services, we transfer your information to the United States and other countries as necessary to perform our agreement with you or to respond to an inquiry you make. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers.

3.8.3 Accordingly, by using our services, you authorize the transfer of your information to the Republic of Kenya, where we are based, and to other locations where we and/or our service providers operate, and to its (and their) storage and use as specified in this Privacy Policy and any applicable terms of service or other agreement between you and ACS. In some cases, ACS may seek specific consent for the use or transfer of your information overseas at the time of collection. If you do not consent, we may be unable to provide you with the services you requested. The Republic of Kenya and other countries where we operate may not have protections for personal information equivalent to those in your home country.

4.0 COOKIES AND TRACKING NOTICE

4.1 What a Cookie is
A cookie is a small text file that a website saves on your computer or mobile device in order to facilitate and enhance your interaction with that service. We or our service providers may use cookies and equivalent technologies such as clear gifs, web beacons, pixel tags, Javascript, device fingerprinting, and third-party cookies on our website and, where relevant, in our promotional e-mails.

4.2 The General Use of Cookies

4.2.1 We may store some information (using “cookies”) on your computer when you visit our websites. This enables us to recognize you during subsequent visits. The type of information gathered is non-personal (such as: the Internet Protocol (IP) address of your computer, the date and time of your visit, which pages you browsed and whether the pages have been delivered successfully.

4.2.2 We may also use this data in aggregate form to develop customized services – tailored to your individual interests and needs. Should you choose to do so, it is possible (depending on the browser you are using), to be prompted before accepting any cookies, or to prevent your browser from accepting any cookies at all. This will however cause certain features of the web site not to be accessible.

4.2.3 Learn more about when and how we use cookies and tracking technologies and some of our service providers;

  • When it’s strictly necessary
    These cookies and other technologies enable us to recognize you when you return to our service and to maintain your web session so you can more easily navigate the subscription process or your viewing of your call details. They are also essential for you to access secure areas of our sites, for example, to use shopping baskets or make payments.
  • Google Tag Manager is a third-party service provider that allows us to manage website tags via an interface. Tags are small elements of code that are used, for example, to measure traffic and visitor behavior, to understand the effect of online advertising and social channels, to set up remarketing and orientation towards target groups, and to test and optimize websites. Google Tag Manager only implements tags. This means that no cookies are used and, as a result, no personal data is recorded. We list it here for completeness and to be transparent about the tools we use. If deactivation has been performed at a domain, page, event or 3rd party script level, this remains in place for all tracking tags if these are implemented with Google Tag Manager.
  • For performance and analytics
    These cookies and similar technologies collect statistical information about how you use our websites so that we can improve your user experience. We use cookies to identify the number of unique visitors we receive to different parts of the website and identify where leads originate. This helps us for our legitimate interests of improving the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Google Analytics is one of the third-party analytics providers that we use to help us improve our website. Google Analytics uses cookies to help the website analyze how visitors use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by a Google server in the United States. Google uses this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing website operators with other services relating to website activity and internet usage. You can prevent the storage of data relating to your use of the website and created via the cookie (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available here.
  • To enable functionality These cookies and similar technologies can tell us which language you prefer and what your communications preferences are. They can help you fill out forms on our sites more easily. They also enable customization of the layout and/or content of the pages on our sites.
  • For targeted advertising These cookies and other technologies record your visits to our website, the pages you have visited and the links you have followed. We will use this information subject to your choices and preferences to make our website more relevant to your interests. We may also share this information with third parties for this purpose. These companies may use information about your online activities over time and across our services and other online properties, the region of the country or world where your IP address indicates you are located, as well as other information about you, in order to provide advertisements about goods and services of interest to you. The information practices of these ads networks are governed by their own privacy policies and are not covered by this Privacy Policy. For more information about third-party advertisers and how to prevent them from using your information, visit Aboutads.info and for our EEA users http://www.youronlinechoices.eu. You have to opt out using each of your web browsing applications, computers and mobile devices separately.
  • Social media cookies and widgets We use social media platforms to advertise to you online and to monitor the success of our advertising (for instance by receiving reports when you click on our ads on Facebook, LinkedIn and others). We summarize the main advertising and social media partners who drop cookies below:
    i. LinkedIn Ads: the analysis and conversion tracking technology provided by the social network LinkedIn is integrated into our website. When you visit our website, a connection is established between your browser and the LinkedIn server via the remarketing tags. This informs LinkedIn that you visited our website with your IP address, meaning that LinkedIn can connect your visit to our website with your user account. We can use this information to display LinkedIn ads. Please be aware that we as the website provider do not receive any information about the content of the transferred data or how it is used by LinkedIn. Further information can be found in LinkedIn’s privacy policy.
    ii. DoubleClick: Google’s Doubleclick re-targeting cookie lets us serve personalized advertising to you when you’re browsing other websites and social media platforms. You can control advertising personalization on Google and partner websites here.
    iii. Facebook Custom Audience: This service from Facebook enables us to display personalized ads to people on our e-mail lists when they visit Facebook. We provide personal information such as your e-mail address and phone number in encrypted form to Facebook (so they cannot be seen by anyone at Facebook) to enable Facebook to determine if you are a registered account holder with Facebook.
    iv. X advertising and remarketing: We advertise on Twitter and our advertising content will be tailored to your interests on the basis of your browsing behavior and the pages you have consulted on this and other websites. In order to improve the relevance of our marketing content, the cookie may therefore transmit such data to Twitter, who will use it to understand your interests better including to benefit their other advertising customers. If you decide that you do not wish your browsing data to be collected, you can find comprehensive information on X’s advertising policy and the steps you can take to protect your privacy here.
    v. We also use Facebook Connect to allow you to sign up and log in to our websites by using your Facebook account. If you sign up using Facebook Connect, Facebook will ask your permission to share certain information from your Facebook account with us. This may include your first name, last name, and e-mail address in order for us to verify your identity and gender, general location, a link to your Facebook profile, your time zone, birthday, profile picture, your “likes” and your list of friends. This information is collected by Facebook and is provided to us under the terms of Facebook’s data privacy policy. You can control the information that we receive from Facebook using the privacy settings in your Facebook account.

4.3 How to control cookies.

You can control and/or delete cookies as you wish – for details, see www.aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work. You will not be able to opt-out of any cookies or other technologies that are “strictly necessary” for the services. Where you have not set your permissions, we may also separately prompt you regarding our use of cookies on the site.

4.4 The Use of Hyperlinks.

  • Our websites may provide hyperlinks to other locations or websites on the Internet. These hyperlinks lead to websites published or operated by third parties who are not affiliated with or in any way related to us and have been included in our website to enhance your user experience and are presented for information purposes only.
  • We do not endorse, recommend, approve or guarantee any third- party products and services by providing hyperlinks to an external website or webpage and do not have any co-operation with such third parties unless otherwise disclosed. We are not in any way responsible for the content of any externally linked website or webpage.
  • By clicking on a hyperlink, you will leave the ACS webpage and accordingly you shall be subject to the terms of use, privacy and cookie policies of the other website that you choose to visit.

5.0 OTHER IMPORTANT INFORMATION.

  • 5.1 The business and commercial purposes for which we collect personal information are described in the section of this Privacy Policy entitled “Why we collect your information and how we use it”. The categories of third parties to whom we “disclose” this information for a business purpose are described in the section of this Privacy Policy entitled “Who we share your data with and why”.
  • 5.2 We shall not release any information to any individual or entity that is acting beyond its legal mandate.
  • 5.3 Information from children. ACS does not sell products or services for purchase by children and we do not knowingly solicit or collect personal data from children or teenagers under the age of eighteen. If you believe that a minor has disclosed personal data to ACS, please contact us.
  • 5.4 Changes to this policy. In the event we make changes to this Privacy Policy, we’ll let you know by posting a notice on our website at www.AfricaCloudSpace.com/privacy-policy and, in relation to substantive changes that broaden the types of personal data collected or their usage, we will notify you via e-mail to the e-mail address associated with your account, via our platform or websites, or by some other means.

6.0 YOUR RIGHTS

6.1 Subject to legal and contractual exceptions, you have rights under data protection laws in relation to your personal data.

These are listed below: –

a) Right to be informed that we are collecting personal data about you;
b) Right to access personal data that we hold about you and request for information about how we process it;
c) Right to request that we correct your personal data where it is inaccurate or incomplete;
d) Right to request that we erase your personal data noting that we may continue to retain your information if obligated by the law or entitled to do so;
e) Right to object and withdraw your consent to processing of your personal data. We may continue to process if we have a legitimate or legal reason to do so;
f) Right to request restricted processing of your personal data noting that we may be entitled or legally obligated to continue processing your data and refuse your request;
g) Right to request transfer of your personal data in [an electronic format].

6.2 If you wish to exercise any of the rights set out above, please contact us on [email protected].

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within reasonable time. Occasionally it could take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

7.0 HOW TO CONTACT US

If you would like to contact us on any topics in this privacy policy, you can email us on [email protected] or submit a request via our digital platforms.
As a Data Controller and Processor, below are the contact details of our

Data Protection Office:

Data Protection Officer

[email protected]

The Trio Complex-Corporate Center, 1st Floor East Wing