How we protect the information behind every conversation, project, and support request

Last updated: May 3, 2026

1. Who this policy covers

This Privacy Policy applies to people who visit kenbrains.co.ke, contact KenBrains, request a consultation, subscribe to our content, engage us for digital services, appear in project communications, or otherwise interact with our business.

KenBrains is based at Westpark Towers, 5th Floor, Westlands, Nairobi, Kenya. For privacy questions, use info@kenbrains.co.ke.

2. Information we may collect

Depending on how you interact with us, we may collect your name, email address, phone number, company name, role, project brief, budget range, website or social links, billing details, support messages, meeting notes, files you share with us, and technical information from your browser or device.

For client projects, we may also process business data that you provide so we can build, integrate, migrate, automate, test, or support the systems you have asked us to work on.

3. How we collect information

• When you submit a contact form, send an email, call us, book a consultation, or message us on social channels.
• When we prepare proposals, contracts, invoices, project plans, support tickets, reports, or campaign materials.
• When you grant access to tools, websites, hosting accounts, analytics platforms, payment systems, accounting systems, CRMs, APIs, or other business software for project delivery.
• Automatically through cookies, pixels, analytics tools, server logs, and similar technologies that help us understand website performance and campaign results.

4. Why we use information

We use information to respond to enquiries, understand your business needs, prepare quotations and proposals, deliver services, communicate project progress, provide support, manage billing, improve our website, measure campaign performance, protect our systems, and comply with applicable laws.

Where we use analytics or advertising tools such as pixels, cookies, or platform tracking, the purpose is to understand visitor behaviour, improve marketing relevance, and measure whether campaigns are working.

5. Legal basis and responsible processing

We process personal information where it is necessary to respond to your request, perform a contract, pursue legitimate business interests, comply with legal obligations, protect our systems, or where you have given consent for a specific use.

We aim to follow the principles in Kenya's Data Protection Act, including fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, security, and respect for privacy rights.

6. Sharing information

We do not sell personal information. We may share information with trusted service providers and platforms that help us operate the website, host systems, send communications, process payments, manage projects, provide analytics, run ads, integrate software, or deliver client work.

We may also disclose information when required by law, regulation, court order, lawful authority, or where disclosure is necessary to protect our rights, users, clients, business, or systems.

7. Client systems and project data

When we work inside a client's systems, we treat access as limited to the agreed project or support need. Clients remain responsible for the accuracy, lawfulness, permissions, and internal governance of data they provide to us unless a separate written agreement says otherwise.

If a project involves sensitive integrations, customer records, payment flows, accounting data, AI automation, or third-party APIs, we may agree additional controls in a proposal, contract, data processing addendum, or security plan.

8. Cookies, pixels, and analytics

Our website may use cookies, tracking pixels, analytics tags, and similar technologies from platforms such as TikTok, Google, Meta, or other marketing and analytics providers. These tools may collect technical information, page visits, campaign source, device information, and interaction data.

You can control cookies through your browser settings. Some website features or measurement tools may not work as intended if cookies are disabled.

9. Security and retention

We use reasonable administrative, technical, and organisational measures to protect information from unauthorised access, loss, misuse, alteration, or disclosure. No digital system is perfectly secure, but we work to keep access limited and purposeful.

We keep information only for as long as needed for the purpose it was collected, including project delivery, support, legal, tax, accounting, dispute resolution, security, and legitimate business record needs.

10. International tools and transfers

Some platforms, hosting providers, analytics services, cloud tools, payment services, AI tools, or communication systems used in our work may process information outside Kenya. Where this happens, we aim to use providers and arrangements that offer appropriate safeguards for the work being done.

11. Your privacy rights

Subject to applicable law, you may request access to your personal information, correction of inaccurate information, deletion where appropriate, restriction or objection to certain processing, portability where applicable, or withdrawal of consent where processing depends on consent.

To make a request, contact info@kenbrains.co.ke. We may need to verify your identity before acting on a request.

If you believe a privacy concern has not been resolved, you may also use the lawful complaint channels available through Kenya's Office of the Data Protection Commissioner.

12. Children

Our website and services are intended for businesses and professional users. We do not knowingly collect personal information from children without appropriate consent or legal basis.

13. Changes to this policy

We may update this Privacy Policy as our services, website, tools, or legal obligations change. The updated version will be posted on this page with a new date.