Privacy Notice

This Privacy Notice has been drafted in light of the requirements of Kenya’s data protection legislation. If you are located in foreign jurisdictions, other data protection laws apply to you. You may need to refer to the versions of the Privacy Notice that are tailored to the specific location’s regulations:

Who are we and how can you contact us?

This privacy notice aims at giving you information on how your personal data are processed by Servercore. In this notice, we refer to ourselves as ‘we’, ‘us’ and ‘our’.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact us using:

our email: [email protected]

The policy extends to:

our products and services
our website: https://servercore.com/
our email:[email protected]

What data, for what purposes, on what basis, and for how long do we process?

Servercore will only collect personal data about you insofar as is necessary to achieve the purposes set out in this Privacy Notice.

Usage of our platform for service management

Entering into contracts and reports

Our website and marketing

When we act as a processor

Personal data that we process to enter into a contract are necessary to provide you with our services. So, you may face the following consequences if you choose not to give your data:

When the data is processed for Authorisation on the platform via social media, you will not be able to authorise on the platform.
When the data is processed for Registration on the platform, you will not be able to register on the platform.
When the data is processed to Manage services in a personal account in the dashboard, you will not be able to use platform.
When the data is processed to Select a payment processor, your payment will not be processed.
When the data is processed to Issue invoice, you will not receive an invoice.
When the data is processed to Answer questions and requests, technical support via chat, sales, you will not get technical support.
When the data is processed for Storage of data in our database, you will not be able to use our platform.
When the data is processed for Approval of contract on tax risks and provisions and Concluding contracts, we will not be to enter into contract.
When the data is processed for the purpose of Handling incoming inquiries and consulting on services, we will not be able to consult you.

Personal data that we process to comply with a legal obligation are necessary to provide you with our services. So, we could breach one or more obligations under applicable laws if you choose not to give your data for the following purposes:

Preparation of finance reports

Who do we share your personal data with?

Information about these companies and their data protection practices :

Google LLC

The service is provided by Google LLC. Address: Google LLC, Google Data Protection Office, 1600 Amphitheatre Parkway, Mountain View, California 94 043, USA. Relevant privacy policy of Google. Standard Contractual Clauses are used to transfer your data to Google to ensure that they are properly protected. For more information: click on this link. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

Stripe, Inc.

The service is provided by Stripe, Inc, located in the USA. Relevant Privacy Policy. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

Amazon Web Services, Inc.

The service is provided by Amazon Web Services, Inc., located in Germany. Relevant Privacy Policy The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

QlickSense

The service is provided by QlikTech International AB, located in the USA. Relevant Privacy Policy. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

Atlassian Pty Ltd

To manage the tasks within our team, we use such tools as Jira. Some of your personal information (such as support request) may be processed within these tools. Relevant privacy policy. Data recipient is located in the USA. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

Typeform

The service is provided by TYPEFORM, S.L. located in Spain. Relevant Privacy Notice. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

Intercom

The service is provided by Intercom R&D Unlimited Company/Intercom, Inc., located in Ireland. Privacy Notice. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

DocuSign Inc.

The services are provided by DocuSign Inc. Address: 221 Main St., Suite 1000 San Francisco, USA. Relevant privacy policy of DocuSign. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

Meta Platforms, Inc.

Relevant privacy policy. Data recipient is located in the USA. The transfer is necessary for a contract performance with data subject under Article 48© of the Data Protection Act of Kenya.

If you are a data subject you have following rights

request information about the processing of your personal data

obtain access to the personal data held about you

Under Article 26(b) of the Data Protection Act of Kenya, individuals have a right of access that gives them the right to obtain a copy of their personal data, as well as other supplementary information. It helps individuals to understand how and why companies are using their data, and check the lawfulness of the processing.

ask for incorrect, inaccurate or incomplete personal data to be corrected

Under Article 26(d) of the Data Protection Act of Kenya, individuals have the right to have inaccurate personal data rectified. An individual may also be able to have incomplete personal data completed — although this will depend on the purposes for the processing.

object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation

Article 26© of the Data Protection Act of Kenya gives individuals the right to object to the processing of their personal data at any time. This effectively allows individuals to stop or prevent you from processing their personal data.

request that personal data be erased when they are no longer needed or if processing is unlawful

Under Article 26(e) of the Data Protection Act of Kenya, individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.

request the restriction of the processing of your personal data in specific cases

Article 34 of the Data Protection Act of Kenya gives individuals the right to restrict the processing of their personal data in certain circumstances. This means that an individual can limit the way that an organisation uses their data. This is an alternative to requesting the erasure of their data.

receive your personal data in a machine-readable format and send them to another controller ('data portability')

Under Article 38 of the Data Protection Act of Kenya, individuals have the right to data portability that gives individuals the right to receive personal data they have provided to a controller in a structured, commonly used and machine readable format. It also gives them the right to request that a controller transmits those data directly to another controller.

request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to challenge the decision

withdraw your consent at any time

The Data Protection Act of Kenya gives a specific right to withdraw consent. You need to tell people about their right to withdraw, and offer them easy ways to withdraw consent at any time.

lodge a complaint with a supervisory authority

In accordance with Article 56 of the Data Protection Act of Kenya, you, as a data subject, have the right to lodge a complaint with a supervisory authority

Technical and organizational security measures

The following technical and organizational security measures are taken to ensure the integrity and confidentiality of the data:

authentication logs
our employees are bind by NDAs
our staff passes annual training on Informational Security and Privacy
measures for ensuring the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
implementation of log access management and data breach reporting processes to timely define, manage and report all personal data breaches in accordance with respective corporate policies
regular data backups in electronic form on a daily basis
storage of backups on an external secure server
access control policy
encryption of data before sending it on a physical medium (DVD, USB stick, portable hard drive) or to a third party
external networks are used exclusively (VPN, dedicated line)
additional security measures when sending data through network

Amendments to this Privacy Notice

Servercore reserves the right to amend or modify this privacy notice from time to time and your continued use of our products and services constitutes your agreement to be bound by the terms of any such amendment or variation. Any amendment or modification to this statement will take effect from the date of notification on the Servercore website.