background-shape background-shape background-shape

GDPR Guidelines

At DigiDeed, we are committed to protecting your personal data and complying with the General Data Protection Regulation (GDPR). These guidelines explain how we process and protect your data in accordance with GDPR requirements.


1. Data Protection Principles

Under GDPR, we follow these key principles when processing personal data:

• Lawfulness, fairness, and transparency
• Purpose limitation
• Data minimization
• Accuracy
• Storage limitation
• Integrity and confidentiality
• Accountability


2. Your Rights Under GDPR

As a user, you have the following rights:

• Right to be informed about how your data is used
• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision making and profiling


3. Data We Collect

3.1 Personal Information
• Name and contact details
• Account credentials
• Financial information
• Investment preferences and history
• Communication records

3.2 Technical Data
• IP address
• Browser type and version
• Device information
• Usage data


4. Legal Basis for Processing

We process your data based on:

• Contractual necessity
• Legal obligations
• Legitimate interests
• Your consent


5. Data Security Measures

We implement appropriate technical and organizational measures to ensure data security, including:

• Encryption of sensitive data
• Regular security assessments
• Access controls
• Staff training on data protection
• Incident response procedures


6. International Data Transfers

When transferring data outside the EEA, we ensure appropriate safeguards are in place through:

• Standard contractual clauses
• Adequacy decisions
• Other legal transfer mechanisms


7. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law.


8. Data Protection Officer

Our Data Protection Officer can be contacted at:

Email: dpo@digideed.org
Address: Daphton Court, Riverside Drive, Nairobi, Kenya.


9. Data Breach Procedures

In the event of a data breach that risks your rights and freedoms, we will:

• Notify the relevant supervisory authority within 72 hours
• Inform affected individuals without undue delay
• Document all breaches and our response


10. Updates to These Guidelines

We may update these GDPR guidelines periodically. Any significant changes will be communicated to you through our platform or via email.


Contact Us

For any GDPR-related queries or to exercise your rights, please contact us at:

Email: dpo@digideed.org
Phone: +254 739 776874
Address: Daphton Court, Riverside Drive, Nairobi, Kenya.