Privacy policy

Policy Overview

PRIVACY POLICY

Clikfast Ventures
Effective Date: 14th February 2026
Last Updated: 20th February 2026

Personal Information We Collect

 

Clikfast Ventures (“Clikfast”, “we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you:

  • Visit our website or use our online services;

  • Subscribe to or use our internet services (fibre, fixed wireless, business internet, home Wi-Fi optimization);

  • Contact us via phone, email, WhatsApp, social media, or in-person; or

  • Interact with us as a customer, prospective customer, supplier, partner, or visitor.

This Privacy Policy is intended to support compliance with Kenya’s data protection framework established under the Data Protection Act, 2019 and associated regulations , and the constitutional right to privacy in Kenya . We also operate in a regulated communications environment and aim to treat subscribers fairly and transparently, consistent with consumer protection rules for communications services .

1) Definitions

For purposes of this Policy:

  • “Personal Data” means information relating to an identified or identifiable natural person (you).

  • “Processing” includes collecting, recording, storing, using, sharing, transferring, erasing, or otherwise handling personal data.

  • “Data Subject” means the individual to whom the personal data relates.

  • “Data Controller” means the person or organization that determines the purpose and means of processing personal data.

  • “Data Processor” means a person or organization that processes personal data on behalf of a data controller.

Where this Policy uses capitalized terms that are defined in Kenya’s data protection laws, those legal definitions may apply .

2) Who We Are (Data Controller Details)

Data Controller: Clikfast Ventures
Location: Nairobi, Kenya
Email: support@clikfast.co.ke
Phone/WhatsApp: +254 721 374171

If you have questions about this Policy or how we handle your data, contact us using the details above.

3) Scope of This Policy

This Policy applies to personal data processed by Clikfast Ventures in relation to:

  • Website visitors;

  • Customers and subscribers to our internet services;

  • Prospective customers;

  • Business contacts, suppliers, contractors, and partners; and

  • Individuals captured in our service delivery processes (e.g., site surveys, installations, support requests).

This Policy does not cover third-party websites, products, or services that may be linked from our website. Their privacy practices are governed by their own policies.

4) The Personal Data We Collect

We collect personal data in a few main categories:

4.1 Identity and Contact Data

  • Full name

  • Phone number(s)

  • Email address

  • Billing address and/or installation address

  • National ID/identification details (only where required for service onboarding, credit checks, or regulatory/contract needs)

4.2 Service and Account Data

  • Customer account number / subscriber reference

  • Service plan selected, installation date, and service status

  • Support tickets and customer service interactions

  • Communication preferences and consents

4.3 Payment and Transaction Data

  • Payment confirmation details (e.g., transaction reference numbers)

  • Amount paid, payment date/time, invoices/receipts
    (We do not aim to store full card details. Where a third-party payment provider processes card payments, they handle that data under their own compliance obligations.)

4.4 Technical and Network-Related Data

Depending on service type and your equipment, we may process limited technical identifiers necessary to deliver and troubleshoot services, such as:

  • Router/ONT identifiers (e.g., serial number / device MAC address)

  • IP address allocations and session-related logs

  • Network performance and fault diagnostics

  • Service usage indicators required for network management and quality monitoring

4.5 Website and Cookie Data

When you visit our website, we may collect:

  • Device information (browser type, device type, operating system)

  • IP address and approximate location (city/region-level)

  • Pages visited, time spent, and referral source

  • Cookies and similar tracking data (see Section 9)

4.6 Communications Data

  • Messages via WhatsApp, email, phone calls, contact forms, and social media

  • Call recordings (if we record calls, we will notify you where practicable)

  • Any information you choose to share with us for support or enquiries

4.7 CCTV/Smart Security Data (If You Purchase Security Services)

If we provide CCTV/Smart Security installation services, we may process limited personal data needed to install/configure systems:

  • Site information (camera placement areas, device serials)

  • Installation and configuration details

  • Support logs
    (We are not automatically a controller of the footage recorded on your premises; typically, you control that footage unless we explicitly provide managed monitoring/storage services under a separate agreement.)

5) How We Collect Your Data

We collect personal data through:

  • Direct interactions: when you call/WhatsApp us, fill forms, sign service agreements, request installation, or submit support tickets.

  • Automated technologies: cookies and web analytics when you browse our site.

  • Service delivery: installation and technical support processes, including diagnostics.

  • Third parties: e.g., payment confirmations, authorized agents/contractors, or referrals where you have permitted them to share your details.

6) Why We Use Your Data (Purposes)

We process personal data for the following purposes:

6.1 Provide and Manage Services

  • Verify identity and create your subscriber account

  • Install, activate, and maintain your service

  • Provide customer support and troubleshooting

  • Manage service upgrades/downgrades, relocations, and cancellations

6.2 Billing and Payments

  • Issue invoices/receipts

  • Confirm payments and reconcile accounts

  • Prevent fraud and resolve payment disputes

6.3 Network Operations and Security

  • Maintain network reliability and performance

  • Detect, prevent, and respond to security incidents

  • Perform fault diagnostics and quality monitoring

  • Enforce acceptable use and protect the network and other subscribers

6.4 Customer Communications

  • Send service notices (planned maintenance, outages, installations)

  • Respond to enquiries and support requests

  • Share important account information and service updates

6.5 Marketing (Where Permitted)

  • Inform you about new packages, upgrades, promotions, or services

  • Request feedback or customer satisfaction surveys
    You can opt out of marketing at any time (see Section 12).

6.6 Legal and Regulatory Compliance

  • Keep records required for tax/accounting

  • Respond to lawful requests from regulators and law enforcement

  • Handle complaints and disputes consistent with consumer protection expectations in communications services

7) Lawful Basis for Processing (Kenya)

We process personal data lawfully, fairly, and transparently as required by Kenya’s data protection framework . Our primary lawful bases include:

  • Contract: processing necessary to provide the internet service you requested and manage the subscriber relationship.

  • Legal obligation: processing required to meet legal, regulatory, or tax obligations.

  • Legitimate interests: running and securing our network, preventing fraud, improving service quality, and responding to customer needs—balanced against your rights and expectations.

  • Consent: where we rely on consent (e.g., optional marketing communications or certain cookie categories), you may withdraw it at any time.

8) Data Minimization and Purpose Limitation

We aim to:

  • Collect only what is necessary for legitimate service delivery;

  • Use personal data only for the purposes described in this Policy; and

  • Retain data only as long as necessary (see Section 11).

These are core expectations under Kenya’s data protection regime and support the constitutional privacy principle .

9) Cookies and Website Analytics

9.1 What Cookies Are

Cookies are small text files stored on your device when you visit a website. They help the site work properly, improve user experience, and understand how visitors use the website.

9.2 Types of Cookies We May Use

  • Strictly necessary cookies: required for the website to function (e.g., security, basic preferences).

  • Performance/analytics cookies: help us understand site traffic and improve content.

  • Functionality cookies: remember choices you make (e.g., language, region).

  • Marketing cookies: used to show relevant ads or measure campaign performance (only if enabled).

9.3 Managing Cookies

You can control cookies using your browser settings (block, delete, or limit). If you disable cookies, some parts of the site may not work properly.

10) Sharing and Disclosure of Personal Data

We do not sell your personal data. We may share personal data only when necessary and in controlled ways, including:

10.1 Service Providers (Processors)

We may share data with trusted vendors who help us operate our business, such as:

  • Installation contractors/technicians

  • Hosting providers and IT support

  • Customer support tools

  • Payment processors and accounting systems

  • SMS/Email messaging providers

We expect processors to handle personal data securely and only for our instructions, consistent with controller/processor obligations under Kenya’s framework .

10.2 Business Transfers

If Clikfast is involved in a merger, acquisition, restructuring, or asset sale, personal data may be transferred as part of that transaction, subject to appropriate safeguards and notices.

10.3 Legal and Regulatory Disclosure

We may disclose personal data if required to do so by law or in response to valid legal processes, court orders, or lawful requests from competent authorities. Kenya’s Constitution protects privacy including the privacy of communications , so we handle such requests carefully and disclose only what is legally required and proportionate.

11) Data Retention

We retain personal data only as long as necessary for the purposes set out in this Policy, including:

  • Account and service records: retained for the duration of the service and for a reasonable period after closure to handle disputes, audits, or legal obligations.

  • Billing and transaction records: retained as required for accounting/tax compliance and audit purposes.

  • Support tickets and communications: retained to improve support, manage disputes, and maintain service quality.

  • Technical logs: retained for network management, troubleshooting, security, and compliance needs, then deleted or anonymized where feasible.

When retention is no longer necessary, we securely delete, anonymize, or archive data.

12) Your Rights (Data Subject Rights in Kenya)

Under Kenya’s data protection framework, data subjects have enforceable rights . Subject to legal limits and verification, you may request:

  • Access to your personal data and information about how it’s processed

  • Correction of inaccurate or incomplete data

  • Deletion/erasure (where lawful and applicable)

  • Objection to processing based on legitimate interests in certain circumstances

  • Restriction of processing in certain circumstances

  • Data portability (where applicable)

  • Withdrawal of consent where processing is based on consent (e.g., marketing)

  • Complaint to the appropriate authority if you believe your rights have been violated

To exercise your rights, contact us at support@clikfast.co.ke. We may ask for identification to verify your request and protect your information.

13) Marketing Preferences

If you receive marketing messages from us, you can opt out any time by:

  • Replying “STOP” where applicable; or

  • Contacting us at support@clikfast.co.ke; or

  • Using an unsubscribe link (for email, if provided).

Service/transactional communications (e.g., installation updates, billing notices, outages) may still be sent because they are necessary for service delivery.

14) Security Measures

We take reasonable technical and organizational measures to protect personal data from loss, misuse, unauthorized access, disclosure, alteration, or destruction. Measures may include:

  • Access controls and staff confidentiality obligations

  • Secure configuration practices for customer premise installations

  • Limiting internal access to “need-to-know”

  • Encryption/security controls where appropriate

  • Monitoring and incident response procedures

No method of transmission or storage is 100% secure. However, we work to reduce risk and respond promptly if an incident occurs.

15) Data Breaches

If a personal data breach occurs that may result in harm or risk to individuals, we will take steps aligned with Kenya’s regulatory expectations, which may include containment, investigation, notification to affected individuals where appropriate, and reporting to relevant authorities when required .

16) Cross-Border Transfers

If we transfer personal data outside Kenya (for example, to a cloud service provider), we will take steps to ensure appropriate safeguards are in place as required by Kenya’s data protection framework .

17) Children’s Privacy

Our internet services are typically purchased by adults. If we become aware that we have collected personal data from a child without appropriate authority/consent, we will take steps to delete or correct the data where required and lawful.

18) Customer Premises Equipment and Wi-Fi Security (Customer Guidance)

When we install routers/ONTs or configure Wi-Fi, we encourage customers to keep their networks secure:

  • Use strong Wi-Fi passwords and change default router admin passwords

  • Keep firmware updated where possible

  • Avoid sharing admin credentials widely

  • Use guest Wi-Fi for visitors/business customers where appropriate

We may provide reasonable assistance with configuration as part of support.

19) Third-Party Links and Services

Our website may include links to third-party sites (social media, payment portals, maps). We are not responsible for their content or privacy practices. Please review their privacy policies before providing information.

20) Complaints and Contact

20.1 Contact Us First

If you have concerns, contact:
Clikfast Ventures
Email: support@clikfast.co.ke
Phone/WhatsApp: +254 721 374171

20.2 Escalation to the Regulator

If you are not satisfied with our response, you may raise your concern with the relevant Kenyan authorities responsible for privacy/data protection matters under the national framework established by the Data Protection Act .

21) Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, services, or legal requirements. We will post the updated version on our website with a revised “Last Updated” date.

22) Acceptance

By using our website or services, you acknowledge that you have read and understood this Privacy Policy.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by