ZS PRIVACY POLICY
Privacy Policy
Effective Date: [15th May 2025]
Zambi Skin Ltd, we respect your privacy and are committed to protecting your personal data in compliance with the Kenya Data Protection Act, 2019 (DPA). This policy outlines how we collect, use, share, and protect your personal information when you interact with our website and services.
1. Legal Basis for Data Processing
We process your personal data in accordance with the Kenya Data Protection Act, 2019 (DPA) and any other relevant regulations. Our processing is based on consent, contractual necessity, legal obligations, and legitimate interest.
2. Information We Collect
We may collect and process the following types of personal data:
-
Personal Identification: Name, email address, phone number, shipping/billing address.
-
Account Information: Login details, order history, preferences.
-
Payment Information: Credit/debit card details (processed securely by third-party providers).
-
Usage Data: IP address, browser type, browsing history, device information, location data (where applicable).
-
Skin Profile Data: Optional responses to skincare quizzes or consultations.
3. How We Use Your Information
We use your data to:
-
Process and deliver your orders
-
Improve our website and services
-
Provide customer support
-
Send promotional materials (with your consent)
-
Personalize your skincare recommendations
-
Comply with legal obligations
4. Sharing of Data
We do not sell your personal data. However, we may share it with:
-
Service Providers: Payment gateways, delivery partners, marketing platforms.
-
Legal Authorities: If required by law, court order, or to protect our rights.
-
Affiliates or Partners: With your consent, for co-branded promotions or partnerships.
All third parties are required to comply with Kenyan data protection standards.
5. Your Rights Under Kenyan Law
Under the Kenya Data Protection Act, 2019, you have the right to:
-
Access the personal data we hold about you
-
Correct any inaccurate or incomplete data
-
Delete your personal data (“right to erasure”)
-
Object to certain data uses, such as direct marketing
-
Withdraw consent at any time
-
Data portability in a machine-readable format
-
Lodge a complaint with the Office of the Data Protection Commissioner (ODPC)
To exercise your rights, contact us at:
📧 [@zambiskin@gmail.com or info@zambiskin.com]
6. Data Retention
We retain your data only as long as necessary for the purposes set out in this policy, or as required by law. Once no longer needed, data is securely deleted or anonymized.
7. Cookies and Tracking Technologies
Our website uses cookies and similar technologies to enhance your experience. You may disable cookies in your browser settings, but some features may not function correctly.
8. Data Security
We implement appropriate technical and organizational measures to protect your data from unauthorized access, disclosure, alteration, or destruction.
9. Children’s Privacy
Our services are not intended for individuals under the age of 18. We do not knowingly collect personal data from minors without parental or guardian consent.
10. International Data Transfers
If we transfer your data outside Kenya (e.g., for cloud hosting or third-party services), we ensure such transfers comply with the DPA and include adequate safeguards.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised “Effective Date.” Continued use of our website constitutes your agreement to the updated policy.
12. Contact Us
If you have any questions about this Privacy Policy or your data, please contact:
📧 [info@zambiskin.com]
📍 [Westlands, Nairobi]
📞 [+254702815666]