daichiprocurement.com
DAICHIPROCUREMENT SOLUTIONS

Legal

Privacy Policy

Last updated: 16 May 2026

Daichi Procurement Solutions Limited ("Daichi", "we", "us") is a procurement services company registered in Nairobi, Kenya. We respect your privacy and are committed to handling your personal data lawfully, transparently, and securely — in line with the Kenya Data Protection Act, 2019 and the EU General Data Protection Regulation (GDPR) where applicable.

1. Data we collect

We collect personal data that you submit through our website forms and through direct correspondence with our team. This includes:

  • Contact details: name, email address, phone number, company name.
  • Quote and enquiry details: client type, services of interest, project descriptions, and preferred contact method.
  • Resource downloads: email addresses captured when you request a free template, checklist, or guide.
  • Technical data: IP address, device type, browser, and pages visited (via standard server logs and minimal analytics).

2. How we use your data

  • To respond to quote requests, enquiries, and consultation bookings.
  • To deliver the resources you request (templates, checklists, guides).
  • To send you occasional updates about our services where you have given consent or where we have a legitimate business interest, with an unsubscribe option in every message.
  • To improve our website, services, and customer experience.
  • To comply with legal, tax, and regulatory obligations in Kenya.

3. Legal basis for processing

We rely on one or more of the following lawful bases: your consent, the performance of a contract with you, our legitimate business interests, and compliance with legal obligations.

4. How long we store your data

  • Quote requests and enquiries: retained for up to 7 years to support contractual records and tax compliance.
  • Email capture for resources: retained until you unsubscribe or for up to 3 years of inactivity, whichever comes first.
  • Server logs and analytics: retained for up to 12 months.

5. Sharing your data

We do not sell your personal data. We share it only with:

  • Trusted service providers (hosting, email delivery, CRM) acting on our instructions under written data-processing terms.
  • Regulators, auditors, or law enforcement where required by Kenyan law.

6. International transfers

Some of our service providers process data outside Kenya. Where this happens we use providers offering recognised safeguards (such as Standard Contractual Clauses or equivalent) to protect your data.

7. Your rights

Under the Kenya Data Protection Act and GDPR (where applicable) you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict certain processing.
  • Withdraw consent at any time where consent is the basis for processing.
  • Lodge a complaint with the Office of the Data Protection Commissioner (Kenya) or your local supervisory authority.

8. Security

We use industry-standard technical and organisational measures — encryption in transit, role-based access controls, and routine security reviews — to protect your data against unauthorised access, loss, or disclosure.

9. Cookies

We use a minimal set of essential cookies to operate the site. We do not use advertising or cross-site tracking cookies.

10. Contact us

For any data-protection request — including access, correction, or deletion — contact our Data Protection Officer at privacy@daichiprocurement.com. We will respond within 30 days.

11. Changes to this policy

We may update this policy from time to time. The "Last updated" date above always reflects the most recent version.