Western Heights, 2nd Floor, Karuna Road, Westlands
Mon-Sat, 8.00-18.00. Sunday CLOSED
PRACTICE AREAS
Data Protection & Cyber Security
The Data Protection Act was enacted in 2019 to accentuate and enliven Article 31(c) and (d) of the Constitution of Kenya (2010) which recognizes a person’s Right to Privacy (‘’data subjects’’). The Act brings into play comprehensive laws that protect the personal information of individuals. It establishes the Office of the Data Protection Commissioner, makes provision for the regulation of the processing of personal data, provides for the rights of data subjects and obligations of data controllers and processors.
We will walk with your organisation to ensure your full compliance with the Data Protection Act, 2019 through the following services:
- Advisories on compliance with the Data Protection Act, 2019 including but not limited to fulfilment of data subject rights, formulation and implementation of a consent management framework, vendor risk assessments, cross-border transfer of personal information and cloud data processing.
- Training, workshops, and webinars tailored to your organisation’s needs and cover compliance with the Data Protection Act, 2019 with a focus on sensitization of emerging issues in relation to privacy and data protection.
- Data Protection Officer Services: Section 24 of the Data Protection Act provides that a data controller or data processor may appoint or designate a Data Protection Officer. We offer Data Protection Officer services which include continuous advice on compliance with the Data Protection Act, facilitating capacity building, carrying out continuous data protection impact assessments and cooperation with the Office of the Data Protection Commissioner.
- Data Protection Impact Assessments, Audits and Reviews: Review your compliance with the Data Protection and propose strategies to improving compliance.
- Review of documentation: Includes drafting or reviewing of internal data protection policies, incident response plans arising from data breeches, privacy notices, agreements/contracts to ensure operational compliance with the Data Protection Act.
- Registration with the office of the data Protection Officer: of organisations as data processors and/or controllers as the case may be.
- Dispute resolution: Data protection dispute resolution through representation before the data commissioner, court litigation and mediation.
Write to us
Head OfficeÂ
Andrew & Steve Advocates
Advocates, Commissioners for Oaths and Notaries Public
Western Heights, 2nd Floor,
Karuna Road, Westlands
P.O. Box 52 - 00606,Sarit Centre,
Nairobi, Kenya
Tel: +254 707 324 113 / 202 324 113
Email: as@asadvocates.co.ke
© Copyright 2018 Andrew & Steve Advocates.