Jalia Advisers & Intermediaries
Data Handling Policy

Contents

Introduction………………………………………………………….iii
Data Collection…………………………………………. ……….iii
Data Usage …………………………………………………………..iii
Data Safety …………………………………………………………..iv
Data Movement……………………………………………………iv
User Rights ……………………………………………………………iv
Updates…………………………………………………………………..iv

Introduction

Jalia Advisers & Intermediaries (JAI) is committed to safeguarding user data in compliance with
privacy regulations, including Kenya’s Data Protection Act No. 24 of 2019 (DPA). This document
outlines our data-handling methods and user rights.

Data Collection

Direct Interactions: JAI collects personal data during interactions such as client onboarding,
service requests, and communication.
Digital Footprints: We gather data from digital sources, including IP addresses, browser
specifications, and website interactions.

We collect the following information from our clients:

• Identity information: Names, copies of identity documents (e.g., national ID or passport),
  dates of birth, and addresses.
• Contact information: Phone numbers and email addresses.
• Device identifier information: Internet protocol addresses, browser types, and similar data
  from our website users.
• Financial information: Bank account details for processing payments.
• Photographs: Images of our clients for processes with government registries and other
  public authorities.
• Vehicle registration details: Information about vehicles belonging to visitors to our offices.

We collect this personal data directly when clients engage our services. Additionally, we may indirectly collect personal data from other professional service providers or from our corporate clients regarding individuals they employ or contract. In such cases, we rely on these third parties
to inform the individuals that their personal data will be shared with us, and we use this data solely
for the stated purposes.

Data Usage

Purpose: JAI uses collected data for client facilitation, service enhancement, research,
compliance, and website optimization.
Transparency: Users have the right to know how their data is used and can request details.

We use the personal data we gather to deliver services and fulfill various legal requirements, such
as:

• Conducting Know Your Customer (KYC) checks
• Providing investment advice
• Handling various registration formalities
• Processing tax payments
• Facilitating transactions as an agent or stakeholder
• Enhancing our website
• Complying with regulatory obligations
• Informing about our services or upcoming events
• Prosecuting and defending our rights in legal proceedings or enforcing agreements
• Addressing queries or complaints

Additionally, with their consent, we may use personal data to keep stakeholders informed about
industry developments, invite them to events, and provide information about our services. We
recognize the sensitivity of certain personal data, such as financial information, and ensure it is
processed in accordance with the DPA.

Data Safety

Security Measures: JAI employs robust security protocols to protect user data.
Storage and Access: Data is securely stored, and access is controlled.
Retention Strategy: We follow a clear data retention policy, including periodic audits and data
retention schedules.

Data Movement

Within Kenya and Internationally: JAI may share data within Kenya or internationally, adhering to
relevant guidelines. Transfers outside Kenya are based on adequacy decisions or necessity.
Data Sharing: Data may be shared with third parties under a data-sharing agreement, ensuring
safeguards are in place.

User Rights

Compensation: Users have the right to appeal for compensation for damage caused by data
processors or controllers.
Anonymity Requests: Users may request their data be processed anonymously or
pseudonymously.

Updates

Our data handling policy is periodically reviewed and updated. For any concerns, please reach out
to our Data Protection Officer via the contact us function.