Home/Privacy Policy

Privacy Policy

Last Updated: January 2026

1. Introduction

ShieldPoint Africa Limited ("ShieldPoint," "we," "us," or "our") is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our services, platforms, and website.

This Policy applies to our Fraud Intelligence Platform, Insurance Investigation Platform, corporate website (shieldpointafrica.com), and all related services and products. We comply with the Data Protection Act, 2019 of Kenya and applicable international data protection standards.

2. Data Controller

ShieldPoint Africa Limited acts as a Data Controller for personal data collected through our website and direct interactions, and as a Data Processor for Customer Data processed on behalf of our clients.

Contact Information:

  • ShieldPoint Africa Limited, Nairobi, Kenya
  • Email: privacy@shieldpointafrica.com

3. Information We Collect

3.1 Information You Provide Directly

Account Information:

  • Name, email address, phone number
  • Company name and business address
  • Job title and role
  • Account credentials

Billing Information:

  • Billing address
  • Payment details (processed by secure payment providers)
  • Invoice history

Communications:

  • Support requests and correspondence
  • Feedback and survey responses
  • Demo request forms

4. How We Use Your Information

To Provide Services

Operating and maintaining our platforms, processing transactions, providing customer support, and administering your account.

To Improve Services

Analyzing usage patterns, developing new products, training AI models using aggregated data, and conducting research.

For Security and Compliance

Detecting fraud, enforcing our Terms of Service, complying with legal obligations, and responding to lawful requests.

For Communications

Sending service-related announcements, product updates, newsletters, and responding to inquiries.

5. Data Security

Technical Measures:

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Multi-factor authentication
  • Regular security assessments and penetration testing

Organizational Measures:

  • Employee background checks
  • Security awareness training
  • Access controls and least-privilege principles
  • Incident response procedures

Certifications:

  • SOC 2 Type II
  • ISO 27001 alignment

6. Your Rights

Under the Data Protection Act, 2019 and applicable laws, you have the right to:

  • Access: Request a copy of personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data in certain circumstances
  • Restriction: Request limitation of processing in certain circumstances
  • Data Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, email: privacy@shieldpointafrica.com. We will respond within 30 days.

7. Data Retention

Account Information: Duration of account + 3 years

Billing Records: 7 years (legal requirement)

Usage Logs: 2 years

Support Tickets: 3 years

Customer Data: As specified in client agreement, minimum 30 days post-termination for export

8. Changes to This Policy

We may update this Privacy Policy periodically. We will post the updated policy on our website and update the "Last Updated" date. Continued use of Services after changes constitutes acceptance of the updated policy.

For privacy-related questions or to exercise your rights, contact: privacy@shieldpointafrica.com

Terms of ServiceSecurity & SLA