Learnovate Privacy Statement
LEARNOVATE Commitment to GDPR The GDPR enforces cross-border data protection mechanisms for businesses with operations in multiple EU member states. Acting as a central supervisory authority, the GDPR governs data protection issues for all global businesses processing personal data.
LEARNOVATE as a company is committed to providing secure services by implementing and adhering to prescribed compliance policies, both as a data controller and processor. The upcoming GDPR enforcement is critical to our mission of providing EU and all our global customers with safe and dependable business software suite.
In the course of your contacts with us, you may supply us with personal information. We may use this information to respond to your requests or to contact you via mail, email, chat, or telephone to inform you of the new products, applications, or services that we believe may be of interest to you. Suppose you choose to provide us with personal information. In that case, this will be considered an explicit consent from you to the storage and use of such information for the purposes described above.
To strengthen an individual’s privacy rights, the European Union brought about the General Data Protection Regulation or GDPR. Fortifying existing directives on data protection, the GDPR defines guidelines for businesses collecting, storing, and processing personal data. The regulation issued by the European Union applies to companies processing personal data of European residents and has an enforcement deadline of May 2018.
Effective compliance addresses data privacy and security requirements no matter where your business is located or what industry you belong to. At LEARNOVATE, we optimize business value from our products and services by adhering to recommended standards and policies. Hence, our cloud ecosystem is capable of providing you with a robust and scalable structure for safe processing of yours, and your customer’s data.
3 principles support our GDPR compliance practices
Deliver business value by optimizing service efficiency with secure and scalable systems for collecting, storing and processing data.
Increase customer and partner awareness on regulation requirements, ensuring consistent application of data protection measures.
Drive business performance through continuous improvement, best practices and innovation. Leading up to compliance before May 2018, LEARNOVATE’s operative GDPR program comprises evaluating and updating our existing Privacy Notice. Our comprehensive GDPR program is supported by key privacy principles — Accountability, Privacy by Design and Default, Data Minimization and Masking, Subject Access Rights, among others. Our business leaders and key executives are fully aware of the significance and impact of GDPR on ours, as well as our customer’s business. Technology and operations related to the business are subject to regular sensitization programs.
GDPR and THE DATA PROTECTION ACT, KENYA implementation at LEARNOVATE
At LEARNOVATE, there exists an established Privacy Notice created with support from our leadership. Our leaders commit to support and provide guidelines for data protection compliance through a framework of standard policies and procedures. LEARNOVATE defines metrics for monitoring and governing health of the Privacy Notice which is independently run under the direct control of the Management Steering Committee.
Customer’s Personal Data with LEARNOVATE
LEARNOVATE delivers on our customer’s privacy notice objective by enabling comprehensive data flow and process maps for the customer’s data. Periodic and need-based Privacy Impact Analysis (PIA) across these data flow and process maps aids in keeping our program aligned with the ever-changing business and technology landscapes.
Privacy by Design and Default
Programs, projects, and processes at LEARNOVATE are aligned to Privacy Principles right from inception of an idea or project, thereby supporting Privacy by Design and Default principles.
Individual Rights, Subject Access, and Communication
The GDPR and THE DATA PROTECTION ACT, KENYA implementation thoroughly evaluates how LEARNOVATE, both as a data controller and processor, is placed with its existing procedures for readiness to; Provide rights of individuals under GDPR and THE DATA PROTECTION ACT, KENYA and, Assist customers in responding to data access requests from individuals. The program further evaluates the current Privacy Notice and necessary communication to customers.
Business contact information
What information do we collect about you?
Some data will be collected automatically by our Web Site using cookie and other data will only be collected if you voluntarily submit it and consent to us using it for the purposes set out in section 7, for example, when signing up for an Account. Depending upon your use of Our Web Site, Products and Services, we may collect some or all of the following data
We may collect and process the following information about you:
- Your name, mobile number, email identification, designation, IP and device information;
- Information that you provide during the registration process for the Services and copies of any documents you provide to us;
- Your account details, including your contact details, username, password and any security questions and answers;
- Your payment information in relation to the Services, including your credit card, Mpesa and bank account details;
- Your address book contacts uploaded on your device;
- Information that you post on our website or share via the Services or through filling the student registration form;
Any feedback you provide through or about the Services;
- Any correspondence between you and us;
- Details of your visits to our website and/or your use of the Services (including traffic data, location data, weblogs and other communication data and the resources that you access); and
- Any other information you provide to us from time to time.
Recording of communications via the Services
LEARNOVATE may record communications and calls made via the Services for the purposes of providing a value-added service to our customers and for enhancing the customer experience of the Services. LEARNOVATE will not access the content of any recordings, except:
- Appropriately support the Services
- For anticipating, diagnosing, supporting or resolving any problems that might limit or disrupt the quality of our customers’ service experience; or
- As required by law and regulatory authorities.
LEARNOVATE is not responsible for how you use your recordings or the recording features.
How do we use your information?
All personal data is stored securely in accordance with the EU General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and THE DATA PROTECTION ACT, KENYA. For more details on security, see section 13, below.
We use your data to provide the best possible services to you and we may use your information in the following ways:
- to deal with your requests and inquiries, and to provide you with information about our Services, activities or content;
- to process the registration and maintenance of your account;
- to personalize how our website and services are presented to you, including to ensure that the content of our website and services are shown most effectively for you and for your device;
- to carry out our obligations arising from any contracts entered into between you and us;
- to investigate any breach of our End User Licence Terms by or relating to you;
- to allow you to participate in interactive features of our Services;
- and to notify you about changes at LEARNOVATE.
With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by [email] AND/OR [telephone] AND/OR [text message] AND/OR [post] with information, news and offers on Our [products] AND/OR [services]. We will not, however, spam and will take all reasonable steps to ensure that we fully protect your rights and comply with Our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.
Under GDPR and THE DATA PROTECTION ACT, KENYA we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
- you have given consent to the processing of your personal data for one or more specific purposes;
- processing is necessary for the performance of a contract to which you are a party or to take steps at the request of you prior to entering into a contract;
- processing is necessary for compliance with a legal obligation to which we are subject to;
- processing is necessary to protect the vital interests of you or of another natural person;
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- and/or processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the fundamental rights and freedoms of the data subject to which require protection of personal data, where the data subject is a child.
How do we protect your information?
The security of your information is important to us. We maintain appropriate and reasonable security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks by implementing administrative and technical security measures. However, the transmission of information via the internet and global telecommunications networks is not entirely secure. Although we will do our best to protect your personal information, we cannot guarantee the
Will we share your information with third parties?
Any information you upload to your profile and/or post on our website may be visible to our personnel and other website users.
We may disclose your information to third parties:
where partners help us in the administration or operation of our organization (e.g. our hosting/back-up service providers, telephony providers and our IT service providers);
- where we use third-party providers in the provision of the Services to you;
- to related companies of LEARNOVATE (e.g. Tele DNA) for the purposes of providing the Services to you;
- in order to enforce or in complying with our obligations under our terms and conditions, End User Licence Terms or other agreements; or to protect our rights, property, or safety or that of other users or third parties; and
- if we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation.
When we are under a duty to disclose or share your personal information pursuant to our legal or regulatory obligations (e.g. telecommunications licensing obligations), we will redirect that request to you unless we are prohibited from doing so.
No information may be submitted to LEARNOVATE by persons under the age of 18 without the consent of a parent or legal guardian, nor may persons under the age of 18 make purchases or other legal acts on this Site without such consent. Kindly comply with this policy.