πŸ”’ Your Data is Protected

Data Protection Policy

Comprehensive Guide to How We Collect, Process, Store & Safeguard Your Personal Information

πŸ“… Last Updated: April 16, 2026 | Effective Date: April 16, 2026

πŸ“‹ Quick Navigation

1. Introduction & Our Commitment to Data Protection

πŸ›‘οΈ Our Promise: At Linj Sparkle Cleaners, protecting your personal information is not just a legal obligationβ€”it's a fundamental commitment to earning and maintaining your trust. We understand that when you share your information with us, you're placing your confidence in our ability to handle it responsibly and securely.

1.1 Purpose of This Policy

This Data Protection Policy explains how Linj Sparkle Cleaners collects, uses, stores, protects, and manages your personal information in compliance with:

  • Kenya Data Protection Act, 2019: The primary data protection legislation in Kenya
  • Kenya Data Protection (General) Regulations, 2021: Detailed implementation guidelines
  • General Data Protection Regulation (GDPR): European Union data protection standards
  • Industry Best Practices: International standards for data security and privacy

1.2 Who We Are

Data Controller: Linj Sparkle Cleaners
Business Registration: [Registration Number]
Location: Kitale, Trans-Nzoia County, Kenya
Services: Professional residential and commercial cleaning services
DPA Registration: Registered with Kenya Office of the Data Protection Commissioner (ODPC)

1.3 Scope of This Policy

This policy applies to:

  • All personal information collected through our website (linjsparklecleaners.com)
  • Information gathered during service bookings and consultations
  • Data collected through phone calls, emails, and social media
  • Information obtained during service delivery at client premises
  • Employee and contractor personal data
  • Supplier and business partner information

2. Data Protection Principles We Follow

Our data protection practices are built on internationally recognized principles that guide every aspect of how we handle your information.

βš–οΈ 1. Lawfulness, Fairness & Transparency

We process personal data lawfully, fairly, and in a transparent manner. We clearly explain what information we collect, why we collect it, and how we use it. We never use deceptive practices to obtain your data.

In Practice:

  • Clear privacy notices at every data collection point
  • Plain language explanations without legal jargon
  • Honest communication about data usage
  • No hidden data collection or processing

🎯 2. Purpose Limitation

We collect personal data for specific, explicit, and legitimate purposes only. We don't use your data for purposes you haven't been informed about or wouldn't reasonably expect.

In Practice:

  • Data collected only for cleaning service delivery
  • Marketing only with explicit consent
  • Clear communication about each purpose
  • No repurposing without new consent

πŸ“Š 3. Data Minimization

We collect only the minimum amount of personal data necessary for our purposes. If we don't need it, we don't ask for it.

In Practice:

  • Essential information only for service delivery
  • No unnecessary forms or questions
  • Regular review of data collection practices
  • Optional fields clearly marked

βœ… 4. Accuracy

We take reasonable steps to ensure personal data is accurate, complete, and up-to-date. We provide mechanisms for you to correct inaccurate information.

In Practice:

  • Regular data verification processes
  • Easy update and correction procedures
  • Confirmation of details before service delivery
  • Prompt correction of identified errors

⏰ 5. Storage Limitation

We keep personal data only for as long as necessary for the purposes for which it was collected. We have clear retention periods and secure disposal procedures.

In Practice:

  • Defined retention periods for each data category
  • Automatic deletion after retention period
  • Secure disposal of no-longer-needed data
  • Regular data cleanup audits

πŸ” 6. Integrity & Confidentiality (Security)

We implement appropriate technical and organizational measures to protect personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage.

In Practice:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security audits and updates
  • Employee training on data security

πŸ“ 7. Accountability

We are responsible for and can demonstrate compliance with all data protection principles. We maintain records of our processing activities and implement policies to ensure ongoing compliance.

In Practice:

  • Documented data processing procedures
  • Regular compliance reviews
  • Data protection impact assessments
  • Transparent reporting to authorities

Under data protection law, we must have a valid legal basis to process your personal information. We rely on the following legal bases:

3.1 Consent

You have given clear, informed, and freely-given consent for us to process your personal data for specific purposes.

Examples:

  • Marketing communications (emails, SMS)
  • Newsletter subscriptions
  • Social media engagement
  • Photography/testimonials
  • Optional data collection

Your Rights: You can withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

3.2 Contract Performance

Processing is necessary to fulfill our contract with you or to take steps before entering into a contract.

Examples:

  • Processing booking requests
  • Scheduling cleaning services
  • Providing customer support
  • Processing payments
  • Delivering services to your premises

3.3 Legal Obligation

Processing is necessary for compliance with legal obligations to which we are subject.

Examples:

  • Tax and accounting records
  • Employment law compliance
  • Health and safety regulations
  • Responding to lawful requests from authorities
  • Anti-money laundering checks

3.4 Legitimate Interests

Processing is necessary for our legitimate interests or those of a third party, except where such interests are overridden by your rights and freedoms.

Examples:

  • Preventing fraud and maintaining security
  • Improving our services and website
  • Network and information security
  • Business administration and analytics
  • Investigating complaints

πŸ’‘ Balancing Test: When we rely on legitimate interests, we conduct a balancing test to ensure our interests don't override your rights and freedoms. You have the right to object to processing based on legitimate interests.

4. Data Collection & Processing Activities

4.1 Types of Personal Data We Collect

A. Identity & Contact Information

  • Full name
  • Email address
  • Phone number (mobile and landline)
  • Postal address (for service delivery)
  • Date of birth (optional)
  • Gender (optional)

B. Service-Related Information

  • Property type and size
  • Service preferences and requirements
  • Booking history and schedules
  • Special instructions or requests
  • Access codes or keys (securely stored)
  • Property photos (with consent)

C. Financial Information

  • Payment methods (M-Pesa, bank transfer)
  • Transaction history
  • Billing addresses
  • Invoice preferences

πŸ”’ Security Note: We do NOT store full credit card numbers, CVV codes, or M-Pesa PINs. Payment information is processed securely through certified payment processors.

D. Technical & Usage Data

  • IP address and device identifiers
  • Browser type and version
  • Operating system
  • Website pages visited and duration
  • Referral sources
  • Cookies and tracking data (see Cookie Policy)

E. Communication Data

  • Email correspondence
  • Phone call records (date, time, duration)
  • SMS/WhatsApp messages
  • Chat transcripts
  • Feedback and reviews
  • Complaints and resolutions

F. Marketing & Preferences

  • Marketing consent status
  • Communication preferences
  • Newsletter subscriptions
  • Survey responses
  • Promotional engagement

4.2 How We Collect Personal Data

Direct Interactions

Information you provide directly when you:

  • Fill out booking forms on our website
  • Call or email us
  • Create an account
  • Request a quote or consultation
  • Provide feedback or reviews
  • Subscribe to newsletters
  • Participate in promotions or competitions

Automated Technologies

Information collected automatically through:

  • Website cookies and tracking pixels
  • Web analytics tools (Google Analytics)
  • Server logs and error reports
  • Email tracking (open rates, click-through)
  • Social media interactions

Third-Party Sources

Information we may receive from:

  • Payment processors (transaction confirmations)
  • Social media platforms (if you interact with us)
  • Referral partners or affiliates
  • Public directories and databases
  • Credit reference agencies (business clients)

Service Delivery

Information collected during service provision:

  • Property access details
  • Service completion reports
  • Quality assurance feedback
  • Before/after photos (with consent)
  • Special requirements or observations

4.3 Purposes of Data Processing

We process your personal data for the following purposes:

Purpose Types of Data Legal Basis
Service Delivery Identity, Contact, Service, Financial Contract Performance
Customer Support Identity, Contact, Communication Contract Performance, Legitimate Interests
Payment Processing Identity, Financial, Transaction Contract Performance, Legal Obligation
Marketing Communications Identity, Contact, Preferences Consent
Website Improvement Technical, Usage, Behavioral Legitimate Interests
Security & Fraud Prevention Identity, Technical, Transaction Legitimate Interests, Legal Obligation
Legal Compliance All Categories Legal Obligation
Business Analytics Usage, Technical, Service Legitimate Interests

5. Comprehensive Security Measures

We implement robust technical and organizational security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction.

5.1 Technical Security Measures

πŸ” Encryption

  • Data in Transit: 256-bit SSL/TLS encryption for all data transmitted between your browser and our servers
  • Data at Rest: AES-256 encryption for stored personal data in databases
  • Payment Data: PCI DSS compliant encryption for all payment information
  • Email Security: Encrypted email communications for sensitive information

πŸ›‘οΈ Access Controls

  • Role-Based Access: Employees only access data necessary for their role
  • Multi-Factor Authentication: Required for all system access
  • Strong Password Policy: Complex passwords changed regularly
  • Access Logs: All data access is logged and monitored
  • Automatic Logout: Sessions expire after inactivity

πŸ–₯️ Infrastructure Security

  • Firewalls: Multi-layer firewall protection
  • Intrusion Detection: Real-time monitoring for suspicious activity
  • Regular Updates: Automatic security patches and updates
  • Malware Protection: Advanced anti-virus and anti-malware systems
  • Secure Hosting: Data hosted on secure, certified servers

πŸ’Ύ Backup & Recovery

  • Daily Backups: Automated daily backups of all systems
  • Encrypted Backups: All backups are encrypted
  • Off-Site Storage: Secure off-site backup locations
  • Disaster Recovery: Tested recovery procedures
  • Data Redundancy: Multiple copies in secure locations

5.2 Organizational Security Measures

πŸ‘₯ Employee Training & Awareness

  • Data Protection Training: Mandatory training for all staff
  • Regular Updates: Quarterly security awareness sessions
  • Confidentiality Agreements: All employees sign NDAs
  • Clear Desk Policy: No sensitive information left unattended
  • Incident Response Training: Staff trained on breach procedures

πŸ“‹ Policies & Procedures

  • Data Protection Policy: Comprehensive internal policies
  • Acceptable Use Policy: Guidelines for system usage
  • Incident Response Plan: Documented breach response procedures
  • Data Retention Schedule: Clear retention and disposal guidelines
  • Vendor Management: Security requirements for third parties

πŸ” Monitoring & Auditing

  • Security Audits: Annual third-party security assessments
  • Penetration Testing: Regular security testing
  • Vulnerability Scanning: Continuous vulnerability assessments
  • Compliance Reviews: Quarterly compliance checks
  • Activity Monitoring: Real-time monitoring of system access

5.3 Physical Security

  • Secure Facilities: Restricted access to offices and server rooms
  • CCTV Surveillance: 24/7 video monitoring of premises
  • Visitor Logs: All visitors registered and escorted
  • Locked Storage: Physical documents stored in locked cabinets
  • Secure Disposal: Shredding of physical documents

⚠️ Your Responsibility: While we implement strong security measures, please help protect your data by using strong passwords, not sharing login credentials, logging out after sessions, and reporting any suspicious activity immediately.

6. Data Retention & Secure Disposal

We only keep your personal data for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, or protect our legitimate interests.

6.1 Retention Periods by Data Category

Data Category Retention Period Reason
Active Customer Data Duration of relationship + 2 years Service provision, warranty claims
Financial Records 7 years Tax and legal compliance (Kenya Tax Laws)
Marketing Data (with consent) Until consent withdrawn or 3 years of inactivity Marketing communications
Website Analytics 26 months Performance analysis
CCTV Footage 30 days Security purposes
Communication Records 2 years Customer service, dispute resolution
Employee Records Duration of employment + 6 years Legal compliance, references
Complaint Records 3 years Resolution tracking, legal defense
Prospective Customer Data 1 year of inactivity Follow-up communications

6.2 Factors Determining Retention Periods

  • Legal Requirements: Compliance with tax, employment, and other laws
  • Contractual Obligations: Terms of service agreements
  • Statute of Limitations: Period for potential legal claims
  • Business Necessity: Ongoing service provision needs
  • Data Subject Requests: Your right to erasure
  • Legitimate Interests: Fraud prevention, security

6.3 Secure Data Disposal Procedures

When data reaches the end of its retention period:

Step 1: Retention Review

Quarterly automated review identifies data due for disposal

Step 2: Legal Hold Check

Verify no legal, regulatory, or business reason to retain

Step 3: Secure Deletion

Electronic data: Multiple-pass overwriting or cryptographic erasure
Physical documents: Cross-cut shredding followed by secure disposal

Step 4: Verification

Confirm complete deletion and log disposal action

Step 5: Backup Removal

Data removed from backup systems according to backup retention schedule

πŸ’‘ Early Deletion: You can request deletion of your data before the retention period expires by submitting a Right to Erasure request (see Section 7).

7. Your Data Protection Rights

Under the Kenya Data Protection Act, 2019 and GDPR (where applicable), you have comprehensive rights regarding your personal data. We are committed to honoring these rights promptly and transparently.

πŸ“‹ Right to Access

Request a copy of the personal data we hold about you, including information about how we use it and who we share it with.

Response Time: 30 days
Cost: Free (first request)

✏️ Right to Rectification

Request correction of inaccurate or incomplete personal data we hold about you.

Response Time: 30 days
Cost: Free

πŸ—‘οΈ Right to Erasure

Request deletion of your personal data in certain circumstances (e.g., no longer necessary, consent withdrawn).

Response Time: 30 days
Cost: Free

⏸️ Right to Restriction

Request that we restrict processing of your personal data in specific situations.

Response Time: 30 days
Cost: Free

πŸ“€ Right to Data Portability

Receive your personal data in a structured, commonly used format and transmit it to another controller.

Response Time: 30 days
Cost: Free

🚫 Right to Object

Object to processing based on legitimate interests, direct marketing, or research purposes.

Response Time: Immediate (marketing)
Cost: Free

πŸ€– Rights Related to Automated Decision-Making

Not be subject to decisions based solely on automated processing that produce legal or significant effects.

Note: We do not use automated decision-making

πŸ“ž Right to Withdraw Consent

Withdraw consent at any time where we rely on consent as our legal basis for processing.

Response Time: Immediate
Cost: Free

βš–οΈ Right to Lodge a Complaint

Lodge a complaint with the Office of the Data Protection Commissioner if you believe your rights have been violated.

Authority: Kenya ODPC

7.1 How to Exercise Your Rights

To exercise any of your data protection rights:

  1. Submit a Request:
  2. Verify Your Identity: For security, we may ask for identification to verify your identity
  3. Specify Your Request: Clearly state which right you wish to exercise
  4. Await Confirmation: We'll acknowledge your request within 3 business days
  5. Receive Response: We'll respond within 30 days (may extend to 60 days for complex requests)

7.2 Limitations to Your Rights

In certain circumstances, we may be unable to fully comply with your request:

  • Legal Obligations: We must retain data to comply with legal requirements
  • Legitimate Interests: Processing necessary for compelling legitimate interests
  • Legal Claims: Data needed for establishment, exercise, or defense of legal claims
  • Public Interest: Processing necessary for public interest tasks
  • Third-Party Rights: Request would adversely affect rights of others

πŸ’‘ No Retaliation: Exercising your data protection rights will never result in any discrimination, retaliation, or denial of services.

8. Data Sharing & Third-Party Processors

We may share your personal data with trusted third parties to provide our services, comply with legal obligations, or protect our legitimate interests. We never sell your personal data.

8.1 Categories of Recipients

A. Service Providers & Processors

  • Payment Processors: M-Pesa/Safaricom, Stripe, PayPal (secure payment processing)
  • Cloud Hosting: Secure server hosting and data storage
  • Email Services: Transactional and marketing email delivery
  • SMS Providers: Booking confirmations and reminders
  • Analytics Tools: Google Analytics, website performance monitoring
  • Customer Support: Help desk and ticketing systems
  • Accounting Software: Financial record keeping and invoicing

B. Professional Advisors

  • Legal counsel and law firms
  • Accountants and auditors
  • Business consultants
  • Insurance providers

C. Government & Regulatory Authorities

  • Kenya Revenue Authority (KRA) - tax compliance
  • Office of the Data Protection Commissioner (ODPC)
  • Law enforcement agencies (upon lawful request)
  • Courts and tribunals

D. Business Partners

  • Referral partners (with your consent)
  • Joint service providers
  • Franchisees or affiliates

8.2 Data Processing Agreements

All third-party processors must:

  • Sign Written Agreements: Formal data processing agreements (DPAs)
  • Process Only on Instructions: Only process data as we direct
  • Maintain Security: Implement appropriate security measures
  • Maintain Confidentiality: Ensure staff confidentiality
  • Assist with Rights: Help us respond to data subject requests
  • Delete or Return Data: At the end of services
  • Demonstrate Compliance: Provide evidence of compliance upon request

8.3 When We Share Data

  • Service Delivery: To fulfill our contractual obligations to you
  • Legal Compliance: To comply with legal obligations and requests
  • Protection of Rights: To protect our rights, property, or safety
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • With Your Consent: Any other sharing requires your explicit consent

⚠️ No Data Selling: We NEVER sell, rent, or trade your personal data to third parties for their marketing purposes.

9. Data Breach Response Protocol

Despite our robust security measures, no system is 100% secure. We have comprehensive procedures to detect, respond to, and recover from data breaches.

9.1 Breach Detection & Assessment

Detection (0-24 hours)

  • 24/7 security monitoring systems
  • Automated intrusion detection
  • Employee reporting channels
  • Customer reports

Initial Assessment (24-48 hours)

  • Activate Incident Response Team
  • Contain the breach
  • Assess scope and severity
  • Document all actions

Investigation (48-72 hours)

  • Determine cause and entry point
  • Identify affected data and individuals
  • Assess potential harm
  • Implement remediation measures

Notification (72 hours)

  • Notify ODPC within 72 hours (if required)
  • Notify affected individuals
  • Provide clear information about breach
  • Offer support and guidance

Recovery & Review (Ongoing)

  • Restore normal operations
  • Strengthen security measures
  • Conduct post-incident review
  • Update policies and procedures

9.2 What We'll Tell You

If we must notify you of a breach, we'll provide:

  • Nature of the Breach: What happened and when
  • Data Affected: Types of personal data compromised
  • Potential Consequences: Likely impact on you
  • Our Response: Actions we've taken to address the breach
  • Your Actions: Steps you should take to protect yourself
  • Contact Information: How to reach us with questions

9.3 Your Breach Response Actions

🚨 If You Suspect a Breach:

  • Contact us immediately at security@linjsparklecleaners.com
  • Change your passwords immediately
  • Monitor your accounts for suspicious activity
  • Enable two-factor authentication where available
  • Be alert for phishing attempts
  • Report any fraud to relevant authorities

10. Children's Privacy Protection

Protecting children's privacy is paramount. Our services are not directed to children under 18 years of age.

10.1 Age Restrictions

  • Minimum Age: Our services require users to be at least 18 years old
  • No Intentional Collection: We do not knowingly collect data from children under 18
  • Parental Consent: Any services for minors require parental/guardian consent
  • Age Verification: We may verify age before processing bookings

10.2 If We Discover Children's Data

If we learn we have collected personal data from a child under 18 without parental consent:

  1. We will delete the information as quickly as possible
  2. We will not use the information for any purpose
  3. We will not disclose the information to third parties
  4. We will contact the parent/guardian if possible

10.3 Parental Rights

Parents/guardians have the right to:

  • Review any personal data collected from their child
  • Request deletion of their child's data
  • Refuse further collection or use of their child's data
  • Consent to collection but not disclosure to third parties

🚨 Parents: If you believe your child has provided us with personal data, please contact us immediately at privacy@linjsparklecleaners.com

11. International Data Transfers

Your personal data is primarily stored and processed in Kenya. However, some of our service providers may be located outside Kenya, requiring international data transfers.

11.1 Transfer Mechanisms

When we transfer data internationally, we use:

  • Adequacy Decisions: Transfers to countries deemed adequate by Kenya ODPC
  • Standard Contractual Clauses: EU-approved model contracts
  • Binding Corporate Rules: For transfers within corporate groups
  • Your Explicit Consent: Where required and appropriate

11.2 Safeguards for International Transfers

  • All transfers comply with Kenya Data Protection Act requirements
  • Processors in other countries must provide equivalent protection
  • We conduct transfer impact assessments
  • We monitor compliance continuously

11.3 Countries We May Transfer Data To

  • European Union: GDPR-compliant processing
  • United States: With appropriate safeguards (Privacy Shield successors)
  • Other African Countries: Within East African Community

12. Compliance, Oversight & Accountability

12.1 Regulatory Compliance

We are registered and compliant with:

  • Office of the Data Protection Commissioner (ODPC), Kenya
    • Registration Number: [To be inserted]
    • Annual compliance reporting
    • Regular data protection audits
  • Kenya Data Protection Act, 2019
  • Kenya Data Protection (General) Regulations, 2021
  • GDPR (where applicable)

12.2 Data Protection Officer (DPO)

Name: [DPO Name]
Email: dpo@linjsparklecleaners.com
Phone: +254717787242
Responsibilities:

  • Monitoring compliance with data protection laws
  • Advising on data protection impact assessments
  • Cooperating with supervisory authorities
  • Serving as point of contact for data subjects
  • Providing guidance on data protection matters

12.3 Regular Assessments

  • Annual Audits: Comprehensive data protection audits
  • Risk Assessments: Ongoing risk identification and mitigation
  • Impact Assessments: DPIAs for high-risk processing
  • Vendor Reviews: Third-party processor compliance checks
  • Policy Updates: Regular review and update of policies

12.4 Training & Awareness

  • Mandatory data protection training for all employees
  • Specialized training for employees handling personal data
  • Regular security awareness campaigns
  • Updated training materials reflecting legal changes

13. Contact Us & Data Protection Inquiries

πŸ“ž Data Protection Contact Information

Company: Linj Sparkle Cleaners
Data Protection Officer: [DPO Name]
Email: privacy@linjsparklecleaners.com
DPO Direct: dpo@linjsparklecleaners.com
Phone: +254717787242
WhatsApp: +254717787242
Postal Address: Linj Sparkle Cleaners, P.O. Box 21, Kitale, Kenya
Office Location: Kitale Town, Trans-Nzoia County
Business Hours: Monday - Saturday: 8:00 AM - 6:00 PM EAT

13.1 How to Reach Us

For any data protection questions, concerns, or requests:

πŸ“§ Email Us

General Privacy Inquiries: privacy@linjsparklecleaners.com
Data Protection Officer: dpo@linjsparklecleaners.com
Security Issues: security@linjsparklecleaners.com
Response Time: Within 3 business days

πŸ“ž Call Us

Main Line: +254717787242
WhatsApp: +254717787242
Available: Monday - Saturday, 8:00 AM - 6:00 PM EAT
Emergency: 24/7 for security breaches

βœ‰οΈ Write to Us

Data Protection Officer
Linj Sparkle Cleaners
P.O. Box 21
Kitale, Trans-Nzoia County
Kenya

🏒 Visit Our Office

Location: Kitale Town Center
Hours: Monday - Friday: 9:00 AM - 5:00 PM
Appointment: Recommended - call ahead to schedule
What to Bring: Valid ID for verification

13.2 Lodge a Complaint with Authorities

If you're not satisfied with our response to your data protection concerns, you have the right to lodge a complaint with:

πŸ‡°πŸ‡ͺ Office of the Data Protection Commissioner (ODPC), Kenya

Physical Address: Kalamu House, Civic Centre Precinct, Ngong Road, Nairobi
Postal Address: P.O. Box 43137-00100, Nairobi, Kenya
Email: info@odpc.go.ke
Complaints: complaints@odpc.go.ke
Phone: +254 20 2664 000 / +254 719 970 000
Website: www.odpc.go.ke
Working Hours: Monday - Friday: 8:00 AM - 5:00 PM

13.3 What Happens After You Contact Us

Day 1-3: Acknowledgment

We acknowledge receipt of your inquiry and assign a reference number

Day 3-7: Initial Review

We review your request and may contact you for clarification

Day 7-30: Investigation & Response

We investigate thoroughly and provide a detailed response

Day 30+: Follow-up

For complex cases, we may extend to 60 days with explanation

13.4 Updates to This Data Protection Policy

We may update this policy to reflect changes in our practices, technology, legal requirements, or business operations.

We will notify you of significant changes through:

  • Prominent notice on our website homepage
  • Email notification to registered users
  • Update to the "Last Updated" date
  • Social media announcements

Your continued use of our services after changes constitutes acceptance of the updated policy.

13.5 Related Policies & Resources

πŸ“š Additional Privacy Documentation:

βœ… Data Protection Policy Summary

Key Points to Remember:

  • We protect your data: Comprehensive security measures safeguard your information
  • You have rights: Access, correct, delete, and control your personal data
  • We're transparent: Clear communication about data collection and usage
  • We're accountable: Registered with ODPC and committed to compliance
  • We're here to help: Contact us anytime with privacy questions or concerns
  • Your trust matters: We never sell your data and only share when necessary

πŸ›‘οΈ Our Data Protection Commitment

At Linj Sparkle Cleaners, we pledge to handle your personal information with the highest standards of care, security, and respect. Your privacy is not just a legal requirementβ€”it's a fundamental value that guides everything we do. We are committed to earning and maintaining your trust through transparent, responsible data practices.

🏠 Experience Our Professional Cleaning Services

Your data is protected. Your spaces will sparkle. Book with confidence!

πŸ”’ CERTIFIED DATA PROTECTION & SECURITY

πŸ‡°πŸ‡ͺ
ODPC Registered
Kenya DPA 2019
πŸ›‘οΈ
SSL Encrypted
256-bit Security
βœ“
GDPR Compliant
EU Standards
πŸ”
Secure Payments
PCI DSS Certified
πŸ‘₯
No Data Selling
Privacy Guaranteed
πŸ“‹
ISO Aligned
Best Practices

❓ Frequently Asked Questions

How long do you keep my personal data?

We retain your data only as long as necessary for the purposes outlined in this policy. Active customer data is kept for the duration of our relationship plus 2 years. Financial records are kept for 7 years per tax law requirements.

Can I request deletion of my data?

Yes! You have the right to request deletion of your personal data. Contact us at privacy@linjsparklecleaners.com. Note that we may need to retain certain data for legal compliance.

Do you sell my personal information?

Absolutely not! We never sell, rent, or trade your personal information to third parties. We only share data with trusted service providers who help us deliver our services, and they are contractually bound to protect your information.

How do I update my personal information?

You can update your information by logging into your account, contacting us directly, or submitting a rectification request. We respond to all update requests within 30 days.

What happens if there's a data breach?

We have a comprehensive breach response protocol. We'll notify you and the ODPC within 72 hours, explain what happened, what data was affected, and what steps we're taking to address the situation.

Is my payment information secure?

Yes! We use PCI DSS certified payment processors and never store full credit card numbers, CVV codes, or M-Pesa PINs on our servers. All payment data is encrypted and securely processed.

Document Information: Data Protection Policy v2.0

Last Updated: April 16, 2026 | Effective Date: April 16, 2026 | Next Review: October 2026

Approved By: Data Protection Officer & Management Board

ODPC Registration: 3124676899 | Classification: Public Document

Β© 2026 Linj Sparkle Cleaners. All rights reserved.
Professional Cleaning Services in Kitale, Trans-Nzoia County, Kenya
Committed to Data Protection Excellence

πŸ“ Acknowledgment: By using our services, you acknowledge that you have read, understood, and agree to be bound by this Data Protection Policy. If you do not agree with any part of this policy, please do not use our services and contact us to discuss your concerns.