Preloader images
Preloader icon

Privacy Policy

Yeva Group > Privacy Policy

Last updated: 01 June 2022

Version: 3.0

Introduction

This notice is set out to give guidance and help you understand what information we collect at Yeva Group Ltd. We own the cloud- based YevaPass Visitor Management Software (a mobile app and web system), including all instructions in hard copy or electronic form and any update, modification or release of any part of that software.
Maintaining data privacy and data protection is a priority for us. This Privacy Policy sets out how we will collect, use, disclose and protect your personal data. Please read this Privacy Policy carefully to understand our views and practices regarding your personal data and how we treat it.
Any questions relating to this document should be sent to: info@yevagroup.org
Yeva Group Ltd is owner and developer of the YevaPass Software. Where below we refer to ‘our software’ we are referring to YevaPass Software and any products associated with YevaPass. Where we refer below to, ‘we’, ‘us’ or ‘our’ we are referring to Yeva Group Ltd and its subsidiary companies.
We have taken every step to ensure compliance with the Data Protection Regulations with respect to collection, use and retention of data.

Changes to this Policy

We may change this policy from time to time, and if we do we will post any changes on this page. Unless stated otherwise, the change will apply from the date that we upload the revised policy.
If you continue to use our services after those changes are in effect, you agree to the revised policy.

What Personal Data do we collect?

Content and information submitted by yourself to Yeva Group Ltd is referred to in this notice as ‘personal data’.

There are three main categories of personal data we collect, hold and process:

    1. Account Data is personal data we collect about you in connection with the creation or administration of a customer account. The Account Data we collect may include your name, your company, job title, phone numbers, and other information required to provide a service or information you have requested from us. The legal basis of our processing of Account Data is necessity for the performance of a contract to which you or your employer are a party.
    2. Visitor Data is personal data about a Customer’s visitors that is input into YevaPass applications. Visitor Data may include visitors’ names, phone numbers, email addresses, company name, department, vehicle information (such as number plates), or any other information that a Customer decides to capture about its visitors for verifying identities of individuals for security purposes. We will not disclose, move, access, process or use Visitor Data except as expressly instructed by our Customer in line with our contract with them or as per further written instructions as may be provided by the Customer. We require our Customers to comply with applicable privacy and data protection laws.
    3. Website Data. We collect, and store information about all visitors who come and take a look at our website. Whether you actively provide us with information by filling in an enquiry form or are merely browsing, the IP address of the computer you are using, the browser software and operating system, the date and time you access our website and the internet address of the website from which you visited website. This information is really helpful to us and lets us track website usage, measure the number of visitors to the different sections of our website and helps us make the content we provide for you more useful.

For the purposes of the Data Protection Act:

  • We are the Data Processor’s (as defined in the Data Protection Act No. 24 2019 in the Republic of Kenya) when processing Account Data and Visitor Data.
  • We act as a Data Processor on behalf of our Customers (who are the Data Controller) when processing Visitor and Account Data. We shall only process Data in line with our contract with our Customer and as per any further written instructions which they may provide.

How do we use your Personal Data?

We will use your personal data:

  • To verify in Real-time when a Guest or Visitor has checked into a premise.
  • To understand and improve the security and transparency protocols by capturing who enters and leaves a premise.
  • For billing and account management;
  • To respond to communications from Clients;
  • To conduct research and statistical analysis (on an anonymized basis);
  • To protect and/or enforce our legal rights and interests, including defending a claim;
  • For any other purpose authorized by you, or as may be permitted under applicable law;

Disclosing and transferring your Personal Data

Personal data will not be transferred to third parties unless one of the following situations applies. We may disclose your personal data to:

  • Any other company within our group of companies or affiliates for the purposes described in this policy.
  • Any business that supports our services and products, including any person that hosts or maintains any underlying IT system or data center that we use to provide the website or YevaPass applications and products;
  • Any other company in the case of a change to our business structure, sale, merger, consolidation, liquidation, dissolution, reorganization, or acquisition; or steps in contemplation of such activities (e.g. due diligence).
  • Any third-party integration provider where you, or your company, has expressly requested such integration service. Yeva Group Ltd and its subsidiaries are not responsible for how the provider of an integration may collect, use and share such data.
  • Comply with legal or regulatory requirements and respond to lawful requests, court orders, and legal processes for supervisory authorities or a law enforcement agency. Protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud.

As part of our DPA compliance obligations we are duty bound to check when considering sharing your personal data with any third parties that they apply the same or greater controls in terms of data protection. All Yeva Group suppliers, affiliates and any other third parties that we may use to store your data are subject to a strict due diligence process to ensure they operate in accordance with DPA, including the use of non-disclosure agreements.