Data Protection
All Services
DATA PROTECTION
Adhiambo Okech & Associates Advocates LLP assists in protection of data and compliance with Data Protection Regulations. The Data Protection Act No. 24 of 2019 follows the path taken by the European Union in enacting the General Data Protection Regulation (GDPR) in May 2018 and makes Kenya the third country in East Africa to have legislation dedicated to data protection.
Our Data Protection department advises on your company’s obligations under data protection laws, including the General Data Protection Regulation and prepares agreements to ensure compliance with applicable regulations. Our team has experience addressing data protection in a wide variety of areas including human resources, outsourcing, licensing and technology.
Our core expertise includes:
- Drafting privacy and cookie notices
- Ensuring agreements comply with data protection laws
- Analyzing current conformity with data protection regulations
- Advising on obligations as a data controller or a data processor
- Advising on cross-border transfers of personal data
- Advising on the security of personal data and managing data breaches
- Training on data protection law tailored to your business
Frequently Asked Questions about Data Protection
Data protection refers to the practices and laws designed to safeguard personal information from unauthorized access, use, disclosure, or destruction. It’s crucial because it helps maintain the privacy and security of individuals' data, ensures compliance with legal regulations, and builds trust between businesses and their clients.
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that governs how personal data should be handled by organizations operating within the European Union (EU) or dealing with EU citizens. Even if your business is outside the EU, GDPR may still apply if you offer goods or services to, or monitor the behavior of, EU citizens. Compliance is essential to avoid significant penalties.
Compliance involves several steps, including conducting data audits, implementing data protection policies, training employees on data privacy, ensuring secure data storage and processing, and having protocols in place for data breach response. Our team can assist you in assessing your current practices and developing a comprehensive compliance strategy tailored to your business needs.
If a data breach occurs, it’s essential to act quickly. Start by identifying and containing the breach, assess the impact, and notify affected individuals and relevant authorities as required by law. We can help you navigate the legal requirements, manage the breach response, and mitigate potential damage to your reputation and legal standing.
Data protection policies should be reviewed and updated regularly—at least annually or whenever there is a significant change in your business operations, technology, or applicable laws. Staying proactive in updating your policies helps ensure ongoing compliance and the security of personal data.