Privacy
Protocols.
At TechBytes, data protection is a core engineering requirement. This document outlines our data sovereignty standards and regional compliance framework.
01. Data Collection Architecture
We minimize data collection to the absolute requirements for system functionality and regional compliance. We do not engage in "shadow profiling."
| Type | Purpose |
|---|---|
| Identity Data | Communication & service delivery. |
| Technical Logs | Security auditing & performance. |
| Compliance | KRA/TRA Tax Gateway reporting. |
02. Processing Pillars
Our "Default-to-Secure" processing is built on three pillars:
- Infrastructure Integrity: Monitoring for malicious traffic and gateway security.
- Explicit Consent: No tracking without active user opt-in.
- Legal Obligation: Adhering to the Kenya Data Protection Act (2019).
03. Regional Data Sovereignty
As a regional node for East African tech, we acknowledge that your data has borders. We prioritize regional data centers to keep East African data within local nodes (Nairobi/Dar es Salaam) whenever technically feasible.
04. Administrative Rights
Users possess the following "Admin Rights" over their information:
Right to Erasure
The "Kill Switch"—request a total purge of non-mandatory data.
Right to Access
Request a full JSON export of all data stored on our systems.
Initialize Data Request
Contact our Data Protection Officer (DPO) to trigger your privacy rights.