Data Protection & Privacy Solutions

Respond fast. Comply right. Recover trust.

What it does: A data breach can damage your brand and attract penalties if mishandled. The Data Breach Action Pack gives you a ready, compliant playbook to act within hours, not days.

How we help: We support you with:

• Breach identification and containment strategy
• Statutory notification templates for ODPC and affected persons
• Legal risk assessment and response coordination
• Post-incident review and resilience planning

Ideal for:

• Companies managing customer data
• IT, HR, and operations teams needing breach response protocols

Handle data requests correctly, confidently, and on time.

What it does: Organisations are legally required to respond to Data Subject Access Requests within statutory timelines. Failure to comply can attract penalties.

How we help: We help you design a standard response workflow that includes:

• Verification and validation of the requester
• Assessment of exemptions and redactions
• Drafting the official response and delivery letter
• Documentation for audit trail and ODPC compliance

Ideal for:

• HR departments, financial institutions, schools, hospitals, and digital platforms
• Businesses receiving multiple data access or deletion requests

A practical roadmap to full compliance for your organisation.

What it does: Compliance isn’t about ticking boxes — it’s about building trust and resilience. The Data Compliance Blueprint gives your organisation a step-by-step plan to align with the DPA (2019) and global best practice.

How we help: We assess your current practices, map your data flows, and develop a custom compliance framework covering:

• Governance and accountability structures
• Policy and documentation standards
• Staff training and incident response

Ideal for:

• SMEs, startups, and corporates building data operations
• Organisations preparing for audits or regulator engagement

Build privacy into your systems, not as an afterthought.

What it does: Every new system or digital process must integrate privacy from the start. We help you operationalise “Data Protection by Design and Default,” turning compliance into a design advantage.

How we help: Our process blends legal foresight and technical strategy to:

• Embed privacy checks into product or app design
• Create privacy-impact templates and review workflows
• Align your tech stack with legal safeguards

Ideal for:

• Developers, system integrators, and digital service providers
• Businesses launching new digital platforms or data-heavy services

Protect yourself or your business in a data complaint.

What it does: When someone reports you or your organisation to the ODPC, you have a right to respond — but most people don’t know how.

How we help: We help you prepare your defence, respond to investigations, and negotiate compliance outcomes that protect your reputation and operations.

Ideal for:

• Small businesses or startups facing data complaints
• Employers handling employee or client data
• Handlers served with an ODPC notice or summons

Find out what data companies hold about you.

What it does: Under Kenya’s Data Protection Act, you have a right to know what personal data an organisation holds about you, how they got it, and who they’ve shared it with.

How we help: We guide you through making a valid Data Access Request, whether to your employer, a bank, a telecom, or an online platform. You’ll know what to ask for, how to ask, and what to do if they don’t respond.

Ideal for:

• Employees, customers, or subscribers who suspect misuse of their data
• People who’ve been denied access or ignored
• Anyone wanting to confirm what data is held about them

Take action when your data rights are ignored.

What it does: If your Access Request or privacy complaint goes unanswered, you can escalate the issue to the Office of the Data Protection Commissioner (ODPC).

How we help: We prepare and file your complaint properly, with supporting evidence, timelines, and references to the law, to improve your chances of a successful outcome.

Ideal for:

• Individuals whose rights requests were denied or ignored
• Organisations needing guidance before lodging a report
• Whistleblowers or concerned citizens seeking legal support.

Get your legal request drafted right, the first time.

What it does: Not every data issue needs a lawyer — but every request needs to be legally sound.

How we help:

We generate and customise data protection documents for you, including:

• Data Access Requests
• Deletion or Correction Requests
• Withdrawal of Consent letters
• Objection to Processing notices
• You can choose a self-help template or guided drafting session with a lawyer.

Ideal for:

• HR officers, SMEs, and individuals managing personal data issues
• People who want a written record before filing a complaint.