Date: October 2025
eutopiantech Limited and its representatives from time to time (together, and each of them as the context may require, "eutopiantech," "we," or "us") are a forward-thinking software development company based in Kenya. Our mission is to bridge ideas with powerful, scalable, and elegant digital solutions. We provide services ("Services") including custom Web and Mobile Application Development, System Integration, and Dashboard/Admin Panel creation for individuals, businesses, institutions, and any other user of our Services ("Users" or "you").
This Privacy Policy is intended for individuals using our Services and provides information about how we process your personal information. Additional information on the use of our Services is provided in our Terms of Service. By using our Services, you acknowledge and agree to have read, understood, and accepted this statement.
Please refer to the relevant section(s) of this policy to get the information applicable to the Services you are using—see the Table of Contents.
5. eutopiantech’S PRODUCTS AND SERVICES
A. Our Websites and Digital Communication
B. Custom Software Development Services
C. Account Management and Authentication
6. WHERE IS PLATFORM DATA PROCESSED?
Personal Data is any information that can be traced back to an individual User who is a natural person. Examples include your name, email address, phone number, and IP address.
Sensitive Personal Data is information considered "special" in certain jurisdictions (e.g., racial/ethnic origin, religious beliefs, health data, or biometric data). We strictly DO NOT collect or process Sensitive Personal Data. To safeguard personal data, it may be pseudonymized or anonymized where possible.
We recognize our responsibilities regarding the privacy, confidentiality, and transparency of personal data processing. eutopiantech endeavors to process your personal data carefully, securely, and confidentially.
eutopiantech endorses the Kenya Data Protection Act, 2019 (KDPA) and further observes the principles of the European General Data Protection Regulation (GDPR) and other applicable international data protection laws (together the “Data Protection Laws”). We design our Services to ensure we process personal data with a legal basis and in accordance with the purpose for processing, while respecting your right to privacy.
We are the Data Controller for the personal data collected via our website and marketing channels. We act as a Data Processor when developing custom solutions for our clients, in which case the client is the Data Controller.
4. HOW DO WE PROTECT YOUR DATA?
Your personal data will be treated confidentially and will only be processed for the purpose of providing and improving our Services. We use industry-standard technical and organizational measures to secure the information we store.
● We use (sub)processors (like cloud hosting providers) who have privacy/security policies and offer a data processing agreement safeguarding data privacy.
● We only retain data for as long as is necessary for the purposes outlined in this policy or as legally required (e.g., for tax or accounting).
While we implement safeguards designed to protect your information, no security system is impenetrable. Transmission of personal information to and from our Services is at your own risk. We encourage Users to take responsibility for securing their login credentials and devices.
5. eutopiantech’S PRODUCTS AND SERVICES A. Our Websites and Digital Communication
This section applies when you visit our website (www.eutopiantech.com), engage with our sales/marketing content, or contact us via email.
|
Item |
Details |
|
Our Role |
Data Controller |
|
Data Processed & Why |
Contact Data: Names, email addresses, phone numbers, and company information provided via forms or direct inquiry. Purpose: To respond to your inquiries, provide information about our Services, and manage sales leads. Usage Data: IP address, browser type, operating system, and pages viewed. Purpose: To monitor website performance, ensure security, and improve user experience. |
|
Legal Basis |
Our Legitimate Interest in running and improving our marketing channels and performing pre-contractual steps in response to your request. |
|
Data Retention |
For as long as you have an active relationship with us, and thereafter as necessary for our business records or legal compliance. Marketing preferences are retained for a reasonable period after you opt out. |
B. Custom Software Development Services
This section applies when you engage us to develop a custom solution (web app, mobile app, system integration, etc.).
|
Item |
Details |
|
Our Role |
Data Processor on behalf of our client (the Data Controller). |
|
Data Processed & Why |
We process data as instructed by our client per the service agreement. This may include user identifiers (names, emails) and transactional data related to the client's system. Purpose:To build, test, deploy, and maintain the custom digital solution for our client. |
|
Legal Basis |
Our Contractual Obligation (to the client) and the client's legal basis (which they must provide to you). |
|
Data Retention |
As instructed by the client, the Data Controller. |
C. Account Management and Authentication
This section applies if you register an account on a platform provided by eutopiantech.
|
Item |
Details |
|
Data Processed & Why |
Account Data: Names, email addresses, usernames, and passwords (stored securely/hashed). Purpose: To facilitate account creation, authentication, and access to services. Social Login Data: If you use social media to log in (e.g., Facebook, X), we receive profile information (name, email) as described in Section 6. |
|
Legal Basis |
Performance of a Contract (Terms of Service) and our Legitimate Interest in securing user accounts. |
6. WHERE IS PLATFORM DATA PROCESSED?
We utilize modern cloud hosting and development tools.
We host our internal systems and client solutions primarily on secure cloud servers like AWS (Amazon Web Services) utilizing a range of database technologies including SQL, MongoDB, Firebase, and PostgreSQL for reliable and scalable data management. We aim to use servers located in the European Union (EU) or other secure jurisdictions. We utilize third-party services (like payment processors and analytics tools) that may process data in various locations, including the United States of America. In all cases involving international data transfers, we implement Standard Contractual Clauses (SCCs) or other legal mechanisms to ensure data privacy is protected in line with Data Protection Laws.
We may share your personal information in specific situations and with specific third parties:
● Service Providers: We share data with third-party vendors, consultants, and service providers (e.g., hosting providers like AWS, payment processors like Paystacks) who perform services for us or on our behalf.
● Business Transfers: We may share or transfer your information in connection with any merger, sale of company assets, financing, or acquisition.
● Legal Compliance: We may disclose your information where we are legally required to do so to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.
We DO NOT sell or share your personal information with third parties for their direct marketing purposes.
Depending on your geographical location (e.g., Kenya, EU/UK, Canada, or certain US States), you have specific rights concerning your personal data.
|
Jurisdiction |
Right |
Action |
|
All Users |
Right to Access |
Request a copy of the data we hold about you. |
|
All Users |
Right to Rectification |
Request correction of inaccurate or incomplete data. |
|
Kenya (KDPA) & EU/UK (GDPR) |
Right to Erasure |
Request deletion of your personal data under certain circumstances (e.g., data is no longer necessary). |
|
EU/UK & Canada |
Right to Withdraw Consent |
Withdraw any consent you previously gave us at any time. |
|
EU/UK |
Right to Data Portability |
Receive your data in a portable format. |
|
Certain US States |
Right to Opt-Out |
Opt out of the processing of your personal data for targeted advertising, sale, or profiling. |
To exercise any of these rights, please contact us using the details in Section 9. We will respond to your request in accordance with applicable Data Protection Laws.
If you have questions or comments about this policy or wish to exercise your rights, you may contact us via:
|
Method |
Details |
|
|
|
|
Post |
eutopiantech, Nairobi, 16350, Kenya |
If you are located in Kenya and believe we are unlawfully processing your personal information, you have the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC). If you are in the EU/UK, you may file a complaint with your Member State's Data Protection Authority or the UK Information Commissioner's Office (ICO).
We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Date" at the top of this document. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this policy frequently.
DRAWN BY:
CLARET AMASAKHA,
Email: kioi@kioilaw.africa
P105 NUMBER: P.105/25357/25
NAIROBI.