Data Protection and Privacy Policies

Compliance Framework

Data Privacy & Protection Policy

Effective Date: June 12, 2026 | Last Updated: June 12, 2026

1. Scope & Introduction

The County Government of Laikipia is committed to protecting the privacy and personal data of its citizens, business entities, and visitors. This policy explains how we collect, store, secure, and process personal data across our official online platform, http://www.laikipia.go.ke, and all digital county sub-portals.

This policy is structured in strict alignment with the Kenya Data Protection Act (2019). As a data controller, the County Government ensures that all data pipelines adhere to principles of transparency, legality, minimization, and structural security.

2. Information We Collect

We log explicit personal data only when you register for online administrative services, make public inquiries, or execute local revenue payments. The data tiers collected encompass:

Category Data Points Collected Collection Method
Personal Identifiers Full Legal Name, National ID / Passport Number, KRA PIN. County service application forms and user registration portals.
Contact Information Phone Number, Postal Address, Active Email Address. Contact directories, complaint desks, and alert sign-ups.
Transactional Logs Payment reference slips, billing numbers, and timestamps. Unified local county revenue checkout options.
Technical Data IP Address, browser configuration, navigation logs. Automated functional analytics tools.

3. Purpose of Processing

Laikipia County limits processing solely to execution mandates under local county legislation, including:

• Authenticating identities for access to restricted public registries.
• Dispensing official services, license processing, and development approvals.
• Real-time dispatch of alerts concerning emergency notices or public participation schedules.
• Security threat prevention, system integrity monitoring, and fraud discovery.

Statutory Minimization Notice

We do not lease, trade, or package commercial citizen data profiles for external profit. Processing occurs exclusively within authorized state structures.

4. Information Sharing & Transfers

Your details may be securely accessed by or transferred to dedicated government entities exclusively under strict legal conditions:

1. National State Infrastructure: Sharing with entities such as the Kenya Revenue Authority (KRA) or the National Transport and Safety Authority (NTSA) to process tax tracking or trade licensing verification workflows.
2. Financial Channels: Passing necessary payment keys to authorized banking institutions or integrated mobile network operators to settle transaction loops.
3. Legal Mandates: Handover to judicial authorities or law enforcement institutions when demanded by an active court order under Kenyan laws.

5. Data Security Protocols

To preserve data integrity, the County Government maintains multiple layers of operational security protections:

Transport Cryptography: Forced HTTPS configuration using TLS 1.3 encryption across all site URLs to shield data entry layers.
Identity Safeguards: Cryptographic password hashing coupled with access control limits to block unverified administrative exposure.
Infrastructure Shields: Continuous firewall tracking, periodic intrusion vulnerability sweeps, and automated isolated server backups.

6. Your Statutory Rights

Under the provisions of the Data Protection Act (2019), citizens and system visitors possess clear legal protections over their shared data assets:

Right to Access

Request copies of all your personal data archived within county storage environments.

Right to Rectification

Demand immediate correction of inaccurate, incomplete, or outdated records.

Right to Erasure

Request data deletion if processing violates statutory public mandates.

Right to Object

Halt processing activities reliant solely on consent models or automated tracking.

7. Data Protection Officer (DPO) Desk

For inquiries regarding data records, operational corrections, or to submit a formal data right execution request, contact our administrative protection office:

County Data Protection Officer

County Headquarters, Block C

P.O. Box 11-20321, Rumuruti, Kenya

Email: privacy@laikipia.go.ke