Get In Touch

Privacy Policy

1. INTRODUCTION

X.Agentica (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the security of your personal data in accordance with the Data Protection Act, 2019 of Kenya (the “Act”). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our AI automation services, visit our website, or interact with us.

2. DEFINITIONS

  • Personal Data means any information relating to an identified or identifiable natural person
  • Data Controller means X.Agentica, which determines the purposes and means of processing personal data
  • Data Processor means any person who processes personal data on behalf of X.Agentica
  • Data Subject means the individual whose personal data is being processed
  • Processing means any operation performed on personal data, including collection, storage, use, and disclosure

3. DATA PROTECTION PRINCIPLES

We adhere to the following data protection principles as outlined in the Data Protection Act, 2019:

  1. Lawfulness, Fairness, and Transparency: Processing personal data lawfully, fairly, and in a transparent manner
  2. Purpose Limitation: Collecting personal data for specified, explicit, and legitimate purposes
  3. Data Minimization: Processing only adequate, relevant, and limited data necessary for the purposes
  4. Accuracy: Ensuring personal data is accurate and kept up to date
  5. Storage Limitation: Retaining personal data for no longer than necessary
  6. Integrity and Confidentiality: Processing personal data securely and protecting against unauthorized access

4. PERSONAL DATA WE COLLECT

  • We may collect and process the following categories of personal data:

    Business Information:

    • Company name and registration details
    • Business contact information
    • Professional credentials

    Contact Information:

    • Names and job titles
    • Email addresses
    • Phone numbers
    • Postal addresses

    Technical Data:

    • IP addresses
    • Browser type and version
    • Device identifiers
    • Usage data and analytics
    • System performance metrics

    Service Data:

    • AI automation requirements
    • Business process information
    • Integration preferences
    • User-generated content

    Financial Information:

    • Payment details (processed through secure third-party providers)
    • Billing addresses
    • Transaction history

5. LAWFUL BASIS FOR PROCESSING

We process personal data based on the following lawful grounds under the Data Protection Act, 2019:

  1. Consent: Where you have given explicit consent for specific processing activities
  2. Contractual Necessity: Processing necessary for the performance of a contract with you
  3. Legal Obligation: Processing necessary for compliance with legal obligations
  4. Legitimate Interests: Processing necessary for our legitimate business interests, provided these are not overridden by your rights and interests

6. HOW WE USE YOUR PERSONAL DATA

We use personal data for the following purposes:

  • Service Delivery: Providing AI automation services and support
  • Account Management: Managing user accounts and authentication
  • Customer Support: Responding to inquiries and providing technical assistance
  • Service Improvement: Analyzing usage patterns to enhance our services
  • Communication: Sending service updates, security alerts, and marketing communications (with consent)
  • Legal Compliance: Meeting regulatory and legal obligations
  • Security: Protecting against fraud, unauthorized access, and other security risks

7. DATA RETENTION

We retain personal data for the following periods:

  • Active Accounts: For the duration of your active account
  • Inactive Accounts: 2 years after account closure, unless longer retention is required by law
  • Financial Records: 7 years as required by Kenyan tax law
  • Marketing Data: Until you withdraw consent or 2 years after last interaction

8. DATA SUBJECT RIGHTS

Under the Data Protection Act, 2019, you have the following rights:

  • Right of Access: Request access to your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data (“right to be forgotten”)
  • Right to Restriction: Request limitation of processing activities
  • Right to Data Portability: Request transfer of your data to another controller
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent at any time
  • Right to Lodge Complaint: File complaints with the Office of the Data Protection Commissioner

To exercise these rights, contact us at privacy@xagentica.xyz

10. DATA SHARING AND THIRD PARTIES

When transferring personal data outside Kenya, we ensure:

  • Adequate Safeguards: Verifying the receiving country has adequate data protection laws
  • Consent: Obtaining explicit consent for transfers where required
  • Standard Contractual Clauses: Using approved contractual mechanisms
  • Cloud Services: Ensuring cloud providers comply with Kenyan data protection standards

11. INTERNATIONAL DATA TRANSFERS

We may share personal data with:

Service Providers:

  • Cloud hosting providers (within Kenya or with adequate safeguards)
  • Payment processors
  • Analytics providers
  • Customer support platforms

Legal Requirements:

  • Law enforcement agencies when legally required
  • Regulatory bodies as mandated by law
  • Professional advisors (lawyers, auditors)

Business Transfers:

  • In connection with mergers, acquisitions, or asset sales

All third-party processors are contractually obligated to implement appropriate security measures and process data only in accordance with our instructions.

13. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar technologies to:

  • Maintain user sessions
  • Analyze website performance
  • Personalize user experience
  • Provide targeted advertising (with consent)

You can control cookie preferences through your browser settings.

14. CHILDREN’S PRIVACY

Our services are not directed to children under 18. We do not knowingly collect personal data from children. If we discover such data has been collected, we will delete it promptly.

15. DATA BREACH NOTIFICATION

In the event of a personal data breach, we will:

  • Notify the Office of the Data Protection Commissioner within 72 hours where feasible
  • Notify affected data subjects without undue delay where the breach poses high risk
  • Provide details of the breach and recommended mitigation measures

17. COMPLAINTS PROCEDURE

If you have concerns about our data processing activities:

  1. Contact us at ek.oc.acitnegax@ycavirp
  2. We will respond within 30 days
  3. If unsatisfied, you may lodge a complaint with:
    • Office of the Data Protection Commissioner
    • Address: 12th Floor, UAP Old Mutual Tower, Upper Hill, Nairobi
    • Email: ek.og.cpdo@stnialpmoc
    • Phone: +254 709 854 000

18. CHANGES TO THIS POLICY

We may update this Privacy Policy periodically. We will:

  • Post the updated policy on our website
  • Notify you of significant changes via email
  • Indicate the “Effective Date” at the top of the policy
  • Maintain previous versions for reference

19. CONTACT INFORMATION

X.Agentica AI Automation & Services

  • Emailprivacy@xagentica.xyz
  • Phone: +254 [Insert Number]
  • Website: www.xagentica.xyz

By using our services, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your personal data as described herein.

This policy is drafted in compliance with the Data Protection Act, 2019 of Kenya and reflects our commitment to protecting your privacy rights under Kenyan law.