Hirani Telcom Logo

Privacy Policy

Hirani Telcom Kenya Ltd — Privacy Policy for Internet Service
Last Updated: 01 January 2025
TRV Towers, Ngara Rd, Nairobi, Kenya • +254111052490

1. Introduction and Definitions

This Privacy Statement explains how Hirani telcom kenya LTD (referred to as "Hirani Telcom," "we," "us," or "our") collects, uses, processes, and discloses your personal data when you use our services. We are committed to protecting your privacy and handling your data in accordance with the Kenya Data Protection Act, 2019 (DPA).

This Statement should be read together with the Terms and Conditions for the specific services you use.

Definitions:

  • "Customer," "you," or "your": means you, the person who subscribes to, purchases, or uses our Services.
  • "Personal Data": means any information relating to an identified or identifiable natural person, as defined by the DPA.
  • "Service(s)": means any and all products and services provided by Hirani Telcom, including but not limited to our Fibre-to-the-Home (FTTH) internet, Business Internet, Voice over IP (VoIP), Direct-to-Home (DTH) satellite TV, the https://hiranitelcom.co.ke website, and our customer selfcare portal.

2. What Information We Collect About You

We collect your personal data to provide our Services to you. We are required by law (including KYC regulations) to collect certain information to verify your identity.

We collect the following categories of information:

a) Customer Registration & KYC Information:

  • Your name, date of birth, and gender.
  • Your physical address (for service installation) and postal address.
  • Your national ID number, passport number, or alien ID number.
  • Your phone number and email address.
  • A copy of your ID, passport, or other identification document.

b) Selfcare Portal, Payment, and Support Data:

  • Your customer account number and login credentials for the selfcare portal.
  • Payment information, including your Safaricom Mpesa phone number and transaction records.
  • Records of your communications with us, such as support tickets, emails, or call records when you submit a complaint or query.

c) Service Usage and Network Data:

  • Information about your use of our Services, such as your data consumption, internet protocol (IP) addresses, device type, and browser.
  • For VoIP services, this may include call detail records (phone numbers called/received, call duration), as required by law.

d) Website and Cookie Data:

  • Information collected via cookies when you visit https://hiranitelcom.co.ke. This helps our website function and helps us understand visitor traffic. We use necessary, performance, and functional cookies.

3. How and Why We Use Your Personal Data

We use your data for the following specific purposes, based on a clear legal basis:

Purpose of Use — Type of Data Used — Legal Basis (under the DPA)
Purpose of Use Type of Data Used Legal Basis (under the DPA)
To Provide and Manage Your Service (e.g., install your connection, provide internet/TV, manage your selfcare portal account). Registration, KYC, Support Data Performance of a Contract
To Bill You and Process Payments (e.g., send invoices, process your Mpesa payments). Registration, Payment Data Performance of a Contract
To Comply with Legal & Regulatory Obligations (e.g., verifying your identity (KYC) as required by the Communications Authority). Registration, KYC, Usage Data Legal Obligation
To Provide Customer Support (e.g., respond to your complaints, troubleshoot technical issues). Registration, Support Data, Usage Data Performance of a Contract / Legitimate Interest
To Secure Our Network and Prevent Fraud (e.g., detecting unauthorized access or security threats). Registration, Usage Data Legitimate Interest / Legal Obligation
To Improve Our Services (e.g., analyzing website traffic, understanding service demand to improve network performance). Anonymized Usage Data Legitimate Interest
To Communicate with You (e.g., notify you of service maintenance, changes to terms, or billing issues). Registration, Support Data Performance of a Contract

4. How We Share Your Information

We do not and will not sell your Personal Data. We only share your information in the following limited circumstances:

  • Payment Processors: We share your phone number and transaction details with Safaricom (Mpesa) to process your payments.
  • Third-Party Service Providers: We may use other companies to help us provide our Services (e.g., website hosting, network maintenance contractors). These "data processors" are bound by contract to only use your data for the purpose we hired them for and to keep it secure.
  • Legal and Regulatory Authorities: We may be required to disclose your Personal Data to comply with the law, a court order, or a valid request from a government or regulatory body (such as the Communications Authority of Kenya or law enforcement).
  • To Prevent Fraud: We may share information if it is necessary to detect or prevent fraud or to protect the security of our network and Services.

5. Data Retention

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Statement and to comply with our legal obligations.

By law (e.g., tax, anti-money laundering, or telecommunications regulations), we may be required to retain certain information (like KYC data and billing records) for a specified period after you cease to be a customer.

6. Data Security

We are committed to protecting your data. We have implemented appropriate technical and organizational security measures to protect your Personal Data from accidental loss, unauthorized access, alteration, or disclosure. These measures include data encryption, access controls, and secure servers.

7. Your Data Protection Rights (Under the Kenya DPA)

As a data subject in Kenya, you have the following rights regarding your Personal Data:

  • The right to be informed about how we are using your data.
  • The right to access a copy of the personal data we hold about you.
  • The right to rectification (to have any inaccurate or incomplete data corrected).
  • The right to erasure (to request the deletion of your data, where we do not have a legal reason to continue holding it).
  • The right to object to the processing of your data.
  • The right to restrict processing (to limit how we use your data).
  • The right to data portability (to receive your data in a structured, machine-readable format).

To exercise any of these rights, please contact us using the details in Section 10. We may ask for proof of identity to process your request. You also have the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC) in Kenya if you believe we are not processing your data in accordance with the law.

8. Children's Privacy

Our Services are not intended for or directed at anyone under the age of 18 ("Children"). We do not knowingly collect Personal Data from children. If you are a parent or guardian and become aware that your child has provided us with Personal Data, please contact us immediately.

9. Changes to This Privacy Policy

We may update this Privacy Statement from time to time to reflect changes in our practices or for legal reasons. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date at the top.

10. How to Contact Us

If you have any questions, concerns, or requests regarding this Privacy Statement or your data, please contact us: