• Email: info@odpc.go.ke
  • Phone: 0207801800
  • Opening : Mon-Fri 08:00 - 17:00
Facebook Youtube Linkedin

STEP 1 - Notifications

Data handler details
2. Occupation of the Organization's Representative — Select one

STEP 2 - Self Assessment

Part 1 - Processing Details
3. Does your organization process personal data?
This data includes data sets such as names, contact Phone number, addresses, KRA PIN, SHA numbers etc. This data may be gotten from your stakeholders e.g. employees, customers, suppliers, interns etc.

4. Describe the information flow of personal data, including:

the means

5. What is the lawful basis relied upon for processing this data?

Select the applicable lawful basis from the list below (An entity can select more than 1 basis)

Part 2 - Governance documents

6. Does your organisation have an approved data protection policy?
Drag & Drop Files, Choose Files to Upload
9. Does your organization have an information security policy or documentation showing how personal data is protected/safeguarded?
Drag & Drop Files, Choose Files to Upload

10. Evidence of Data Protection Practices:

Provide demonstrable evidence of how your company implements data protection practices, evidence of Data Protection Practices including but not limited to:
(Describe your data retention procedures)
How is this actualized in your systems?
Describe your consent management approach
Describe your breach response procedures, plans and or protocols
Describe relevant localization steps taken – if within the sectors that must localize.
Save and Resume Later

Address

  • P.O Box 30920-00100 G.P.O Nairobi, Kenya
  • Britam Towers 12th Floor Hospital Road, Upperhill, Nairobi Kenya.
  • Mon - Fri: 8.00 am - 5.00 pm
Facebook Youtube Linkedin

Get in Touch

  • info@odpc.go.ke
  • enquiries@odpc.go.ke
  • training@odpc.go.ke
  • 0207801800
  • 0796954269/ 0752896867
  • Chatbot

Related Links

Copyright © 2026 Office of the Data Protection Commissioner (ODPC). All Right Reserved.

Data Protection Statement

Linda Data
ODPC Bot