This Data Protection Policy has been developed as a guide to Fundilima Sacco in the management of stakeholders’ data. Fundilima Sacco obtains, uses, stores and otherwise processes personal data relating to its stakeholders such as potential and current employees, former staff, members, suppliers, visitors to Sacco premises, contractors and website users, collectively referred to in this policy as data subjects. This Policy sets out how the Sacco manages those responsibilities.
In developing this Policy, the BOD intends to have this as the primary reference point for all matters on data protection in the Sacco. Contents of this Policy will therefore be carefully studied and implemented, as it constitutes an integral part of the Society’s compliance and risk management processes. The Policy will be circulated to all Sacco employees to enable them to familiarise themselves with the provisions herein.
The Sacco heavily draws its data policy guidelines from the Data Protection Act, 2019 and the Data Protection General Regulations, 2021. When processing personal data, the Sacco is obliged to fulfil individuals’ reasonable expectations of privacy by complying with the Act and related Regulations and other relevant data protection legislation.
The policy document is therefore intended to ensure that the Sacco:
- Is clear about how personal data must be processed and the Sacco’s expectations for all those who process personal data on its behalf;
- Complies with existing data protection laws and with good practice;
- Protects its reputation by ensuring the personal data entrusted to it is processed per data subjects’ rights;
- Protects itself from risks of personal data breaches and other breaches of data protection law.
Download here:
