Kenya Data Protection Act

Common Problems

Common Problems

  • What are Kenya's privacy regulations?

    On November 8, 2019, the Kenyan Parliament promulgated the Data Protection Act No. 24, which clarifies the regulatory responsibilities of security authorities and establishes a collaborative governance system for data security. The Act contains the obligations of data controllers and data processors, as well as the principles of personal data protection and requirements for data transmission outside Kenya. On March 17, 2022, Kenya's Congress reviewed and approved the Data Protection (General) Regulations, which aims to clarify the applicable scope of the principles and obligations specified in the Data Protection Act. This regulation specifies the rights of authorized data subjects, restrictions on the commercial use of personal data, obligations of data controllers and data processors, data protection elements, and compliance requirements for transferring personal data outside Kenya.

  • What is the applicable scope of Kenya's privacy regulations?

    Kenya's privacy regulations apply to all data collected, used, or disclosed in Kenya. In the event that a data controller is questioned by a supervisory organization, the controller must ensure that all data sent from Kenya is protected as required in the privacy regulations, regardless of whether the supervisory organization is located in Kenya or whether the organization is recognized by Kenya laws. For details, see Huawei Cloud Compliance with Kenya Privacy Protection Regulations.

  • Where is my content data stored?

    Huawei Cloud has data centers in multiple regions around the world, including Asia, Europe, and the Americas. Data centers in each region are physically isolated. You can choose which region your services are deployed in. For example, if you choose a regional site in Singapore, your content and data will be stored in a Singapore-based data center. Huawei Cloud will not transfer your content or data to other regions without your explicit consent, or unless other legal obligations are presented.

    If you need Huawei Cloud's assistance in cross-border transfer of content data that contains personal data, contact and authorize Huawei Cloud. Huawei Cloud will transfer the data according to your authorization.

  • As a customer of Huawei Cloud, what laws and regulations should I comply with?

    Since you have full control over your content data, you should correctly identify personal data on the cloud, use appropriate services, and develop security and personal data protection policies to ensure personal data security. In addition, you can use multiple privacy protection services provided by Huawei Cloud to strengthen personal data protection. For details, see Huawei Cloud Compliance with Kenya Privacy Protection Regulations.

  • How can Huawei Cloud help me comply with Kenya Privacy Regulations?

    Huawei Cloud has conducted in-depth analysis of Kenya privacy protection requirements to help you understand the different roles and responsibilities that you and Huawei Cloud have. In addition, Huawei provides a wide range of services that help you meet privacy protection requirements. For details, see chapter 5 of Huawei Cloud Compliance with Kenya Privacy Protection Regulations.