×

Privacy Policy

  • Home
  • Privacy Policy

Privacy & Data Protection Policy

Expertech Electrical Contractors Ltd

Effective Date: 30 May 2021

Last Updated: 18 May 2026

Introduction

At Expertech Electrical Contractors Ltd (“Expertech”, “we”, “us”, or “our”), we are committed to protecting your privacy. This Privacy and Data Protection Policy explains the types of personal data we collect, the reasons for collecting it, how we process it, and how you can exercise your rights regarding your personal information.

This policy applies to all individuals including customers, suppliers, contractors, and visitors interacting with Expertech offices, systems, or websites.

Definitions

Customer

Individuals requesting electrical installation, maintenance, solar sizing, consultancy, or related services.

Supplier / Contractor / Agent

Individuals or companies engaged to provide goods or services to Expertech.

Visitor

Any person accessing Expertech premises including subcontractors and third parties.

Personal Data

Information identifying a natural person such as names, identification numbers, and contact details.

Sensitive Personal Data

Data requiring additional protection including health records, biometric information, financial data, or property details.

Data Controller

Expertech Electrical Contractors Ltd which determines the purposes and means of processing personal data.

Utility Account Data

Technical credentials, meter numbers, consumer numbers, token histories, historical consumption metrics, and tariff tiers associated with a customer's electrical utility accounts.

Collection of Information

We collect personal data when you:

  • Request electrical services such as installation, inspection, or maintenance
  • Engage our engineering teams for energy auditing, solar sizing, and renewable designs
  • Provide account numbers, meters, or tokens via our websites, application forms, or physical work contracts
  • Contact us via phone, email, or website forms
  • Visit our offices or project sites
  • Engage with us as a contractor, supplier, or consultant
  • Participate in surveys, events, or promotions

We may also pull historical data and electrical load statistics directly from public records, government systems, or utility providers (such as Kenya Power and Lighting Company - KPLC) under authorized agency parameters.

Information We Collect

Identity Information

Name, national ID number, KRA PIN, email address, phone number, and physical address.

Service Details

Project location, property information, land ownership documents, and installation data.

Financial Information

Bank account details, invoices, payment records, and billing data.

Utility Profiling Data

Utility account numbers, meter numbers, load profiles, billing trends, average energy consumption records, and current tariff classifications.

Usage Data

Browser information, IP address, device details, and website interactions.

CCTV & Visitor Logs

Security camera recordings and visitor register records when accessing company premises.

Technical Installation Data

Operational data from installed systems where remote monitoring, smart-metering, or ongoing maintenance services apply.

Use of Information

Your personal and technical utility information may be used to:

  • Provide professional electrical installation, asset maintenance, and engineering consultancy services
  • Execute accurate energy profiling to determine average energy consumption, evaluate billing trends, and analyze historical tariff architectures
  • Develop customized engineering solar PV designs, load calculations, and energy auditing solutions
  • Act as your authorized technical agent when coordinating grid connections, technical verifications, or disconnections directly with electrical utility providers
  • Process client payments, clear corporate invoices, and track billing data
  • Communicate project updates, power status changes, or technical maintenance notices
  • Meet legal regulatory requirements from EPRA, KPLC, REREC, or other government authorities
  • Maintain site, network, and physical workplace security
  • Conduct internal engineering audits, product surveys, and system optimizations
  • Prevent fraudulent activities and secure company field operations

Lawful Basis for Processing

Contractual Necessity

Processing required to provide requested services, generate engineering designs, or execute signed field milestones.

Legal Obligation

Compliance with strict statutory frameworks under the Energy Act, 2019 and relevant EPRA guidelines.

Explicit Consent

Where individuals explicitly opt-in to technical account profiling and agency representation by executing a standalone Supply Application Form, Project Quotation Approval, or physical Work Contract.

Legitimate Interests

Ensuring system security, analyzing accurate electrical load configurations, maintaining service quality, and business continuity.

Vital Interests

Protecting human life, high-voltage infrastructure isolation, or physical safety in emergency situations.

Retention of Data

Personal data and historical utility metrics are retained only for the period necessary to fulfill core service delivery, technical tracking, legal compliance, and contract dispute resolution requirements.

Where project lifecycles conclude, anonymized load metrics and structural consumption data may be retained indefinitely for engineering analysis, statistical modelling, or research purposes.

Data Sharing Guidelines

Developers & Technical Partners

Limited access may be granted to internal or contracted software developers strictly for system development, troubleshooting, database maintenance, or security testing of our sizing tools. All such access is strictly monitored and subject to strict confidentiality obligations.

Utility Providers & Representation

To facilitate structural applications, grid approvals, or system testing, Expertech shares technical customer data directly with utility providers. By executing our signed Work Contracts or Supply Application Forms, customers grant Expertech the authority to act as an authorized agent on their behalf to coordinate processing parameters directly with the utility provider, especially in instances where the client is physically unavailable.

Data may be shared based on:

  • Customer consent and signed execution documents
  • Contractual necessity with technical subcontractors
  • Legal obligations to regulators such as EPRA, KPLC, REREC, or tax authorities
  • Legitimate interests such as technical risk evaluations, fraud prevention, or engineering safety audits

All sharing follows strict safeguards including:

  • Formal data sharing and non-disclosure agreements
  • Encrypted transfer methods for utility credentials
  • Secure file systems or VPN connections
  • Use of anonymized or aggregated data footprints where possible

Data Security

Encryption

Sensitive profiling metrics and financial details are protected through encryption technologies.

Secure Storage

Data is stored using secure cloud infrastructure, role-based access management, and backup configurations.

Monitoring

Systems are audited continuously to identify and deter unauthorized database access.

Staff Training

Engineering and operations personnel receive training on confidentiality, account tokens, and data protection.

Data Breach Handling

  • Incidents are immediately reported to the Data Protection Officer.
  • Breaches are investigated and thoroughly documented.
  • The Office of the Data Protection Commissioner (ODPC) is notified within 72 hours.
  • Affected individuals are informed promptly in line with section 43 of the Act.
  • Preventive technical corrective actions are implemented.

Your Rights Under the Data Protection Act, 2019

Right to Be Informed

Understand how personal data and utility profiles are collected and utilized.

Right to Access

Request access to your personal metrics, reports, or utility logs.

Right to Correction

Request correction or deletion of inaccurate credentials or property data.

Right to Restrict Processing

Object to certain forms of data analytics or automated profiling tracking.

Right to Withdraw Consent

Withdraw previously given account profiling permissions (subject to contract limitations where active projects rely on such data).

Right to Data Portability

Request transfer of your technical data or load profiles in an electronic format.

To exercise these rights contact: customercare@expertech.co.ke

Children’s Privacy

Expertech services are not directed to individuals under the age of 18. If such data is identified it will be deleted promptly.

International Data Transfers

Where data is transferred outside Kenya (for example through cloud hosting providers or specialized solar simulation nodes), appropriate technical and legal safeguards will be implemented to comply with the Data Protection Act, 2019.

Training & Awareness

  • Regular staff training on data protection practices
  • Internal awareness campaigns on data protection compliance
  • Mandatory reporting of suspected data breaches

Right to Lodge Complaint

Individuals may file complaints with the Office of the Data Protection Commissioner (ODPC) if they believe their data rights have been violated.

Non-Compliance

Expertech reserves the right to terminate agreements with employees, contractors, or suppliers who violate this policy.

Updates to This Policy

This policy may be revised periodically to remain inline with evolving regulatory structures issued by ODPC and EPRA. The latest version will always be available on our website.

Contact Us

Expertech Electrical Contractors Ltd

Email: customercare@expertech.co.ke

Website: www.expertech.co.ke

   We are Online