+(254)724256162     info@kemu.ac.ke
APPLY TODAY
  +(254)724256162     info@kemu.ac.ke
APPLY TODAY

Kenya Methodist University Privacy Policy.

Effective Date: 26 March 2025
Version: 1.2

This Privacy Policy is issued in conjunction with and in support of the Kenya Methodist University Data Protection Policy (Approved 30 January 2025). In instances where this Policy is silent or requires further elaboration, please refer to the Data Protection Policy for detailed guidance on data handling practices, data subject rights, and institutional responsibilities.

1. Introduction

Kenya Methodist University (KeMU) is committed to protecting the privacy and security of the personal data of our students, staff, visitors, and website users. This Privacy Policy describes how we collect, use, share, and safeguard your information when you interact with our website, blog, parking system, ticketing system, and other digital services (collectively, the “Services”). It is designed to complement our overarching Data Protection Policy by translating those principles into practical guidelines for our online presence.

2. Scope and Applicability

This Privacy Policy applies to personal data collected:

  1. Directly from users: via online forms, registrations, and interactive sessions.
  2. Automatically: through cookies, server logs, and other tracking technologies.
  3. Via Third Parties: when users voluntarily share data through social media, email, or public channels linked with our Services.

For a comprehensive description of how KeMU processes and safeguards data in all contexts (academic, administrative, and research), please refer to the Data Protection Policy (Sections 1.0–4.0).

3. Data Collection

3.1. Information Collected Directly

When you interact with our Services, we may ask you to provide:

  1. Identification Data: Your name, National ID number, and photograph.
  2. Contact Information: Email address, telephone number, and postal address.
  3. Institutional Data: Affiliation details where applicable.
  4. Service-Specific Data: For example, vehicle registration details for parking services or registration details for event ticketing.

3.2. Information Collected Automatically

As you use our website, we automatically collect:

  1. Technical Data: IP address, browser type, device identifiers, and operating system.
  2. Usage Data: Details on pages visited, time spent on the site, and referring URLs.
  3. Tracking Technologies: Cookies and similar technologies used to enhance user experience and enable service improvements.

For further details on data classification and minimisation, please see Section 6.5 (Adequacy) of the Data Protection Policy.

4. Legal Basis for Processing

KeMU processes personal data on the following lawful bases:

  1. Consent: As provided by you when you sign up for services (see Data Protection Policy Section 2.2 on Consent).
  2. Contractual Necessity: To fulfil your requests and complete transactions.
  3. Legal Obligation: To comply with applicable laws, including the Kenyan Data Protection Act.
  4. Legitimate Interests: For internal administrative purposes, service improvement, and security—ensuring that these interests do not override your rights.

For a full outline of legal bases and data subject rights, please refer to Sections 5.0 and 6.0 of the Data Protection Policy.

5. How We Use Your Information

Your personal data is processed to:

  1. Provide and Manage Services: Process registrations, manage parking facilities, facilitate ticketing, and support online interactions.
  2. Communication: Deliver updates on academic programs, campus events, and university news.
  3. Security and Maintenance: Secure our digital platforms through regular scans, encryption (SSL), and access controls.
  4. Enhance User Experience: Use analytics and cookies to tailor content and improve website functionality.

These practices are implemented in line with the Data Protection Policy’s principles on transparency and proportionality (see Sections 6.3 and 6.6).

6. Data Sharing and Third-Party Disclosures

KeMU may share your personal information with:

  1. Service Providers: Including IT support, payment processors, and email service providers.
  2. Legal and Regulatory Authorities: When required by law or to protect vital interests.
  3. Research and Academic Partners: Under controlled circumstances, following the guidelines for academic research in the Data Protection Policy.

International Data Transfers

If data is transferred outside Kenya, appropriate safeguards (such as Standard Contractual Clauses or Binding Corporate Rules) are put in place as stipulated by the Data Protection Policy (see Section 12.0).

For further details on contractual measures and third-party responsibilities, please consult Sections 4.7 and 10.0 of the Data Protection Policy.

7. Cookies and Tracking Technologies

We use cookies to:

  1. Ensure Essential Functionality: Maintain session integrity and secure logins.
  2. Gather Analytics: Understand user behavior to refine our Services.
  3. Personalize Content: Deliver targeted information and advertisements.

Managing Cookies:
You can control cookies through your browser settings or our dedicated cookie management tool. Detailed instructions and best practices are outlined in our Data Protection Policy under Section 6.7 (Security).

8. Your Rights and Choices

In accordance with both this Privacy Policy and the Data Protection Policy (Section 5.1), you have the following rights:

  1. Access: To review the personal data we hold about you.
  2. Rectification: To request corrections to any inaccurate or incomplete data.
  3. Erasure: To ask for the deletion of your data when it is no longer necessary.
  4. Restriction: To limit the processing of your data under certain conditions.
  5. Data Portability: To obtain your data in a common format and transfer it to another service.
  6. Objection: To object to the processing of your data based on legitimate interests or direct marketing.
  7. Automated Decision-Making: To request human intervention in decisions made solely on automated processing.

For a complete list of rights and the process for exercising them, please refer to Section 5.0 of the Data Protection Policy or contact our Data Protection Officer.

9. Data Security Measures

KeMU employs robust security measures, including:

  1. Encryption: All sensitive data is transmitted using Secure Socket Layer (SSL) technology.
  2. Access Controls: Personal data is accessible only to authorized personnel as defined in the Data Protection Policy (Section 4.1).
  3. Regular Audits: Ongoing security assessments and malware scans are conducted to identify vulnerabilities.
  4. Incident Response: A comprehensive breach notification and response plan is in place in line with Section 9.0 of the Data Protection Policy.

10. Policy Updates and Communication

Changes to this Privacy Policy will be:

  1. Published on Our Website: A prominent notice will be provided for any material updates.
  2. Notified Directly: Where necessary, changes will be communicated to affected users via email.

We review this document periodically to ensure compliance with evolving legal requirements and operational practices. For a detailed review process, please refer to Section 21.0 of the Data Protection Policy.

11. Contact Information

For questions or concerns regarding this Privacy Policy or your personal data, please contact us at:

  1. Email:
    ict.support@kemu.ac.ke
    info@kemu.ac.ke
  2. Postal Address:
    Kenya Methodist University
    P.O Box 267-60200 Meru- Kenya.

For issues specifically related to data protection practices or to exercise your data subject rights, please contact our Data Protection Officer at:
Email: dpo@kemu.ac.ke

This refined Privacy Policy is designed to work in tandem with our broader Data Protection Policy, ensuring that all processing activities on the KeMU website are handled in a secure, transparent, and legally compliant manner.

Education Resources