Warning: Constant WP_DEBUG already defined in /home2/spicy9fb/public_html/wp-config.php on line 95
Data Security

Data Security

DATA PROTECTION & SECURITY STATEMENT

Spice Without Borders (SWOB ) & Spicy Awards
31 January 2026

Spice Without Borders and Spicy Awards (“we,” “our,” “us”) are committed to ensuring the highest levels of data protection and security for all individuals whose data we collect and process.

This statement outlines how we safeguard personal data in line with:

  • Kenya Data Protection Act (2019)
  • GDPR (EU General Data Protection Regulation)
  • International best practices

1. Our Data Protection Principles

We adhere to the following principles:

  • Lawfulness, fairness & transparency
  • Purpose limitation—data collected only for legitimate purposes
  • Data minimization—only what is necessary
  • Accuracy—keeping data up to date
  • Storage limitation—retained only as long as needed
  • Integrity & confidentiality—security through technical and organizational measures
  • Accountability—we take full responsibility for lawful data processing

2. Organizational Measures

We ensure data protection through:

  • Staff and volunteer training on data protection
  • Confidentiality agreements for all partners and processors
  • Data Protection Impact Assessments (DPIAs) where required
  • Access controls based on roles and responsibilities
  • Internal data protection policies
  • Documented data retention schedules

3. Technical Security Measures

We use secure technology and systems including:

  • Encrypted servers and storage
  • Secure Sockets Layer (SSL) encryption on our websites
  • Password-protected databases
  • Multi-factor authentication for staff
  • Regular system monitoring and security audits
  • Firewalls and antivirus protections
  • Secure data backup systems

4. Breach Detection & Response

We have established processes to:

  • Detect potential security breaches
  • Assess breach severity
  • Notify affected users where required
  • Report breaches to regulators within legally required timelines
  • Take corrective measures to prevent recurrence

5. Third-Party Processors

We work only with trusted third-party service providers who:

  • Meet GDPR and Kenya DPA standards
  • Provide adequate data protection safeguards
  • Sign Data Processing Agreements (DPAs)

6. Your Role in Protecting Data

We encourage users to:

  • Use secure passwords
  • Avoid sharing account details
  • Report suspicious activity immediately

7. Contact

For data protection concerns or questions:
Email: privacy@spicewithoutborders.org

Scroll to Top