Self-Assessment Tool

This checklist has been created for persons or companies who hold personal data of natural persons. Personal data includes names, physical addresses, email addresses, phone numbers, ID or passport number. The checklist will help you find out what you need to do to make sure you are keeping people’s personal data secure in line with the Data Protection Act, 2019, and the General Data Protection Regulations (GDPR).

Please enter your email:

1. Did you get consent to collect and use the data?


2. Do people know that you have their personal data and uanderstand how you use it?


3. Do you process the personal data that you collect?


4. Do you collect more information than you need?


5. Do you have a policy for how long you keep personal data?


6. Do you keep personal data accurate and up to date?


7. Do you keep personal data secure?


8. Do you have a way for people to access, rectify or erase personal data you hold about them?


9. Do you and your staff know your data protection responsibilities?


10. Do you process data for direct marketing?


11. Do you transfer data outside the country?


12. Do you have clients who are based outside Kenya?

If yes, please select whether in EUROPEAN UNION (EU) or UNITED STATES (US) (or both).


13. Do you collect any health information?


14. Do you collect information relating to children?


15. Do you have a website that uses cookies?


Question 1 of 15