PRIVACY POLICY
Last Updated: April 25, 2024
Introduction
Cidone Investments Limited (operating as Jotun Cidone Investments) (“we,” “us,” or “our”) values your privacy. This Privacy Policy explains how we collect, use, store, and share (“process”) your personal information when you use our services (“Services”). This includes when you:
Visit our website (https://jotunkasarani.com) or any affiliated website linking to this Privacy Policy.
Purchase or inquire about Jotun Paints, including our interior, exterior, special, or decorative finishes.
Engage with us in any other way, such as sales, marketing, events, or customer support.
Have questions or concerns?
Reading this policy will help you understand your privacy rights and choices. If you do not agree with our practices, please refrain from using our Services. If you have any concerns, contact us at support@jotunkasarani.com.
SUMMARY OF KEY POINTS
Below is a quick summary of our Privacy Policy. For more details, please refer to the relevant sections in the full policy.
What personal information do we collect? We collect data based on how you interact with our Services, the choices you make, and the products you use. Learn more.
Do we process sensitive personal information? In some cases, we may process sensitive data, such as financial or biometric information, where permitted by law. Learn more.
Do we collect data from third parties? We may gather information from public databases, marketing partners, social media, and other external sources. Learn more.
How do we use your information? We process your data to provide and improve our Services, for security, communication, legal compliance, and, where applicable, marketing purposes. Learn more.
When do we share your information? We only share personal data in specific circumstances, such as with service providers, legal authorities, or partners. Learn more.
How do we keep your information safe? We implement technical and organizational measures to protect your data. However, no system is 100% secure. Learn more.
What are your privacy rights? Depending on your location, you may have rights regarding access, correction, deletion, or restriction of your personal information. Learn more.
How can you exercise your rights? You can submit a request to exercise your privacy rights by contacting us. Learn more.
For more information, review the full Privacy Policy below.
TABLE OF CONTENTS
WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
HOW LONG DO WE KEEP YOUR INFORMATION?
HOW DO WE KEEP YOUR INFORMATION SAFE?
DO WE COLLECT INFORMATION FROM MINORS?
WHAT ARE YOUR PRIVACY RIGHTS?
CONTROLS FOR DO-NOT-TRACK FEATURES
DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?
DO WE MAKE UPDATES TO THIS NOTICE?
HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
1. WHAT INFORMATION DO WE COLLECT?
Personal Information You Provide to Us
We collect personal information you voluntarily provide when you:
Register for an account
Request information about our products and services
Participate in surveys, promotions, or events
Contact us for support or inquiries
Examples of personal data we collect include:
Basic identifiers: Name, phone number, email address, mailing address, job title, and contact preferences.
Authentication data: Account credentials, login details, and other security-related information.
Billing information: Payment details, including billing addresses and credit/debit card numbers (processed securely via Paystack).
Sensitive Information
With your consent or as permitted by law, we may process:
Financial data (such as creditworthiness information)
Biometric data (if applicable)
Government-issued identifiers (where legally required)
Information Collected Automatically
Some data is collected automatically when you interact with our Services. This includes:
Log and Usage Data: IP address, browser type, device settings, pages viewed, and other technical details about your activity.
Device Data: Information about your device, such as operating system, browser type, and network provider.
Location Data: Approximate or precise location based on your device settings. You can opt out by disabling location services.
Third-Party Information
We may obtain additional data from:
Public databases
Marketing partners
Social media platforms
Business affiliates
This helps us improve our services and marketing efforts.
2. HOW DO WE PROCESS YOUR INFORMATION?
We process personal information to:
Create and manage accounts: Ensuring secure access to your account.
Provide requested services: Delivering orders, processing payments, and offering customer support.
Communicate with you: Sending updates, order confirmations, and responding to inquiries.
Enhance security and fraud prevention: Detecting and preventing suspicious activity.
Analyze trends and improve our Services: Studying usage patterns for better functionality.
Send marketing and promotional materials: You can opt out at any time.
Comply with legal requirements: Such as tax, regulatory, or fraud prevention obligations.
We only process data when we have a valid legal basis.
3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?
We process your personal information only when legally justified.
For users in the EU or UK (GDPR Compliance):
Consent: When you provide permission (e.g., for marketing emails).
Contractual necessity: When required to fulfill a contract with you.
Legitimate interests: When processing benefits our business without overriding your rights.
Legal obligations: When compliance with laws or regulations is necessary.
Vital interests: To protect your safety or that of others.
For users in Canada:
We process your information under:
Express or implied consent (you can withdraw at any time).
Exceptions allowed by law, such as fraud prevention or security monitoring.
4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?
We only share your personal information in specific circumstances to ensure transparency and security.
We may share your data with:
Service providers: Third-party vendors who help us with payment processing, order fulfillment, customer support, website hosting, and marketing.
Business partners: Trusted partners involved in delivering Jotun products or related services.
Legal authorities: If required by law, court orders, or to comply with legal obligations.
Professional advisors: Such as auditors, insurers, and legal consultants, when necessary.
Affiliates: If we engage in a business merger, sale, or acquisition, your information may be transferred as part of that transaction.
Third-Party Payment Processors
For payments, we use Paystack, which securely processes transactions on our behalf. We do not store or process your credit/debit card information directly.
We do not sell, rent, or trade your personal information for marketing purposes.
5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?
Yes, we use cookies, web beacons, and other tracking technologies to enhance your browsing experience and improve our Services.
How We Use Cookies:
Essential Cookies: Required for site functionality, such as login authentication and security.
Performance & Analytics Cookies: Help us analyze traffic, optimize performance, and improve the user experience.
Marketing & Advertising Cookies: Used to show relevant ads and measure ad effectiveness.
Managing Cookies
You can adjust your browser settings to accept or reject cookies. Note that disabling cookies may affect website functionality.
For detailed information, please see our Cookie Policy (if applicable).
6. HOW LONG DO WE KEEP YOUR INFORMATION?
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.
Data Retention Periods:
Account Data: Retained as long as your account is active. Deleted upon request.
Transaction Data: Kept for a minimum of 7 years for tax and regulatory compliance.
Marketing Data: Retained until you opt out.
Security & Fraud Prevention Data: Stored as long as necessary to protect our Services.
When we no longer need your data, we securely delete or anonymize it.
7. HOW DO WE KEEP YOUR INFORMATION SAFE?
We implement appropriate technical and organizational measures to safeguard your personal data. These include:
Data encryption (in transit and at rest)
Access controls and user authentication
Regular security audits and updates
Secure server infrastructure
While we strive to protect your personal information, no electronic transmission or storage method can guarantee 100% security. We therefore cannot promise that unauthorized third parties (e.g. hackers or cybercriminals) will never be able to defeat our safeguards.
If we become aware of a data breach, we will notify affected users and relevant authorities as required by applicable law.
8. DO WE COLLECT INFORMATION FROM MINORS?
We do not knowingly collect or solicit personal information from anyone under the age of 18. By using our Services, you confirm that you are at least 18 years old or the age of majority in your jurisdiction.
If we discover that we have unintentionally collected personal information from a child without verified parental consent, we will promptly delete it.
If you believe that we may have collected information from a minor, please contact us at support@jotunkasarani.com.
9. WHAT ARE YOUR PRIVACY RIGHTS?
Depending on your location, you may have legal rights regarding your personal data, including:
You may have the right to:
Access the personal data we hold about you
Correct inaccurate or outdated information
Request deletion of your data
Object to or restrict certain types of processing
Withdraw previously given consent
Request a copy of your data in a portable format (where applicable)
How to exercise your rights:
You can submit a request by contacting us at support@jotunkasarani.com. We will review and respond in accordance with applicable data protection laws.
We may need to verify your identity before fulfilling your request, and in some cases, we may retain data as required by law or legitimate business needs.
10. CONTROLS FOR DO-NOT-TRACK FEATURES
Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference—not to have data about your online browsing activities monitored or collected.
Currently, no uniform technology standard for recognizing and responding to DNT signals has been finalized. As such, we do not respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.
If a standard for online tracking is adopted in the future, we will update this section accordingly.
11. DO UNITED STATES RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?
Yes. If you are a U.S. resident, you may have rights under state-specific privacy laws such as the California Consumer Privacy Act (CCPA), Virginia Consumer Data Protection Act (VCDPA), or similar legislation.
These rights may include:
The right to know what personal data we collect, use, share, or sell
The right to access and obtain a copy of your personal data
The right to delete your personal data
The right to opt-out of the sale or sharing of personal information
The right to correct inaccurate personal data
The right to limit the use and disclosure of sensitive personal data
To exercise these rights, please contact us at support@jotunkasarani.com with your request. We will verify your identity and respond as required by law.
We do not “sell” personal data as traditionally defined, but we may use third-party tools (e.g. for advertising) that qualify as “sharing” under some state laws. You can opt out of these via our Cookie Policy.
12. DO OTHER REGIONS HAVE SPECIFIC PRIVACY RIGHTS?
Yes. If you are accessing our Services from outside the United States—including the European Economic Area (EEA), United Kingdom (UK), Canada, or other applicable jurisdictions—you may have the right to:
Access your personal data
Request correction or deletion of your data
Object to the processing of your data
Withdraw consent where we rely on it
Request data portability
File a complaint with your local data protection authority
To exercise any of these rights, email us at support@jotunkasarani.com. We will respond in accordance with the data protection laws relevant to your jurisdiction.
13. DO WE MAKE UPDATES TO THIS NOTICE?
Yes, we may update this privacy notice from time to time to stay compliant with relevant laws and reflect changes in our business practices.
When we make changes to this notice, we will:
Post the updated version on our website at https://jotunkasarani.com
Update the “Last updated” date at the top of this notice
Notify you either through our Services, by email, or through another method where required by law
We encourage you to review this Privacy Notice regularly to stay informed about how we are protecting your information.
14. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?
If you have questions or comments about this Privacy Notice, you may contact us via:
📧 Email: support@jotunkasarani.com
📬 Postal Address:
Cidone Investments Limited
Jotun Kasarani Showroom
Nairobi, Kenya
15. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?
You have the right to review, update, or delete the personal data we collect from you, depending on applicable law.
To request access, corrections, or deletion of your personal information, please:
Email us at support@jotunkasarani.com
Include details of your request and any relevant information for verification
We will respond in line with applicable data protection laws and aim to resolve all requests in a timely and transparent manner.
