1/7
PERSONAL DATA PROTECTION POLICY
SECTION I – PURPOSE AND SCOPE
1.1 This Policy sets out the rules relating to the protection of individuals, including Staff
Members, with regards to the processing of their Personal Data by Jamii
Telecommunications Ltd (“JTL”) or on its behalf (hereinafter the “Policy”).
1.2 The implementation of any processing of Personal Data by the JTL is subject to
compliance with this Policy and any other relevant rules of the JTL adopted for its
implementation.
1.3 This Policy protects all Personal Data relating to individuals, whether collected by the JTL
or disclosed to the JTL by a third party.
SECTION II - DEFINITIONS
For the purposes of the present Policy, the following terms are defined as follows:
2.1 “Personal Data” means any information relating to an identified or identifiable individual.
An identifiable individual is one who can be identified, directly or indirectly, in particular
by reference to an identifier such as a name, identification number, location data, online
identifier or one or more factors specific to the physical, physiological, genetic, mental,
economic, cultural or social identity of that individual. Company registration numbers,
generic email addresses (such as info@company.com) and anonymised data are not
considered Personal Data;
2.2 “Processing” means any operation or set of operations which is performed upon
Personal Data or sets of Personal Data, by manual or automated means (including the
collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval,
consultation, use, disclosure by transmission, dissemination or otherwise making
available, alignment or combination, restriction, erasure or destruction of Personal Data);
2.3 “Data Controller” means any Staff Member who has the authority to determine, alone
or jointly with others, the purposes, conditions and means of the processing of Personal
Data on behalf of JTL;
2.4 “Data Processor” means any Staff Member or other individual, legal entity, public
authority or similar body, including a third party, authorized to process Personal Data on
behalf and under the direct authority of the Data Controller;