Privacy Policy
PRIVACY POLICY
This privacy policy sets out how MWC Legal collects and uses your personal data through your use of this website, including any data you may provide to us.
Who we are
MWC Legal (MWC or the Firm) is a full-service law firm based in Kenya. We offer high-quality legal services and solutions to clients. Our vision is to establish regional networks in the East African Community (EAC) capitals offering high quality legal services to match our clients’ business footprints and ambitions. Our website address is: https://mwc.legal.
When we mention “we”, “us” or “our” in this privacy policy, we are referring to MWC.
What personal data we collect and why
Personal data means any information about an individual from which that person can be identified.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
Identity Data
This includes first name, last name, any previous names, username or similar identifier, marital status, title, date of birth and gender.
Contact Data
This includes billing address, delivery address, email address and telephone numbers.
Technical Data
When you leave comments on our website or browse our website, we collect the data shown in the comments form, your IP address, your browser type and version, time zone setting and location, browser plug in types and operating system and platform, device ID and other technology on the devices you use to help access this website.
Financial Data
During onboarding as a client of MWC, we will require to declare your source of funds for any transaction in which we will act on your behalf.
Usage Data
This includes information about how you interact with and use our website and services.
Marketing and Communications Data
Includes information about how you interact with and use our website and services.
How we collect your personal data
We use different methods to collect data about you including through:
Your interaction with us
You may give us your personal data by filing in online forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- sign a letter of engagement for provision of services;
- apply for our services;
- subscribe to our newsletter or client alerts;
- request marketing to be sent to you; or
- give us feedback or contact us.
Automated technologies or interactions
As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
If you sign up for our newsletter you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again. These cookies will last for one year.
When you interact with our website, we will also set up several cookies to save your information and your screen display choices. These cookies last for two days, and screen options cookies last for a year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, alerts, write-ups etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
How we use your personal data
Legal Basis
The law requires us to have a legal basis for collecting and using your personal data. We rely on the following legal bases:
- Performance of a contract with you: Where we need to fulfil the contract, we are about to enter into or have entered into with you.
Legitimate interests: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests, for example to prevent fraud and enable us to give you the best and most secure customer experience. We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
- Legal obligation: We may use your personal data where it is necessary for compliance with a legal obligation when we rely on this legal basis.
- Consent: We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose, for example if you subscribe to an email newsletter.
Purposes for which we will use your personal data
We have set out below, in a table format, a description of all the ways we use to plan to use the various categories of personal data and which of the legal basis we rely on to do so.
| Purpose/Use | Type of Data | Legal basis |
|---|---|---|
|
To onboard you as a client of the Firm |
(a) Identity Data; (b) Contact Data; and (c) Financial Data. |
(a) Performance of a contract with you.
(b) Compliance with anti-money laundering and terrorism financing laws |
|
To manage our relationship with you which will include:
(a) Notifying you about any changes in our privacy policy; and (b) Dealing with your requests, complaints or queries. |
(a) Identity Data;
(b) Contact Data; and (c) Marketing and Communications Data |
(a) Performance of a contract with you.
(b) Necessary for our legitimate interests (to keep our records updated and manage our relationship with you. |
|
To manage our relationship with you which will include:
(a) Notifying you about any changes in our privacy policy; and (b) Dealing with your requests, complaints or queries. |
(a) Identity Data;
(b) Contact Data; (c) Technical Data; and (d) Usage Data. |
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security and to prevent fraud.
(b) Compliance with data privacy laws and regulations. |
|
To use data analytics to improve our website, services, client relationships and experiences and to measure the effectiveness of our communications and marketing. |
a) Technical Data; and
(b) Usage Data. |
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
How long we retain your data
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
What rights you have over your data
You have a number of rights under data protection laws in relation to your personal data.
You have the right to:
- (i) Request access to your personal data (commonly known as a “subject access request”). This enables you to receive a copy of the personal data we hold about you;
- (ii) Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us;
- (iii) Request erasure of your personal data in certain circumstances. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request;
- (iv) Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data (including carrying out profiling based on our legitimate interests). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your right to object; and
- (v) Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Time limit to respond
We try to respond to all legitimate requests within a reasonable time period. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Our contact information
MWC Legal, AK 119, House No. 4, Adjacent to the Malawi Chancery/High Commission & Toyota Kenya
Slip Road off Waiyaki Way
Westlands, Nairobi, Kenya
m: +254 709 473 000
e: info@mwc.legal
