Legal & Compliance

Data Protection

Our commitment to protecting your data and ensuring compliance with global data protection standards.

Last Updated: February 2026

At Ensibuuko Financial Technology Ltd, we are committed to protecting your personal data and respecting your privacy rights. This Data Protection Policy outlines our practices for collecting, using, storing, and safeguarding your information in compliance with applicable data protection laws and regulations.

1

Our Data Protection Commitment

We are dedicated to ensuring the highest standards of data protection and privacy for all our users:

Transparency

Clear communication about how we collect and use your data

Security

Robust security measures to protect your information

Control

You maintain control over your personal data at all times

Compliance

Adherence to international data protection regulations

2

Our Data Protection Principles

We process personal data in accordance with the following principles:

1
Lawfulness, Fairness, and Transparency

We process data lawfully, fairly, and in a transparent manner

2
Purpose Limitation

Data is collected for specified, explicit, and legitimate purposes only

3
Data Minimization

We collect only data that is adequate, relevant, and necessary

4
Accuracy

Personal data is kept accurate and up to date

5
Storage Limitation

Data is retained only for as long as necessary

6
Integrity and Confidentiality

Appropriate security measures protect against unauthorized access

3

Security Measures

We implement comprehensive technical and organizational security measures to protect your data:

Encryption

End-to-end encryption for data in transit and at rest using industry-standard protocols (TLS/SSL, AES-256)

Access Controls

Role-based access control (RBAC) and multi-factor authentication (MFA) for all system access

Monitoring & Auditing

24/7 security monitoring, regular security audits, and continuous vulnerability assessments

Data Backup & Recovery

Regular automated backups with secure off-site storage and tested disaster recovery procedures

4

Your Data Protection Rights

Under data protection law, you have the following rights regarding your personal data:

Right to Access

Request access to your personal data and obtain a copy

Right to Rectification

Request correction of inaccurate or incomplete data

Right to Erasure

Request deletion of your personal data in certain circumstances

Right to Restrict Processing

Request limitation on how we process your data

Right to Data Portability

Receive your data in a machine-readable format

Right to Object

Object to processing of your data for certain purposes

To exercise any of these rights, please contact our Data Protection Officer using the contact details provided below. We will respond to your request within 30 days.

5

Regulatory Compliance

We comply with applicable data protection regulations including:

Uganda Data Protection and Privacy Act

Local data protection regulations

GDPR (General Data Protection Regulation)

European Union data protection standards

ISO/IEC 27001

Information security management standards

Contact Our Data Protection Officer

For data protection inquiries or to exercise your rights, contact us:

Address: Plot 238 Kikawa Road, Kiwatule, Kampala, Uganda

Related Policies

Privacy Policy

How we protect your information

Terms of Service

Review our terms and conditions

Cookie Policy

Learn about our cookie usage