ESC
Navigate to Home
Enter
View Enterprise Services
Enter
View Engagement Models
Enter
View Trust & Compliance Center
Enter
Explore KilimoIQ (Agritech)
Enter
Explore TotoAfya (Healthtech)
Enter
Explore Nyumbani Eatz (Foodtech)
Enter
Meet the Founding Team
Enter
View Open Roles — Careers
Enter
Contact Sales / Enterprise Support
Enter
Toggle Light/Dark Theme
Enter
Home / Trust Center

TRUST &
SECURITY

COMPLIANCE

Enterprise software requires absolute trust. We design and maintain our platforms with clinical precision, ensuring your customer data, transactional workflows, and proprietary assets are secure.

We are fully registered with the Office of the Data Protection Commissioner (ODPC) in Kenya and build all infrastructure in strict alignment with GDPR and local data governance laws.

Enterprise Safeguards

Our Trust Pillars

How we ensure security, privacy, and continuous uptime across our systems and client services.

Data Privacy & ODPC

We are a registered data controller/processor with the **Office of the Data Protection Commissioner (ODPC)** in Kenya. We engineer our platforms in strict compliance with the Kenya Data Protection Act of 2019 and global GDPR guidelines.

ODPC Registered · GDPR Aligned

99.9% Uptime SLA

Our custom enterprise architectures utilize load-balanced cluster nodes, automated failover triggers, and isolated Docker container groups. We back our products with a contractual **99.9% system availability SLA** and 24/7 technical monitoring.

Redundant Backups · Active Failovers

AES-256 Encryption

All client data is encrypted in transit using TLS 1.3 and at rest via AES-256 encryption keys. Our engineers construct secure APIs using JSON Web Tokens (JWT), robust CORS filters, and strict column-level database permissions.

OWASP Validation · Secure Auditing

Enterprise Security Standards

Security Auditing & Scans

Every codebase undergoes automated dependency checks, lint rules validation, and OWASP Top 10 code scanning before push environments are compiled and deployed. We resolve vulnerabilities during development sprints.

Disaster Recovery Protocols

Database checkpoints are snapshotted daily and synced across isolated geographical cloud regions (AWS/Google Cloud). In the event of primary database latency, server failovers trigger secondary replica mirrors instantly to guarantee transaction completion.

Payment Integration Sandboxing

All payment callback endpoints (e.g., Safaricom Daraja webhooks, Stripe events) run custom payload signature verification. We isolate transaction database tables and encrypt account token maps using salted hashes.

Trust & Validation

Have a compliance question?

Request copies of our data protection policies, architectural specs, or SLA templates from our CTO Erick Mwangi.