Privacy Policy
We never sell your personal data, and we never share it with anyone for their own marketing. This policy explains — in plain English — what we collect, why, and the rights you have over it.
1. Who we are
Africa Global PR Week (“we”, “us”, “our”) organizes Africa’s largest gathering of public relations and communications professionals, taking place in Nairobi, Kenya. We are the data controller for the personal data described in this policy, and we process it in accordance with the Kenya Data Protection Act, 2019 and, where applicable to international visitors, other data protection laws such as the EU General Data Protection Regulation (GDPR).
This policy covers our website (africaprweek.com), our event companion app, our Network membership platform, and the PR Challenge programme.
2. What we collect
We only collect personal data that you give us or that is generated when you use our services:
- Ticket purchases: your name, email address, phone number, and order details. Payments are processed by Paystack — we never see or store your full card details.
- Sponsorship & exhibitor inquiries (including requests for our concept note): your name, work email, company, phone number, area of interest, and message.
- Network membership applications: the professional details you submit in your application and profile.
- PR Challenge applications: applicant and university details submitted with your entry.
- Webinar registrations, newsletter signups, and story submissions: your name and email address, plus any content you submit.
- Event app: your login email (verified by one-time code), session information, and — only if you opt in — a push notification token for your device.
- Automatically collected: anonymous page-view counts, and basic marketing attribution (which channel or campaign brought you to the site — e.g. a LinkedIn post). Our servers also process your IP address and browser type to deliver the site and protect it from abuse.
3. How we use your data
- To deliver what you asked for: issue your tickets, respond to your inquiry, process your application, or send the newsletter you subscribed to (performance of a contract, or your consent).
- To run the event: check you in, send you essential event information, and operate the companion app.
- To follow up on sponsorship and partnership interest you have expressed (our legitimate interest in operating the event).
- To measure our own marketing: understand which channels and campaigns drive registrations, so we spend our budget sensibly.
- To keep the platform secure and comply with our legal obligations (e.g. tax and accounting records for payments).
We do not use your data for automated decision-making or profiling that has legal effects on you.
4. Who we share data with
We never sell your personal data, and we never share it with any third party for their own marketing. Your data is only handled by a small number of service providers who process it on our behalf, under contract, solely to run our services:
- Paystack — secure payment processing for ticket purchases.
- Our cloud database provider — secure application data storage and backend hosting.
- Zoho Mail — sending transactional and event emails.
- Cloudflare — website hosting, content delivery, and security.
- Amazon Web Services (AWS) — hosting of images and media files.
Advertising measurement (Meta): when you register or purchase a ticket, we send Meta (Facebook) a privacy-protected, hashed version of limited details (such as email and phone number), together with technical information like IP address, strictly so we can measure the performance of our own advertising. Meta cannot read the hashed values directly; it can only match them against its existing accounts. This is standard conversion measurement — it is not us giving Meta your contact details to market to you. You can read more in Meta’s Privacy Policy.
We may also disclose data where the law requires it — for example, a lawful request from a regulator or court.
5. Cookies & local storage
We keep tracking to a minimum. We do not use third-party advertising cookies. We use:
- Essential session cookies — to keep you signed in to the event app or admin areas.
- Local storage on your device — to remember first-touch marketing attribution for up to 30 days (which campaign brought you here), and small preference flags (for example, that you have already completed a form). This data stays in your browser; you can clear it at any time in your browser settings.
6. Where your data is stored
Our service providers store data on secure servers that may be located outside Kenya (including in the United States and Europe). Where data is transferred internationally, we rely on providers that commit to recognized data-protection safeguards, and we transfer only what is needed to run our services, as permitted under the Kenya Data Protection Act.
7. How long we keep it
- Order and payment records: kept as long as required for tax, accounting, and audit obligations.
- Inquiries and applications: kept for the current event cycle and a reasonable follow-up period, then deleted or anonymized.
- Newsletter subscriptions: kept until you unsubscribe.
- Event app sessions and push tokens: deleted when they expire or when you log out / disable notifications.
8. Security
All traffic to our website and apps is encrypted in transit (HTTPS). Access to personal data is restricted to authorized team members who need it to run the event. Payment card details are handled entirely by Paystack, a PCI-DSS-compliant payment processor, and never touch our servers.
9. Your rights
Under the Kenya Data Protection Act, 2019 (and similar laws where they apply to you), you have the right to:
- Be told what personal data of yours we hold, and get a copy of it (access).
- Have inaccurate data corrected (rectification).
- Ask us to delete your data (erasure), subject to records we must keep by law.
- Object to or restrict certain processing, and withdraw consent at any time (e.g. unsubscribe from the newsletter with one click, or disable push notifications on your device).
To exercise any of these rights, email us at [email protected]. We will respond within a reasonable time and at no cost to you. If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC), Kenya.
10. Children
Our event and services are designed for professionals and university students. They are not directed at children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us data, contact us and we will delete it.
11. Changes to this policy
If we change how we handle your data, we will update this page and the “last updated” date above. Material changes will be highlighted on the website.
12. Contact us
Privacy questions and data requests: [email protected]
General inquiries: [email protected]
Africa Global PR Week · Mövenpick Hotel, Nairobi, Kenya
