Sign In Register

Privacy & Data Protection Policy

Last updated: 24 May 2026

1. Who We Are

Diaspora Pharma ("we", "us", "our") is a licensed online pharmacy enabling diaspora customers to send medicines to loved ones in Kenya. We are committed to protecting your personal data in accordance with applicable data protection laws including Kenya's Data Protection Act, 2019.

2. Data We Collect

We collect the following personal data when you use our services:

  • Account data: your name, email address, and country of residence
  • Order data: recipient name, recipient phone number, delivery address, county, and delivery notes
  • Medical data: prescription documents or medicine lists you upload — treated with the highest level of confidentiality
  • Payment data: transaction references only — we do not store card numbers (handled by Paystack)
  • Technical data: IP address, browser type, and usage data collected via cookies

3. How We Use Your Data

  • To process and deliver your orders
  • To send order status updates via email
  • To manage your account and membership
  • To comply with legal and regulatory obligations (pharmacy licensing, records)
  • To improve our services

4. Medical and Prescription Data

Prescription data and medicine lists are used solely to dispense medicines. They are accessible only to licensed pharmacists at Diaspora Pharma. We do not sell, share, or use this data for any other purpose. Prescriptions are retained for a minimum of 5 years as required by Kenyan pharmacy regulations.

5. Data Sharing

We share your data only with:

  • Logistics partners (recipient name, phone, and address only, for delivery)
  • Paystack (payment processing — governed by Paystack's privacy policy)
  • Regulatory authorities (if required by law)

We never sell your personal data to third parties.

6. Data Retention

We retain your account data for as long as your account is active, and for up to 7 years after account closure for legal and financial compliance. Prescription data is retained for a minimum of 5 years. You may request deletion of non-regulated data at any time.

7. Your Rights

Under the Kenya Data Protection Act, 2019, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of non-regulated personal data
  • Object to processing of your data
  • Withdraw consent at any time (this does not affect processing already carried out)

To exercise these rights, contact us via email or WhatsApp.

8. Cookies

We use essential cookies to maintain your session (cart, login status). We do not use advertising or tracking cookies. You can disable cookies in your browser settings, though this may affect site functionality.

9. Security

We use industry-standard SSL encryption and secure WordPress hosting. Access to personal and medical data is restricted to authorised staff only. We conduct regular security reviews.

10. Changes to This Policy

We may update this policy from time to time. We will notify registered users of significant changes by email.

11. Contact & Complaints

For data protection enquiries, contact us via WhatsApp or email. If you believe your rights have been violated, you may lodge a complaint with the Office of the Data Protection Commissioner of Kenya.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by