0%
A Program by Sauti ya Dhahabu Global
GOLDEN VOICE
EAST AFRICA AWARDS
Celebrating African Heroes, Talent & Excellence
Legal Documentation

Privacy Policy

How Golden Voice East Africa Awards collects, uses, and protects your personal information.

Last Updated: 1 May 2026 Governed by Kenyan & International Law

01 Introduction & Identity of the Data Controller

Golden Voice East Africa Awards ("GVEA", "we", "us", or "our") is a recognition and empowerment platform operated under Sauti ya Dhahabu Global. We are committed to protecting the privacy and personal data of every individual who interacts with our platform, including nominees, voters, ticket purchasers, event attendees, and website visitors.

This Privacy Policy explains what personal information we collect when you use our website, submit nominations, register for events, purchase tickets, or cast votes — and how that information is used, stored, and protected.

By using our platform, you acknowledge that you have read and understood this Privacy Policy and agree to the practices described herein.

Data Controller: Sauti ya Dhahabu Global / Golden Voice East Africa Awards
General Enquiries: info@goldenvoiceeastafricaawards.com
Support: support@goldenvoiceeastafricaawards.com

02 Legal Framework

Our data practices are governed by and compliant with the following legal instruments:

Kenyan Law

  • The Data Protection Act, 2019 (Kenya) — the primary statute governing the collection, use, processing, storage, and protection of personal data in Kenya.
  • The Kenya Information and Communications Act (Cap. 411A) — governs electronic communications and online data practices.
  • The Computer Misuse and Cybercrimes Act, 2018 — protects against unlawful access to and misuse of personal data stored electronically.
  • The Children Act, 2022 (Kenya) — governs the rights, welfare, and protection of children under the age of 18, including in digital and public-facing contexts.
  • The Constitution of Kenya, 2010, Article 31 — guarantees every person the right to privacy.

International Standards

  • The UN Convention on the Rights of the Child (UNCRC), 1989 — ratified by Kenya in 1990. Article 16 protects children from arbitrary interference with their privacy.
  • The General Data Protection Regulation (GDPR) (EU) 2016/679 — applied as a best-practice standard for individuals from EU member states interacting with our platform.
  • The African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention), 2014 — regional data protection framework.

03 Information We Collect

We keep data collection to the minimum necessary to operate the GVEA platform.

3.1 Information You Provide Directly

  • Phone Number: Used to verify your identity and send important account or nomination-related notifications.
  • Email Address: Used for account management, transactional communications (e.g. voting confirmations, booking receipts), and, where you have given consent, marketing communications.
  • Profile Picture: Displayed on your account profile and, for nominees, within published award materials where applicable consent has been given.

3.2 Information Collected Automatically by Our Servers

For the security and integrity of our platform, our servers automatically log certain technical data when you access the site. This data is used solely for security monitoring, fraud prevention, vote integrity, and system diagnostics — not for profiling or marketing.

  • IP Address: Logged to detect and prevent fraudulent activity, vote manipulation, and unauthorised access.
  • Device Fingerprint: A technical identifier derived from your device's characteristics (browser type and version, operating system, screen resolution, language settings), used to detect duplicate votes and suspicious activity.
  • Browser & Device Information: Browser name and version, device type, and operating system.
  • Usage Logs: Pages visited, time of access, and voting activity, retained for audit and integrity purposes.
Note on Automatic Logging: Server logs are a standard and legally recognised security measure. By accessing our platform, you acknowledge that this technical data may be collected automatically as part of normal website operation.

3.3 What We Do NOT Collect

We do not collect or store full payment card numbers. Payment transactions are handled by PCI-DSS compliant third-party processors. We do not collect sensitive personal data such as national ID numbers, biometric data, or health information.

04 How We Use Your Information

We process personal data on the following lawful bases under Section 30 of Kenya's Data Protection Act, 2019:

  • Performance of a contract — to process nominations, ticket purchases, and event registrations.
  • Legitimate interests — to operate the awards programme securely, communicate with nominees and the public, detect fraud, and improve our services.
  • Legal obligation — to comply with applicable laws, including tax and regulatory requirements.
  • Consent — for marketing communications and the publication of profile pictures and nominee profiles. Consent may be withdrawn at any time.

Specific Uses Include

  • Creating and managing your GVEA account.
  • Processing and evaluating nominations for award categories.
  • Publishing nominees' names and approved profile pictures in award materials, media, and online platforms.
  • Facilitating public voting and ensuring voting integrity.
  • Detecting and preventing duplicate votes, fraud, and platform abuse using server-logged technical data.
  • Sending transactional communications (booking confirmations, voting receipts).
  • Sending marketing and promotional communications (where consent has been given).
  • Complying with legal and regulatory obligations.

05 Children & Minors (Under 18 Years)

Special Protections Apply to All Nominees and Participants Under the Age of 18

Golden Voice East Africa Awards proudly recognises excellence at every age. Children and young people under the age of 18 are eligible to be nominated across applicable award categories. We apply the highest standard of data protection and safeguarding to any minor involved with our platform.

How Minors Are Registered on Our Platform

GVEA does not physically register individuals — registration is a self-service process completed online by the account holder. Where an account belongs to or represents a person under the age of 18, we operate on the reasonable legal assumption that the account has been created and is managed by a parent or legal guardian on the minor's behalf.

By registering an account or submitting a nomination for a person under 18, the registering adult confirms that they are the parent or legal guardian of that minor, and that they consent to the collection and use of the minor's personal data — limited to phone number, email address, and profile picture — as described in this Policy.

We recognise that requiring a separate written consent form prior to registration is not always practical or feasible. The act of completing registration on behalf of a minor therefore constitutes the parent or guardian's informed consent under the Data Protection Act, 2019 (Kenya), Section 31.

Governing Laws for Children

  • The Children Act, 2022 (Kenya) — the best interests of the child are the primary consideration in all decisions affecting them.
  • The Data Protection Act, 2019 (Kenya), Section 31 — processing of a child's personal data must be in the child's best interest and requires parental or guardian consent.
  • The UN Convention on the Rights of the Child (UNCRC), Articles 3, 16 & 17 — best interests of the child, right to privacy, and right to appropriate information.
  • The Constitution of Kenya, 2010, Article 53 — guarantees every child the right to be protected from abuse, neglect, and exploitation.

Our Commitments to Child Nominees

  • Minimal Data: We collect only the minimum personal data necessary — phone number, email address, and profile picture — to process a minor's nomination.
  • No Direct Marketing: We do not send marketing communications directly to individuals we know to be under the age of 18.
  • Controlled Publication: Profile pictures and names of minor nominees are published only in contexts appropriate to their age and dignity, and are never used in an exploitative or harmful manner.
  • Accompaniment at Events: Minor nominees attending GVEA events must be accompanied by a parent, guardian, or responsible adult at all times.
  • Safeguarding: Any concerns about the safety or welfare of a child nominee should be reported to us immediately. We cooperate fully with relevant authorities as required by law.

Right to Request Deletion of a Minor's Data

If you are a parent or legal guardian and believe that data relating to a person under 18 has been submitted to our platform without your knowledge or consent — or if you wish to withdraw consent already given — you have the right to request the deletion of that data at any time.

Please contact us as soon as possible at info@goldenvoiceeastafricaawards.com with the subject line "Minor Data Deletion Request", including the minor's name and the email address or phone number associated with the account. We will confirm deletion within 14 days.

If you are under 18: Please ask a parent or guardian to review this Privacy Policy and manage your account on your behalf. If you believe your data has been registered without a parent or guardian's knowledge, please ask them to contact us immediately at the address above.

06 Sharing & Disclosure of Personal Data

We do not sell your personal data. We may share it only in the following circumstances:

  • With the Public (Nominees): Nominee names, categories, and approved profile pictures are published as part of the awards programme. Nominees consent to this publication through the nomination process.
  • With Service Providers: Trusted third-party providers who assist in operating our platform (e.g. payment processors, email service providers, event management platforms) under strict data processing agreements.
  • With Media Partners: Names and profile pictures of winners and nominees may be shared with accredited media partners for awards coverage, subject to consent.
  • For Legal Compliance: We may disclose personal data when required by law, court order, or government authority, including the ODPC of Kenya.
  • To Protect Rights: We may disclose information to prevent fraud, vote manipulation, or other violations of our terms or applicable law.

07 Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

  • Nominee and Winner Data: Retained indefinitely as part of the historical record of GVEA, unless a deletion request is made and approved.
  • Voter Data: Retained for a maximum of 24 months following the relevant voting period for audit and integrity checks.
  • Ticket Purchase Records: Retained for 7 years in accordance with Kenya Revenue Authority requirements.
  • General Account and Contact Data: Retained for the duration of your relationship with GVEA and for up to 3 years thereafter.
  • Children's Data: Retained only for the period necessary; reviewed annually and deleted promptly upon a verified request from a parent or guardian.
  • Server Logs (IP, Device Fingerprint, Browser Data): Retained for up to 12 months for security and integrity audit purposes, then deleted or anonymised.

08 Your Rights Under Data Protection Law

Under the Data Protection Act, 2019 (Kenya) and applicable international standards, you have the following rights:

  • Right of Access (Section 26, DPA 2019): Request a copy of the personal data we hold about you.
  • Right to Rectification (Section 26, DPA 2019): Request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Section 26, DPA 2019): Request deletion of your personal data where it is no longer necessary, subject to legal retention obligations.
  • Right to Object (Section 26, DPA 2019): Object to processing of your data for marketing purposes or where based on legitimate interests.
  • Right to Data Portability: Request a copy of your data in a commonly used, machine-readable format.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint: Lodge a complaint with the Office of the Data Protection Commissioner (ODPC), Kenya, at www.odpc.go.ke.

To exercise any of these rights, contact us at info@goldenvoiceeastafricaawards.com. We will respond within 30 days as required by the Data Protection Act, 2019.

09 Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience. We use:

  • Essential Cookies: Necessary for the website to function, including session management and security.
  • Analytical Cookies: Used to understand how visitors interact with our website, helping us improve performance and user experience.
  • Functional Cookies: Remember your preferences and settings.
  • Marketing Cookies: Used to deliver relevant content and track campaign effectiveness. Placed only with your explicit consent.

You can manage cookie preferences through your browser settings at any time. Disabling certain cookies may affect website functionality. By continuing to use our site, you consent to our use of essential cookies.

10 Security of Your Personal Data

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, loss, alteration, or disclosure:

  • Encryption of data in transit using Transport Layer Security (TLS/SSL).
  • Secure storage of passwords using industry-standard hashing algorithms.
  • Restricted access to personal data on a need-to-know basis.
  • Regular security assessments and system updates.
  • Data breach response procedures under Section 43 of the Data Protection Act, 2019, requiring notification to the ODPC and affected data subjects within 72 hours of becoming aware of a breach.

While we take all reasonable steps to protect your data, no method of transmission over the internet is completely secure. We encourage you to use strong passwords and to contact us immediately if you suspect any unauthorised use of your account.

11 International Data Transfers

GVEA operates across 30+ countries in Africa and the global diaspora. Where personal data is transferred outside Kenya, we ensure adequate protections are in place consistent with Section 48 of the Data Protection Act, 2019, which permits cross-border transfer only where:

  • The receiving country ensures an adequate level of data protection as determined by the ODPC; or
  • Appropriate safeguards are in place, such as standard contractual clauses or binding corporate rules; or
  • The data subject has given explicit informed consent to the transfer.

12 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or applicable law. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Notify registered users via email where practicable.
  • Display a prominent notice on our website.

Your continued use of our platform following notification of changes constitutes acceptance of the updated Policy.

13 Contact & Complaints

For any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us:

General Inquiries info@goldenvoiceeastafricaawards.com
Technical Support support@goldenvoiceeastafricaawards.com
Data Protection Authority Office of the Data Protection Commissioner (ODPC), Kenya

We aim to resolve all privacy-related concerns promptly. If you are not satisfied with our response, you have the right to escalate your complaint to the ODPC as provided under Section 65 of the Data Protection Act, 2019.