Privacy Policy
How AssesPro handles your information.
Last updated: July 6, 2026
AssesPro ("we", "us", or "our") provides an electronic portfolio of evidence and assessment management platform for Technical and Vocational Education and Training (TVET) institutions in Kenya. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, request a demo, contact us, or use our services.
1. Information We Collect
We may collect the following categories of information:
- Institution and account information — names, email addresses, phone numbers, job titles, institution names, and login credentials for administrators, assessors, verifiers, and authorised staff.
- Learner and assessment data — candidate names, registration numbers, competency records, assessment results, verifier comments, and related academic or training information uploaded by your institution.
- Portfolio of evidence — documents, images, audio, video, and other files submitted as part of competency-based assessment workflows.
- Website and inquiry data — information you submit through contact forms, demo requests, or support channels, including name, email, phone, institution, and message content.
- Technical data — IP address, browser type, device information, pages visited, and similar usage data collected through cookies and server logs.
2. How We Use Information
We use collected information to:
- Provide, operate, maintain, and improve the AssesPro platform;
- Support digital assessment, verification, validation, and reporting workflows for TVET institutions;
- Respond to inquiries, demo requests, and customer support needs;
- Send service-related notices, security alerts, and administrative messages;
- Monitor platform performance, prevent fraud, and protect system integrity;
- Comply with applicable laws, regulatory requirements, and institutional agreements.
3. Legal Basis and Compliance
We process personal data in accordance with the Data Protection Act, 2019 of Kenya and applicable regulations issued by the Office of the Data Protection Commissioner (ODPC). Where we act as a data processor on behalf of a TVET institution, processing is carried out according to that institution's instructions and our data processing agreements.
4. How We Share Information
We do not sell personal data. We may share information only in these circumstances:
- With authorised users within your institution according to role-based access controls;
- With service providers who assist with hosting, backups, email delivery, analytics, or support, subject to confidentiality obligations;
- With regulators, validation bodies, or authorities when required by law or legitimate institutional compliance processes;
- In connection with a merger, acquisition, or asset transfer, with appropriate notice where required;
- When necessary to protect the rights, safety, and security of users, institutions, or the public.
5. Data Retention
We retain personal data for as long as needed to provide the service, meet contractual obligations, satisfy legal and regulatory requirements, and resolve disputes. Assessment records and evidence may be retained according to your institution's policies and applicable TVET or qualification authority requirements.
6. Data Security
We implement administrative, technical, and organisational measures designed to protect information against unauthorised access, loss, misuse, or alteration. These measures include access controls, encrypted connections, secure hosting environments, and regular backups. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
7. Your Rights
Subject to applicable law, you may have the right to:
- Request access to personal data we hold about you;
- Request correction of inaccurate or incomplete data;
- Request deletion or restriction of processing in certain circumstances;
- Object to processing or withdraw consent where processing is consent-based;
- Lodge a complaint with the Office of the Data Protection Commissioner.
Learners and staff should contact their institution first for requests relating to assessment or training records. Institutions may contact us for platform-level data requests.
8. Cookies and Website Analytics
Our website may use cookies and similar technologies to improve functionality, remember preferences, and understand how visitors use our pages. You can control cookies through your browser settings. Disabling cookies may affect certain website features.
9. Third-Party Links
Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing personal information.
10. Children's Data
Our services are intended for use by TVET institutions and authorised personnel. Where learner data relates to minors, institutions are responsible for ensuring appropriate consent and lawful basis for processing under applicable law.
11. International Transfers
Where data is stored or processed outside Kenya, we take steps to ensure appropriate safeguards are in place consistent with applicable data protection requirements.
12. Changes to This Policy
We may update this Privacy Policy from time to time. The revised version will be posted on this page with an updated date. Continued use of our website or services after changes become effective constitutes acceptance of the revised policy.
13. Contact Us
If you have questions about this Privacy Policy or our data practices, contact us at:
- AssesPro
- Email: info@tvetpoe.co.ke
- Phone: +254707200682
- Address: Meru, Kenya