QINSURE PRIVACY POLICY

QInsure Software owned by QuantaRisk Limited (“we” or “us”) are committed to protecting and respecting your privacy.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us and your choices regarding the personal data we may hold about you. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

The privacy policy is based on European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter “GDPR”).

By visiting www.quantainsure.com and associated services, you are accepting and consenting to the practices described in this policy.

2. DEFINITIONS

In this Privacy Policy, the following terms shall have the following meanings, except where the context otherwise requires:

“Customer” means person or his or her representative who uses QInsure Software or Services.
“Visitor” means person visiting the Website.
“Personal Data” means any information related to an identified or identifiable natural person.
“Client Data” means any data Customer inserts, uploads or otherwise stores in the Software. “we” or “us” means QInsure Software (owned by QuantaRisk Limited, Mezzanine Floor Fedha Plaza, Mpaka Road, Nairobi, Kenya).
“Website” means QInsure Website www.quantainsure.com and related websites. “Software” means the proprietary web platform and mobile applications for administrating insurance proposals, policies, and related documents, including applications, software, hardware, Personal Data bases, interfaces, associated media, documentation, updates, new releases, and other components or materials provided therewith.
“Services” means all the services provided by the Software Provider via the Software to Customers, and “Service” means any one of them.
“Licence” means Legal Agreement between Customer and Us for use of the Software and Services.

All Terms given in the singular are also applicable in the plural.

3. INFORMATION WE MAY COLLECT ABOUT YOU

We may collect and process the following data about you:

3.1 Information you give us. You may give us information about you by filling in forms on our Website or any sub-domain thereof, including, but not limited to, www.quantainsure.com

(our site), or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our Services, use our Software and when you report a problem with our site. The information you give us may include your name, address, e-mail address, phone number, and financial and credit card information.

3.2 Information we collect about you. With regard to each of your visits to the Website we may automatically collect the following information:

3.2.1 technical information, including the Internet Protocol (IP) address used to connect to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

3.2.2 information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.

3.3 Information from other sources (including, for example, business partners, sub- contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies).

3.4 Information collected by Customers. A Customer may insert, upload or otherwise store Client Data, which may contain Personal Data, in the Software. We have no direct relationship with the individuals whose Personal Data is hosted in the Software as part of Client Data. Each Customer is responsible for providing notice to its customers and third persons concerning the purpose for which Customer collects their Personal Data and how this Personal Data is processed in or through the Software as part of Client Data.

4. USES MADE OF THE INFORMATION

We use the information that we collect in a variety of ways in providing our Services and operating our business, including the following:

4.1 Provision of Services
4.1.1 We use the information, with the exception of Client Data, to operate, maintain, enhance and provide you with all aspects of the Software and Services, to carry out our obligations under the Licence and to provide you with the information, products and services that you request from us.
4.1.2 We process Client Data only at the request of the Customer and in accordance with the directions provided by the Customer who owns the respective Client Data.

4.2 Improvements of Services
We may use the information for administering our Website, analyzing the preferences of Customers and Visitors and for improving our Software, Services and Website, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

4.3 Communications
4.3.1 We may use Personal Data (e.g. email or phone number) to contact you for administrative purposes, such as customer service (e.g. responding to customer queries), sending service notices (such as information about Software changes, maintenance, new features, etc.) or informing about contractual rights and obligations.
4.3.2 We may also contact you with updates on promotions or events related to our Software, Services or to the services offered by our partners. You have the right to opt out from receiving any promotional communications, see “10. Your choices“.

4.4 Cookies
Our site uses cookies. A cookie is a small file of letters and numbers that we put on your computer if you agree. These cookies allow us to distinguish you from other users of our Website, which helps us to provide you with a good experience when you browse our site and also allows us to improve our site. The cookies we use are “analytical” cookies. They allow us to recognise and count the number of Visitors and to see how Visitors move around the site when they are using it. This helps us to improve the way our site works, for example by ensuring that Visitors can easily find what they are looking for.

5. PROTECTION OF PERSONAL DATA

5.1 Privacy and the protection of Personal Data is of the upmost importance to us and we ensure the security of Personal Data in accordance with existing legislation (e.g. GDPR) and good business practice.
5.2 Measures used to ensure the protection of Personal Data include, but are not limited to: organisational, physical and information technology security measures that cover the protection of IT infrastructure, computer and communications networks, technical equipment, employees, offices and information with the aim of ensuring a high level of risk mitigation and preventing threats of Personal Data leaks and losses.
5.3 In operations, Personal Data protection is regulated through internal security rules which ensure that only authorised employees are able to process Personal Data and only to the required extent.

6. DISCLOSURE OF PERSONAL DATA

We may under certain circumstances be required to disclose Personal Data to following parties:
6.1 In events required by law at the request of the authorities (e.g. law enforcement agencies, courts, enforcement officers, tax authorities, supervisory authorities);
6.2 to insurance companies, insurance brokers, credit institutions and credit intermediaries, where required for the performance of the Licence;
6.3 to legal and financial advisors, auditors, debt recovery undertakings and other authorised processors where required for provision of the Service, performance of our obligations and protection of our rights.

7. WHERE WE STORE YOUR PERSONAL DATA

7.1 We process the Personal Data within Africa, but in certain cases the Personal Data can be transferred to and processed in countries located outside the territory.
7.2 The transfer and processing of the Personal Data outside Africa may take place for the purpose of performance of a legal duty, oligations deriving from the Licence or under other circumstances. On request, the Customer can obtain more detailed information on the transfer of the Personal Data outside the territory.

8. HOW LONG WE KEEP YOUR PERSONAL DATA

8.1 We do not process the Personal Data for longer than the purpose of use of the Personal Data has been fulfilled, usually until the expiry of the Licence and the applicable Post- Closure Period and thereafter on the basis of legitimate interest and for performing statutory duties (e.g. duties arising from accounting, private legal grounds, etc.).

9. YOUR CHOICES

According to the law, you have the right to:

9.1 receive information from us about the extent and use of the processing of the Personal Data;
9.2 demand that we terminate the use of, correct or delete your Personal Data;
9.3 grant or withdraw consent to use the Personal Data for direct marketing or other marketing purposes;
9.4 for the purpose of protecting the Personal Data, contact the Personal Data protection authority or seek judicial protection;
9.5 demand that no decisions based merely on automated processing be made with regard to you.

10. Data Controller and Data Processor

We do not own, control or direct the use of any of the Client Data stored or processed by a Customer via the Software. Only the Customer is entitled to access, retrieve and direct the use of such Client Data. We are largely unaware of what Client Data is actually being stored or made available by a Customer to the Software and do not directly access such Client Data except as authorized by the Customer or as necessary to provide Services to the Customer.

Because We do not collect or determine the use of any Personal Data contained in the Client Data and because it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, We are not acting in the capacity of data controller in terms of the GDPR and does not have the associated responsibilities under the GDPR. We should be considered only as a processor on behalf of its Customers as to any Client Data containing Personal Data that is subject to the requirements of the GDPR. Except, as provided in this Privacy Policy, We do not independently cause Client Data containing Personal Data stored in connection with the Software to be transferred or otherwise made available to third parties, except to third party

subcontractors who may process such data on behalf of Us in connection with our provision of Services to Customers. Such actions are performed or authorized only by the applicable Customers.

The Customer is the data controller under the GDPR for any Client Data containing Personal Data, meaning that such party controls the manner of how such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.

We are not responsible for the content of the Personal Data contained in the Client Data or other information stored on Software at the discretion of the Customer nor are We responsible for the manner in which the Customer collects, handles disclosure, distributes or otherwise processes such information.

11. HOW TO CONTACT US

11.1 Our contact person for submission of notices, queries and declarations of intent: support@quantainsure.com
11.2 Data Protection Officer e-mail address is support@quantainsure.com

12. AMENDMENTS TO THE PRIVACY POLICY

12.1 We have the right to revise the privacy policy at any time via the Website www.quantainsure.com

Last Updated: 01 May 2024

Version 1.0