DERRICKSON SYSTEMS|IntradeIQ
Honouring Commitments!

Privacy Policy

Last updated: 18 May 2026

1. Introduction

IntradeIQ (“we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data in compliance with the Kenya Data Protection Act, 2019 (the “DPA”), the EU General Data Protection Regulation (“GDPR”) where applicable, and other relevant data protection laws. This policy explains how we collect, use, disclose, and safeguard your information when you use our customs duty calculation platform.

2. Data Controller

Derrickson Systems Ltd is the data controller responsible for your personal data. If you have any questions about this policy, please contact us at info@derricksonsystems.co.ke.

3. Information We Collect

Account Data: When you register, we collect your name, email address, and a securely hashed password.

Calculation Data: Vehicle specifications, cargo details, HS codes, and duty estimates you enter to use our service.

Usage Data: Pages visited, feature interactions, and error logs to improve our platform.

Technical Data: IP address, browser type, device information, and cookies (see Section 8).

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area, we process your data based on:

  • Consent: You have given clear consent for us to process your data for a specific purpose (e.g., account creation).
  • Contract: Processing is necessary for the performance of a contract with you (e.g., providing our service).
  • Legitimate interests: We have a legitimate business interest in improving our service, provided this does not override your rights.

5. How We Use Your Information

To provide, maintain, and improve our customs duty calculation service.

To manage your account, process credit purchases, and send service-related communications.

To comply with legal obligations under Kenyan and international law.

To detect, prevent, and address fraud, abuse, or security incidents.

We do not sell your personal data to third parties.

6. Data Sharing and Disclosure

We may share your data with:

  • Service Providers: Cloud hosting, database, and analytics providers who process data on our behalf under strict contractual agreements.
  • Legal Authorities: When required by law, court order, or government request in compliance with Kenyan or international law.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to you.

7. Data Retention

We retain your account data for as long as your account is active. Calculation records are retained for 3 years after your last activity for legitimate business purposes, after which they are anonymised or deleted. Usage logs are retained for 12 months. You may request deletion of your data at any time (see Section 10).

8. Cookies and Tracking

We use essential cookies for authentication (JWT token) and session management. We do not use tracking cookies for advertising. You can control cookie settings through your browser. Disabling essential cookies may affect the functionality of the platform.

9. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

  • Encryption of passwords using bcrypt (12 rounds).
  • HTTP-only, secure cookies for authentication tokens.
  • HTTPS encryption in transit.
  • Database access controls and regular security reviews.

10. Your Rights

Under the Kenya Data Protection Act, 2019 and applicable international laws, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data (subject to legal retention obligations).
  • Right to Restrict Processing: Request that we limit how we use your data.
  • Right to Data Portability: Request a copy of your data in a machine-readable format.
  • Right to Object: Object to processing based on legitimate interests.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Right to Complain: Lodge a complaint with the Office of the Data Protection Commissioner (Kenya) or your local supervisory authority.

To exercise any of these rights, contact us at info@derricksonsystems.co.ke. We will respond within 30 days as required by the DPA.

11. International Data Transfers

Your data may be processed on servers located outside Kenya (e.g., cloud infrastructure providers). Where we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses or equivalent mechanisms recognised under the DPA and GDPR.

12. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect data from minors. If we become aware that a minor has provided us with personal data, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or a prominent notice on our platform. Continued use after changes take effect constitutes acceptance of the updated policy.

14. Contact

For any questions, concerns, or requests regarding this policy or your data, please contact:
Derrickson Systems Ltd
Nairobi, Kenya
Email: info@derricksonsystems.co.ke

← Back to IntradeIQ