This Privacy Policy Applies.

To The Services Offered By Nicmac Crest.

Nicmac Crest (“Nicmac”) consists of the following entities: Nicmac Crest Limited or Nicmac Crest.

Nicmac Crest is committed to safeguarding personal privacy. We are committed to complying with the Kenya’s Data Protection Act (KDPA) which guides organizations’ on how to deal with personal information. The KDPAs are found in amendments to the Privacy Act, effective 25 November 2019. An Act of Parliament to give effect to Article 31(c) and (d) of the Constitution; to establish the Office of the Data Protection Commissioner; to make provision for the regulation of the processing of personal data; to provide for the rights of data subjects and obligations of data controllers and processors; and for connected purposes

This Privacy Policy outlines how Nicmac Crest collects, uses, discloses and manages your personal information. This Policy can be downloaded via the link at the bottom of this page.

You are not compelled to identify yourself to Nicmac Crest. In these instances, we can provide you with general information on Nicmac Crest and its services. There are occasions where, by law or where it is impractical not to do so, you will be required to identify yourself. Examples are applying for or making a change to an investment, requesting personal information or lodging a complaint.

The Information We Collect.

Collecting your personal information is limited to what is reasonably necessary to carry out the functions and activities of Nicmac Crest. The relationship you have with Nicmac Crest determines the type of personal information collected and may include:

  • Name
  • Title
  • Contact details
  • Date of birth
  • Signature
  • Details on entities through which you invest
  • Bank account details
  • Taxation Identification Number

Nicmac Crest will not collect or monitor any personal information without your consent.

How We Collect Your Personal Information.

In most cases, and wherever possible, Nicmac Crest will only collect personal information provided by you. Information is collected through:

  • Our online enquiry forms
  • Our investor application forms
  • Directly from you, either in writing or verbally

Where unsolicited personal information is received by Nicmac Crest, we will ascertain whether this information could have reasonably been obtained in the normal course of events. If it is established that Nicmac Crest could not ordinarily have collected this information and it is reasonable and lawful to do so, Nicmac Crest will destroy this information.

How We Protect Your Personal Information.

Electronically obtained personal information, such as through Investor Application Forms, are saved directly to Nicmac Crest’ encrypted online server. This information is backed up.

Personal information obtained in hard copy format is scanned and saved to the Nicmac Crest’s server with the hard copy filed in secure onsite storage cabinets.

Electronic server access and physical access is restricted to employees who need to access personal information, for example when administering an investment.

How We Use Your Personal Information.

Nicmac Crest collects personal information about you primarily:

  • To contact you regarding the products and services you request
  • To provide you with the information you request
  • To satisfy ‘Know Your Client’ obligations under the Anti Money Laundering or Counter Terrorism Funding Act before transactions are processed
  • To administer your investment
  • To respond to your complaints
  • To provide you with a targeted advertising campaign in your selected area of interest
  • To send out Nicmac Crest’s newsletters

How We Secure Your Personal Information.

Nicmac Crest is committed to protecting your personal information from misuse, unauthorized access or unauthorized disclosure.

  • Employees of the Nicmac Crest are bound by confidentiality obligations
  • Our information technology systems are password, firewall and virus protected to ensure the integrity of our systems that hold your information
  • All areas that hold physical copies of your information are protected by electronic access cards or lock-and-key, have key locked cabinets and are limited to specific staff
  • Service providers who hold your personal information are contractually required to hold information in accordance with the Privacy Act and Nicmac Crest obtains periodic confirmation of adequate information security management

How We Share Your Personal Information.

Personal information held by Nicmac Crest may be shared with third parties in the normal course of conducting our business.

Nicmac Crest is committed to safeguarding your information. When sharing personal information, we take reasonable steps to protect the privacy of information disclosed. This is achieved by requiring the recipient to comply with the Privacy Act in our contractual arrangements.

Disclosure To Entities In Other Countries.

Nicmac Crest uses third party companies when performing bulk mail marketing activities. As a result, personal information (name and email address) collected by Nicmac Crest is provided to them. These companies use servicers in Kenya and other parts of the world.

The personal information we provide is owned by Nicmac Crest and will not be used for any other purpose except Nicmac Crest marketing.

Anti-Money Laundering & Counter-Terrorism Legislation.

The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) is aimed at addressing money laundering in Kenya and the threat to national security caused by terrorism. This legislation requires Nicmac Crest to collect identification information from investors into our investment products. We are also required to verify your identity from original or certified copies or perform electronic verification.

The legislation requires us to monitor transactions to identify any suspicious activity within any of our investments.

To maintain compliance under the AML/CTF Act, Nicmac Crest may, in our absolute discretion, without notice to you, disclose or otherwise report details of any activity, or proposed activity (including any personal information) to the relevant reporting body.

Data Breach Notification.

Guided by the Notifiable Data Breaches Scheme, Nicmac Crest will promptly notify you if we become aware of or have reasonable grounds to believe that your Personal Information held by us has been lost or subjected to unauthorized access or disclosure which is likely to result in serious harm.

Nicmac Crest will notify you within 30 days from when the determination has been made that the breach may cause serious harm. Nicmac Crest will also notify the Kenyan information Commissioner of the data breach.

Our assessment and escalation of data breaches will follow Nicmac Crest’s Data Breach Response Plan.

Your Rights Of Access & Updating.

You have the right to access your personal information, and may request this information to be corrected or updated.

If you wish to make a request to review your personal information, please contact Nicmac Crest using the contact details provided.

Complaints & Queries.

Should you have a need to complain about a possible breach of privacy, or how Nicmac Crest has administered your personal information, please contact us via the details below.

Should you wish to contact Nicmac Crest to assist you with any enquiries, please use any of the following options:

Telephone: +254 746 777 222  || +254 727 595 470 || +254 792 464 299

Email: info@nicmaccrest.com

Address: Gamaliel House · 1st Floor · QQWH+2JH · Ruaka · Kiambu County