Casa Vera Lounge, a restaurant and bar located along Ngong Road has been fined KSh 1.85M.
The Office of Data Protection Commissioner in a statement indicated that Casa Vera posted a reveler’s picture without consent.
“The Second Data Controller that has been fined today is Casa Vera Lounge, a restaurant based along Ngong Road in Nairobi,” read the press release by Data Protection Commissioner in part.
“Casa Vera was fined KES 1,850,000 for posting a reveler’s image on their social media platform without the Data Subject’s consent.”
“The penalty seeks to ensure that other lounges , clubs etc seek consent from their customers prior to posting their images online.”
Roma School to pay KSh 4.5M
Roma School, Uthiru is among the establishments fined for using a minor’s image without consent from their parents.
They are set to part with KSh 4.5M. “Roma School, an Educational Institution based in Uthiru has been fined KES 4,555,000 for posting minor’s pictures without parental consent.”
“This being the first and the highest penalty to an educational facility sends a message to schools and other facilities handling minors’ personal data to obtain consent from parents/guardians prior to processing minors’ data.”
Mula Pride to pay KSh 2.9M
Mula Pride Ltd will also part with a fine of KSh 2,975,000. “Mulla Pride Ltd, a Digital Credit Provider (DCP), which operates KeCredit and Faircash mobile lending Apps…”
“…was the first Data Controller that received a penalty of KES 2,975,000.”
“The DCP was found culpable of using names and contact information of the complainants which were obtained from third parties and subsequently used to send threatening messages and phone calls.”
Naivas Supermarket …
The Office of the Data Protection Commissioner has indicated that results of a compliance audit and Naivas Supermarkets are yet to be released.
“The office has also conducted a compliance audit on Whitepath (a digital credit provider) and an inspection on Naivas Supermarkets on recent Data Breach.”
“The findings will be shared with the Data Controllers for their swift action.”
The Office will be embarking on conducting forty (40) Compliance Audits to various Data Controllers and Processors in various sectors this financial year,” concluded the Data Protection Commissioner.
