Our Privacy Policy

Website Privacy Notice

"Aims to inform you about how we collect, use, disclose and store personal data in our role as a controller"

What are the personal data you collect from me?

From Websites or Events:  We may collect Personal data that you choose to send to us or provide to us, for example, on our “Request a free consultation” (or similar) online form, or if you register for any Events. If you contact us through the Websites, we will keep a record of our correspondence.

From the Services:   We receive and store the Personal data you provide directly to us. For example, when setting up new users, we collect Personal data, such as name, e-mail address, postal address, phone number, job title, etc. We may collect and store media, documents (e.g. CV), or other information you provide to us. We collect commercial information, such as records of the purchased Services or information related to requests for demos.

DataWorks Analytics will typically act as a data controller in accordance with applicable products and services rendered to you. Further information, including specific obligations of the data controller and processor, can be found in the Agreements.

When you use the Websites:

When you visit our Websites, we collect Internet or other electronic network activity information through the use of cookies and other trackers. Depending on your tracking preferences, the information we collect may include but is not limited to your device’s Internet Protocol (“IP’) address, referring website, what pages your device visited, and the time that your device visited our Website. We may also rely on analytics and tools used to prevent spam and other security risks related to the use of abusive automated software. You can choose your preferences with regards to the cookies and other trackers by accessing the preference centre on our Websites.

When you use the Services:

Internet or other electronic network activity information may also be collected when you use the Services:

  • Usage information – we keep track of user activity in relation to the types of Services our customers and their users use, the configuration of their computers, and performance metrics related to their use of the Services.
  • Log information – we log information about our customers and their users when they use one of our Services, including their IP addresses.
  • Information collected by cookies and other similar technologies – we use various technologies to collect information, including saving cookies to users’ computers.
  • Customer feedback – While using the Services, you may be asked to provide feedback (e.g., in the software directly or after receiving help from our support team). Providing this feedback is entirely optional.

If your Personal data has been collected as (i) you interacted or used our Website, (ii) you registered to our community via an online form and/or attended our Events e.g., webinars, and/or (iii) part of the Services, your Personal data, as stored in our CRM service provider, may be enriched or updated to ensure it is accurate and up to date, and achieves the purpose for which it was originally collected. Please note that the information used to enrich and update your Personal data, as obtained from the use of third parties’ data sets, does not constitute Personal data, but merely amounts to data elements related to your organization’s name, structure, industry, and similar attributes.

Please note that we may also obtain non-personal data related to your organization’s name, structure, industry, and similar attributes through the use of third parties’ data sets, for the purpose of enriching or updating your Personal data we already hold.

How and on what basis do you use my personal data?
Personal data we collect directly from you on our Websites, or Events:

We will use the Personal data we collect through our Websites:

  • To administer our Websites, our Events, and for internal operations, including data analysis, testing, statistical and survey purposes.
  • To improve our Websites to ensure that content is presented most effectively for you and your device.
  • For trend monitoring, marketing, and advertising.
  • For purposes made clear to you at the time you submit your Personal data, for example, to fulfil your request for a demo, to provide you with access to one of our webinars or whitepapers, or to provide you with information you have requested about our Services.
  • As part of our efforts to keep our Websites secure.

Our use of your Personal data may be based on our legitimate interests to ensure network, information security, and business performance improvement. Our direct marketing purposes are based on your consent (for example when you request a free consultation, contact us directly, provide us your business card, agree to receive communications after an Event, and similar circumstances). We may also rely on our legitimate interests to improve business and marketing practices or contact you to offer similar Services or products that you may have bought from us, requested a demo, or negotiated with us.

Personal data we collect directly from you as part of the administration of our Services:

We may use the Personal data we collect from our customers and their users in connection with the Services we provide for a range of reasons, including to:

  • Set up a user account.
  • Provide, operate and maintain the Services.
  • Process and complete transactions, and send related information, including transaction confirmations and invoices.
  • Manage our customers’ use of the Services, respond to inquiries and comments, and provide customer service and support.
  • Send customers technical alerts, updates, security notifications, and administrative communications.
  • Investigate and prevent fraudulent activities, unauthorized access to the Services, and other illegal activities.
  • For any other purposes about which we notify customers and users.

We use your Personal data in this context based on the Agreement that we have in place with you or our legitimate interests, typically, either for security purposes or business practice improvement (e.g., the prevention and investigation of fraudulent activities).

Provision of Personal data in these instances may be necessary to enable our proper execution of the Agreement. Failure to provide Personal data may cause some services to become unavailable. Personal data will be deleted based on the terms of the Agreement that we have in place with you.

How do you share and disclose my Personal data to third parties?

We share your personal data within Dataworks Analytics & Consulting Services Limited in order to provide you with the best service. In addition we share your data with some of our suppliers:

  • Suppliers who provide us with IT, payment and delivery services
  • Our banking and financial-services partners and payments networks,
  • Customer-service providers, survey providers and developers
  • Communications services providers

We may share your personal data with our partners in order to provide you with certain services you may ask for.

Will my information go outside Rwanda?

As we provide an international service, we may need to transfer your personal data outside of Rwanda in order for you to have the best services from us.

For example, if you register for an online course, the platform used to provide the service may be hosted within the European Union or the United Kingdom and these countries have been identified as having adequate data protection provision.

We will take all reasonable steps to make sure that your personal data is handled securely and in line with this privacy notice and data-protection laws.

If you would like more information, please contact us by sending an email to dpo@dataworks.rw.

We may share your personal data with our partners in order to provide you with certain products and/or services you may ask for.

For how long do you store my Personal data?

We store your Personal data for different time periods depending on the category of Personal data. Some information may be deleted automatically based on specific schedules, such as marketing information. Other information e.g. account information, may be retained for a longer period of time based on the Agreement you have with us. Finally, we may further retain information for business practices based on our legitimate interests or legal purposes, such as network improvement, fraud prevention, record-keeping, or enforcing our legal rights.

What are my Privacy Rights?

You have the right to be told about how we use your personal data.​

You can ask to see the personal data we hold about you

If you make a subject access request (SAR), we will provide a copy of the personal data we hold about you. We can’t give you any information about other people,

You can ask us to correct your personal data if you think it’s wrong.

You can have incomplete or inaccurate information corrected. Before we update your file, we may need to check the accuracy of the new information you have provided.

You can ask us to delete your personal data

You can ask us to delete your personal data if:

  • the personal data are no longer necessary in relation to the purposes for which we collected or used it;
  • you gave us consent (permission) to use the information and you have now withdrawn that consent;
  • you have objected to us using the information;
  • we have used the information unlawfully; or

You can object to us processing your personal data

However, if there is an overriding reason why we need to use the information (for example, legal reasons), we will not accept your request.

If you object to us using information which we need in order to provide our services, we may need to close your account as we won’t be able to provide the services.

You can ask us to restrict how we use your personal data

You can ask us to suspend using your personal data if:

  • you want us to investigate whether it is accurate;
  • our use of the information is unlawful and you want us to delete it;
  • you have objected to us using your information (see above), but we need to check whether we have an overriding reason to use it.

You can ask us to transfer personal data to you.

If we can, and are allowed to do so under regulatory requirements, we will provide your personal data in a structured, commonly used, machine-readable format.

You can withdraw your permission.

If you have given us any consent we need to use your personal data, you can withdraw your consent sending an email to dpo@dataworks.rw

How can I exercise my Privacy rights?

If you would like to access, review, update, rectify, and delete any Personal data we hold about you, or exercise any other data subject right available to you under the Law relating to the protection of personal data and privacy in Rwanda, you can contact us through the website or send us an email at dpo@dataworks.rw. Our privacy team will examine your request and respond to you as quickly as possible. Please note that we may still use any aggregated and de-identified Personal data that does not identify any individual and may also retain and use your Personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our Agreements.

We remind you that you have a right to lodge a complaint with a supervisory authority should you feel unsatisfied with our treatment of your Personal data.

How do you protect my personal data?

We store your information on secure servers.

Any payment transactions carried out by us or our payment-processing providers will be encrypted using Secured Sockets Layer technology or a secure virtual private network.

If you use a password for our website, you will need to keep this password confidential. Please do not share it with anyone.

Unfortunately, providing information online is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee that all information you provide will be secure. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

When you use our services, which include social networking, chat room or forum features, do not share any personal data that you don’t want to be seen, collected or used by other users, as this information will become publicly available.

How do you handle my child’s personal data?

In a situation where a child (under the age of sixteen (16)) registers for one of our events like webinar/training, we will obtain the consent of a holder of parental responsibility over the child in accordance with relevant Laws.


Subject to the provisions of other Laws, we will ensure that the consent we obtain on behalf of the child is in the interest of the child.

However, the consent is not required to process the child’s personal data if it is necessary for protecting the vital interest of the child.

Who should I contact if I have any question about this Privacy Policy?

We will treat your complaints about your privacy and our collection or use of your personal data accordingly and resolve them in a timely manner.

If you have any inquiry about this privacy notice, please first contact dpo@dataworks.rw

We will first investigate and then make an attempt to resolve any issue with the use and disclosure of personal data within a stipulated time frame.

You can contact us using the following details:


Contact details of Dataworks Analytics, Rwanda:

Office Address

Mobile Number





Contact details of the Data Protection Officer:

Office Address

Mobile Number