Legal Information Hub

Terms of Service Summary

Our Terms of Service define the formal rules, operational regulations, and legal boundaries governing client relations, custom software deliveries, API tunnels, and corporate portal access. All engineering and consulting engagements are authorized through independent, binding Statements of Work (SOWs).

SLA Tiers & System Maintenance

We maintain strict Service Level Agreements (SLAs) to guarantee platform resilience and technical support response times based on incident severity levels:

• Severity 1 (Critical Outage): Complete system down or core operational blocks. We commit to a 2-hour response window and continuous engineering resolution.
• Severity 2 (High Degradation): Non-blocking operational bugs or partial portal failures. We commit to a 4-hour response window during standard business hours.
• Severity 3 (Routine Request): Custom configuration assistance, user additions, or general inquiries. We commit to a 24-hour response window.
• Planned Maintenance: System upgrades, security patching, and server routine checks are scheduled outside peak business hours, with notice posted at least seven calendar days prior.

Liability, NDAs & Mutual Protections

To establish safe, risk-managed commercial relations, our terms incorporate highly structured legal protections for both parties:

• Mutual Intellectual Property Protection: Distinguishes Company Pre-Existing Material from Client Deliverables, protecting corporate engineering frameworks.
• Confidentiality and NDAs: All information shared during our engagements is fully protected under strict non-disclosure terms that survive for five years.
• Billing-Linked Liability Cap: Outlines a strict liability cap equal to the exact fees paid by the client under the specific SOW in the six months immediately preceding the claim event.
• Statute of Limitations: Restricts all claims, actions, or disputes to a period of twelve calendar months following the occurrence of the underlying incident.

Dispute Resolution and Kenya Law

All contracts and relations are governed exclusively by the laws of the Republic of Kenya. Any commercial dispute follows a mandatory three-tier resolution track: (1) 30 days of formal corporate consultations, followed by (2) mediation referred under the rules of the Chartered Institute of Arbitrators (CIArb) Kenya Branch, and in default of settlement, (3) final, binding arbitration conducted in Nairobi, Kenya.

Read our Full Terms of Service →

Privacy Policy Summary

Our Privacy Policy governs the lawful, transparent processing of personal identifiers, device credentials, database records, and system telemetry. We collect only minimal essential data required to deploy software components, process secure billing, and optimize portal performance.

Regulatory Conformance & Data Rights

All data controllership operations conform strictly with the Kenya Data Protection Act, 2019, the General Data Protection Regulation (GDPR), and other global standards. As a data subject, you hold explicit statutory rights over your personal datasets:

• Right to Access: You may request full records of all personal or telemetry datasets currently processed in our staging or production databases.
• Right to Rectification: You hold the right to immediately request corrections to inaccurate, incomplete, or out-of-date personal identifiers.
• Right to Erasure (The Right to be Forgotten): You may request that all personal databases, accounts, and telemetry logs be permanently deleted from our servers.
• Right to Object: You can restrict or object to specific processing channels, automated decision-making runs, or system tracking features.

Google API Services & Scope Isolation

For custom apps and cloud environments integrating Google services, we maintain strict isolation protocols to safeguard user data:

• Strict Compliance: Our platform integrations fully comply with the Google API Services User Data Policy, including all Limited Use requirements.
• Isolation from Telemetry: All Gmail, Drive, or Maps scopes accessed via Google OAuth are kept strictly local to the user's browser or secure server session, and are never mixed with generic database telemetry.
• No Commercial Transfer: Under no circumstances do we transfer, sell, lease, or distribute Google API data to advertising channels, marketing databases, or secondary brokers.

Account & Telemetry Deletion Workflows

Users and administrators can trigger a complete database purge at any time. A formal account and telemetry deletion request is initiated by sending an email containing the registered username, client domain, and account details to [email protected]. Upon receipt, our engineering team executes complete database erasure and provides a certificate of deletion within five business days.

Read our Full Privacy Policy →

Data Protection & Compliance

Eelam Innovations Limited operates as a legally registered and fully certified Data Controller and Data Processor under the Office of the Data Protection Commissioner (ODPC) in the Republic of Kenya. We strictly enforce all statutory principles under Section 25 of the Kenya Data Protection Act, 2019.

Statutory Principles & Processing Laws

We guarantee that all personal and telemetry records are processed: (1) lawfully, fairly, and transparently; (2) strictly for specified, explicit, and legitimate purposes; (3) adequately, relevantly, and limited to what is necessary; and (4) kept in a form which permits identification of data subjects for no longer than is necessary.

Multi-Tiered Technical Security Stack

To safeguard all user accounts, payment tokens, spatial agricultural coordinates, and operational databases, our systems employ a high-fidelity security architecture:

• Encryption at Rest & in Transit: All records are secured using AES-256 database storage encryption and TLS 1.3 transit encryption tunnels, preventing unauthorized interception.
• Access Control & Vetting: Access to client workspaces, staging environments, and database shells is strictly restricted using multi-factor authentication (MFA) and keys held only by vetted, NDA-bound systems architects.
• continuous Penetration Testing: We conduct bi-annual automated and manual vulnerability assessments to locate and patch potential software or hardware configuration exploits.
• Hourly Multi-Region Backups: System databases are continuously backed up to isolated, encrypted AWS zones, ensuring disaster durability and instant recovery.

Data Localization and Cross-Border Transfers

In compliance with local regulatory guidelines, all sensitive and strategic datasets (including payment records, financial reports, and citizen-linked identifiers) are stored and processed on servers physically located within the boundaries of the Republic of Kenya. Any cross-border telemetry transfer complies strictly with the adequacy decisions and authorization procedures mandated by Section 48 of the Act.

Breach Management & Forensic Response

In the highly unlikely event of a confirmed security incident or database compromise, our legal and engineering desks trigger a structured Incident Response Protocol:

• Containment: Vetted engineers isolate affected network segments and update database access credentials within one hour.
• Forensic Assessment: A dedicated security auditor performs trace logs to analyze the depth and impact of the compromise.
• Statutory 72-Hour Notification: We commit to formally notifying the Office of the Data Protection Commissioner (ODPC) and all affected data subjects within seventy-two (72) hours of confirming the breach, detailing the exact categories of data compromised and our immediate remediation steps.

Intellectual Property & Confidentiality

Unless explicitly stated otherwise in a signed Statement of Work (SOW), all systems, content, algorithms, and source codes displayed or processed across our platforms are protected under the Copyright Act (Cap. 130 of the Laws of Kenya) and regional treaties.

Demarcation of Proprietary Frameworks

To preserve our competitive digital capabilities, we enforce a strict demarcation of ownership assets:

• Client Deliverables: The client retains all intellectual ownership over customized graphics, brand-specific styling parameters, unique business workflows, and raw database telemetry generated during our active engagements.
• Company Pre-Existing Material: Eelam Innovations Limited retains exclusive, perpetual ownership over all core software frameworks, pre-existing libraries, server topologies, database schemas, IoT firmware blocks, and engineering algorithms utilized to construct client solutions.

Mutual Confidentiality & NDA

Both parties pledge to maintain absolute confidentiality regarding all proprietary information, software architectures, financial details, and commercial strategies shared during the course of our engagements. This obligation: (1) excludes information that is already in the public domain or independently developed without access; and (2) remains in full force during all active terms and survives for exactly five (5) years following the termination of all SOWs.

Usage Licensing & Infringement Controls

• Non-Exclusive License: To the extent that Company Pre-Existing Material is embedded within a client deliverable, we grant the client a non-exclusive, non-transferable, royalty-free, perpetual license to use the material solely for internal business operations.
• Prohibitions: The client is strictly prohibited from reverse engineering, decompiling, redistributing, or sub-licensing any core Eelam codebases or proprietary systems.
• Injunctive Relief: Any unauthorized source modification or infringement of intellectual property will result in immediate termination of portal access and is subject to immediate injunctive relief and damage claims.

Third-Party APIs & Links

Our custom software platforms, IoT edge monitors, and websites integrate with third-party tools, cellular tunnels, and APIs, including but not limited to: Safaricom M-Pesa Daraja payment portals, cellular network providers, Amazon Web Services (AWS), Google Maps APIs, and open-source database libraries.

Boundary of Responsibility

The Client explicitly acknowledges that Eelam Innovations Limited holds no operational control over, and assumes zero legal liability for, outages, database syncing lags, price revisions, or privacy practices originating from these external providers. All integrations are delivered subject to the uptime and availability constraints of the third-party providers.

Third-Party Terms & Compliance Covenants

• Direct Covenants: The client is directly bound by the respective terms of service, developer guidelines, and privacy notices of all third-party providers integrated into their systems.
• Exemption from SLA: Any service degradation or complete system outage resulting from a verified failure of a third-party gateway, cellular network, or AWS cloud infrastructure is strictly exempt from Eelam's SLA response penalty parameters.
• Key Management: The client is solely responsible for procuring, updating, paying for, and securing all API keys and licensing tokens required to operate third-party integrations under their own organizational accounts.

General Legal Disclaimer

The technical documentation, system insights, and blog articles provided on this web platform are for general informational purposes only.

Service Standard ("As-Is" & "As-Available")

While we make reasonable efforts to maintain the accuracy and security of our systems:

• We do not represent or warrant that all platform systems will run completely error-free or uninterrupted.
• All staging environments, custom sandboxes, pre-release dashboards, and IoT telemetry portals are provided strictly on an "as-is" and "as-available" basis, without any warranties of any kind.
• Use of our digital systems, custom applications, and website links is executed at the Client's own operational risk.

No Professional or Advisory Services

No material, dashboard log, chart visualization, or telemetry report generated by our software solutions or posted on this platform should be interpreted as financial, agricultural, legal, or investment advice. The client is solely responsible for verifying the accuracy of all technical metrics before relying on them for core business decisions.

Updates & Amendments

We reserve the right to periodically adjust, update, modify, or deprecate any portion of our legal notices, website terms, privacy standards, SLA parameters, or service pricing to reflect technical advancements, operational security upgrades, or legislative updates in the Republic of Kenya.

Revision Framework & Notification Metrics

To keep our users and enterprise clients fully informed of any change in their rights or duties, we implement a structured communication model:

• Minor Updates: Any adjustment addressing typographical corrections, layout improvements, styling updates, or non-material clarifications will be posted directly to this Legal Hub without prior notice.
• Major Material Revisions: Any amendment fundamentally altering client liabilities, data controllership rights, data subject erasure timelines, security reporting, SLA response windows, or payment models will be communicated to all active enterprise clients via their registered administrative emails and client portal dashboards at least thirty (30) calendar days before they become effective.

Implied Acceptance

By continuing to access our public platforms, custom dashboard sandboxes, cloud APIs, network portals, or hardware integrations following the official effective date of any revised legal terms, the client formally and legally consents to be bound by the updated agreements. If the client objects to any revised parameters, they must cease all platform usage and submit a formal account termination request before the 30-day window expires.

Contact our Legal Desk

For questions, statutory data privacy audits, compliance reviews, or to serve formal legal notices under our Terms, contact our dedicated Legal Compliance Desk. All formal notices must be submitted in writing and delivered via registered postal mail or verified email.

Written Notice Requirements

Any written notice or communication served to Eelam Innovations Limited must include: (1) the full legal name and registration details of the sender; (2) a detailed statement of the inquiry or dispute; and (3) an authorized signature or verified electronic seal.

Authorized Contact Channels

Legal Response SLA

Our Legal Compliance Desk commits to acknowledging receipt of all formal inquiries, statutory audits, and breach reports within two (2) business days of receipt. A comprehensive, formal written resolution or statutory response will be delivered within ten (10) business days following acknowledgement.