Telecommunications Services Agreement (Kenya)
TELECOMMUNICATIONS SERVICES AGREEMENT
Kenya Information and Communications Act Cap. 411A | Data Protection Act No. 24 of 2019 | Law of Contract Act Cap. 23
THIS TELECOMMUNICATIONS SERVICES AGREEMENT is made on [Contract Date]
BETWEEN:
(1) [Provider Name] (CA Licence No: [CA Licence Number]), having its registered office at [Provider Address] (the "Service Provider"); and
(2) [Customer Name] (BRS Registration Number: [Customer BRS Number]), having its registered address at [Customer Address] (the "Customer").
The Service Provider and the Customer are individually referred to as a "Party" and collectively as the "Parties".
1. DEFINITIONS AND INTERPRETATION
1.1 "CA" means the Communications Authority of Kenya established under Section 3 of the Kenya Information and Communications Act Cap. 411A (KICA).
1.2 "Services" means the telecommunications services described in Clause 2 of this Agreement.
1.3 "MRC" means the monthly recurring charge payable by the Customer for the Services.
1.4 "Service Activation Date" means the date on which the Service Provider first makes the Services available at the Customer's Service Location(s).
1.5 "SLA" means the Service Level Agreement set out in Clause 3 of this Agreement.
1.6 "ODPC" means the Office of the Data Protection Commissioner established under the Data Protection Act No. 24 of 2019.
1.7 "NCIA" means the Nairobi Centre for International Arbitration established under the Nairobi Centre for International Arbitration Act No. 26 of 2013.
2. SERVICES
2.1 The Service Provider shall supply the following telecommunications services to the Customer: [Services Description].
2.2 Service category: [Service Type].
2.3 Services shall be delivered at the following location(s): [Service Locations].
2.4 The Service Provider represents and warrants that it holds a valid Communications Authority of Kenya (CA) licence (No. [CA Licence Number]) under the Kenya Information and Communications Act Cap. 411A, and that it will maintain the licence in good standing throughout the term of this Agreement.
2.5 The Services shall comply with the CA Quality of Service Regulations issued under Section 83B of KICA. The technical parameters set out in the Schedule to this Agreement are supplementary to, and not in substitution for, the CA's mandatory QoS benchmarks.
3. SERVICE LEVELS AND REMEDIES
3.1 Availability commitment: The Service Provider commits to a minimum service availability of [Uptime Commitment] per calendar month, measured at the Customer demarcation point. Availability is calculated as: (Total minutes in the month – Total outage minutes) / Total minutes in the month × 100%.
3.2 Mean time to restore: The Service Provider shall restore service within [MTTR] of a fault being reported to its Network Operations Centre (NOC).
3.3 Service credits: [Service Credits]. Service credits shall be the Customer's sole financial remedy for availability failures and shall be applied as a credit against the next monthly invoice. The aggregate service credits in any calendar month shall not exceed 25% of the MRC for that month.
3.4 The Customer's right to terminate for persistent service failure is set out in Clause 7.3.
3.5 The Service Provider shall submit quarterly QoS performance reports to the Customer covering availability, latency, packet loss, and complaint resolution statistics.
4. CHARGES, BILLING, AND PAYMENT
4.1 Monthly recurring charge (MRC): [Monthly Recurring Charge].
4.2 Non-recurring charge (NRC) for installation and activation: [Non-Recurring Charge], payable on the Service Activation Date.
4.3 Billing cycle: [Billing Cycle]. The Service Provider shall issue a tax invoice in the format prescribed by the Kenya Revenue Authority (KRA) for each billing period.
4.4 Payment terms: [Payment Terms]. VAT at 16% under the Value Added Tax Act No. 35 of 2013 shall be added to all charges where applicable.
4.5 Billing disputes: The Customer may dispute a charge by written notice to the Service Provider within 30 days of the invoice date, identifying the disputed amount and grounds. The Service Provider shall investigate and respond within 10 business days. Undisputed amounts remain payable pending resolution of the dispute. The CA Consumer Protection Regulations 2010 apply to billing dispute procedures.
4.6 Suspension for non-payment: The Service Provider may suspend the Services on 7 calendar days' written notice if the Customer fails to pay undisputed charges by the due date, and may terminate after 30 days of continued non-payment.
5. DATA PROTECTION AND CONFIDENTIALITY
5.1 The Service Provider, as a data controller or processor under the Data Protection Act No. 24 of 2019, shall process personal data of the Customer's employees and end-users only in accordance with the eight data protection principles under the Act and for the purpose of providing the Services.
5.2 The Service Provider shall implement appropriate technical and organisational security measures to protect personal data processed in connection with the Services, including encryption, access controls, and audit logging.
5.3 In the event of a personal data breach affecting the Customer's data, the Service Provider shall notify the Customer within 24 hours and the ODPC within 72 hours of discovery, in accordance with Section 43 of the Data Protection Act No. 24 of 2019.
5.4 Each Party shall keep the other Party's confidential business information — including pricing, network architecture, and customer data — strictly confidential and shall not disclose it to any third party without prior written consent.
5.5 The Service Provider shall comply with its lawful interception obligations under Section 31 of KICA and shall notify the Customer (to the extent permitted by law) if it receives a lawful interception order affecting the Customer's traffic.
6. CYBERSECURITY
6.1 The Service Provider shall implement and maintain cybersecurity controls for the Customer's dedicated network infrastructure in accordance with the Computer Misuse and Cybercrimes Act No. 5 of 2018 and the CA's cybersecurity guidelines.
6.2 The Service Provider shall report significant security incidents affecting the Customer's services or data to the Customer's designated security contact within 4 hours of detection, and to the National KE-CIRT/CC within the CA's prescribed timeline.
6.3 The Service Provider shall maintain a documented cybersecurity incident response plan and conduct penetration testing of the Customer's dedicated infrastructure at least annually, with results provided to the Customer on request.
7. TERM, RENEWAL, AND TERMINATION
7.1 This Agreement shall commence on the Service Activation Date and shall continue for an initial term of [Contract Term], unless terminated earlier in accordance with this Agreement. On expiry of the initial term, the Agreement shall automatically renew for successive 12-month periods unless either Party gives [Notice Period] written notice of non-renewal.
7.2 Early termination fee: If the Customer terminates this Agreement before the end of the minimum term without cause, the Customer shall pay the Service Provider an early termination fee of [Early Termination Fee]. The ETF reflects the Service Provider's unrecovered infrastructure investment and is not a penalty.
7.3 Termination for cause: Either Party may terminate this Agreement immediately by written notice if: (a) the other Party commits a material breach and fails to remedy it within 30 calendar days of written notice; (b) the Service Provider loses its CA licence; (c) the Service Provider fails to meet the minimum SLA for 3 consecutive months; or (d) the other Party enters insolvency proceedings under the Insolvency Act No. 18 of 2015.
7.4 Number portability: On termination, the Service Provider shall cooperate with the Customer's number portability requests in accordance with the Kenya Information and Communications (Consumer Protection) Regulations 2010, completing individual number porting within 5 working days and bulk enterprise porting within 15 working days of a valid porting request.
7.5 Exit and migration: On termination, the Service Provider shall provide reasonable assistance to the Customer to migrate services to a replacement provider for a minimum period of 30 calendar days after termination.
8. DISPUTE RESOLUTION AND GOVERNING LAW
8.1 The Parties shall first attempt to resolve any dispute through good-faith negotiation within 21 calendar days of a written dispute notice.
8.2 Unresolved disputes shall be referred to: [Dispute Resolution]. The CA regulatory dispute escalation path under Section 102 of KICA is available to the Customer for billing and service quality complaints before commencing formal proceedings. Any arbitration shall be conducted under the Arbitration Act No. 4 of 1995.
8.3 This Agreement shall be governed by and construed in accordance with the laws of Kenya.
IN WITNESS WHEREOF, the Parties have signed this Agreement on the date first written above.
Authorised Signatory (Service Provider)
________________
Signature
Authorised Signatory (Customer)
________________
Signature
Witness
________________
Signature
What Is a Telecommunications Services Agreement (Kenya)?
A Telecommunications Services Agreement in Kenya is a legally binding contract under the Kenya Information and Communications Act Cap. 411A (KICA) and the Law of Contract Act Cap. 23 through which a licensed telecommunications operator or service provider agrees to supply specified communications services — including voice, data, internet, managed network, or value-added services — to a customer or enterprise for an agreed service fee, subject to defined service levels, technical specifications, and regulatory compliance obligations.
The Kenya Information and Communications Act Cap. 411A establishes the Communications Authority of Kenya (CA), formerly the Communications Commission of Kenya (CCK), as the principal regulator of the telecommunications, postal, and broadcasting sectors in Kenya. The CA, operating under Section 5 of KICA, licenses telecommunications operators, approves terminal equipment, sets interconnection and access rules, enforces quality of service standards, and resolves disputes between operators and between operators and their customers. A licensed network operator or service provider operating under a Unified Licensing Framework (ULF) licence issued by the CA must confirm that its service agreements comply with the CA's consumer protection guidelines and service quality regulations.
The CA's Quality of Service Regulations issued under Section 83B of KICA establish minimum standards for voice call quality, data throughput, network availability, and customer complaint handling times. Enterprise Telecommunications Services Agreements frequently adopt these regulatory minimums as contractual service level commitments and supplement them with bespoke key performance indicators (KPIs) and financial penalties — service credits — for performance failures.
Data protection obligations under the Data Protection Act No. 24 of 2019 administered by the Office of the Data Protection Commissioner (ODPC) are central to modern Kenya Telecommunications Services Agreements. Operators that process personal data of subscribers — including call records, location data, subscriber identity, and browsing history — are data controllers or processors under the Data Protection Act and must comply with the principles of lawful processing, data minimisation, purpose limitation, and data subject rights. The agreement must include appropriate data processing provisions, particularly where the customer's employees' communications data is processed by the operator.
The Kenya Information and Communications (Consumer Protection) Regulations 2010 issued under KICA impose specific obligations on licensed operators in B2C contexts: transparent billing, itemised billing on request, right to dispute bills, complaint escalation procedures, and mandatory dispute resolution through the CA's consumer affairs department before recourse to court. These regulations apply to commercial consumers as well as individual consumers, though parties to a B2B Telecommunications Services Agreement may agree bespoke complaint and dispute resolution procedures.
The Cybersecurity framework applicable to Kenyan telecommunications operators includes the Computer Misuse and Cybercrimes Act No. 5 of 2018, which criminalises unauthorised access to computer systems and networks, and the National Kenya Computer Incident Response Team Coordination Centre (National KE-CIRT/CC) directives issued by the CA. An enterprise Telecommunications Services Agreement should address the operator's obligations regarding cyber incident notification, network security, and lawful interception compliance under Section 31 of KICA.
Interconnection and access to the public switched telephone network (PSTN) are governed by the Kenya Information and Communications (Interconnection and Provision of Access) Regulations 2010. Where the Telecommunications Services Agreement involves the resale of network capacity by one licensed operator to another, the agreement must comply with these regulations and the interconnection reference offer (IRO) approved by the CA for the network operator concerned.
When Do You Need a Telecommunications Services Agreement (Kenya)?
A Telecommunications Services Agreement in Kenya is required whenever a business or enterprise enters into a commercial relationship with a licensed telecommunications operator for the supply of communications services beyond the scope of standard consumer terms and conditions, particularly where bespoke service levels, dedicated infrastructure, or significant monthly expenditure is involved.
A Telecommunications Services Agreement is needed when a Kenyan company procures dedicated internet access (DIA), leased lines, MPLS connectivity, or fibre optic services from a licensed operator such as Safaricom, Airtel Kenya, Telkom Kenya, Liquid Intelligent Technologies, or Jamii Telecommunications Limited. Standard consumer contracts do not provide the service level guarantees, uptime commitments, or escalation procedures that enterprise customers require, and a bespoke agreement is essential.
A Telecommunications Services Agreement is required when a government ministry, department, or county government procures telecommunications services through the Public Procurement and Asset Disposal Act No. 33 of 2015. All government ICT procurement above prescribed thresholds must follow a public tender process supervised by the Public Procurement Regulatory Authority (PPRA), and the resulting agreement must comply with the standard Government of Kenya contract template requirements.
A Telecommunications Services Agreement is needed when a company operating multiple branches across Kenya's 47 counties requires a managed wide area network (WAN) service from a single licensed operator, with consolidated billing, centralised network management, and service credits applicable across all service locations. A bespoke enterprise agreement is the appropriate instrument to define these multi-site obligations.
A Telecommunications Services Agreement is required when a licensed virtual network operator (MVNO) or internet service provider (ISP) enters into a wholesale capacity agreement with a facilities-based network operator. The agreement must comply with the Kenya Information and Communications (Interconnection and Provision of Access) Regulations 2010 and the CA's wholesale reference offer requirements.
A Telecommunications Services Agreement is needed when a financial institution regulated by the Central Bank of Kenya (CBK) procures telecommunications services that will carry sensitive financial data, payment instructions, or mobile banking traffic. The CBK's Prudential Guidelines and the National Payment System Act No. 39 of 2011 impose security and availability standards on payment system infrastructure that must be reflected in the service agreement's technical annexes and security schedules.
What to Include in Your Telecommunications Services Agreement (Kenya)
A Kenya Telecommunications Services Agreement under the Kenya Information and Communications Act Cap. 411A must contain the following essential elements to be commercially effective and legally compliant.
Parties and Regulatory Status: Full legal names and addresses of the service provider and the customer; confirmation of the service provider's licence type, licence number, and licensing authority (Communications Authority of Kenya) under KICA; the customer's Business Registration Service (BRS) number and, where applicable, sector-specific licences (e.g., CBK licence number for financial institutions). The service provider's CA licence number should be quoted in the agreement to give the customer confidence in the provider's regulatory standing.
Service Description and Technical Specification: A precise description of each service to be provided — voice, data, internet, managed services, cloud connectivity, or value-added services — together with technical parameters: bandwidth, access technology (fibre, DSL, LTE, satellite), IP address allocation, routing policy, and interface specifications. Technical annexes or schedules should incorporate the CA's Quality of Service benchmark parameters under Section 83B of KICA.
Service Levels and Key Performance Indicators: Minimum service availability (uptime percentage, typically 99.5% or higher for enterprise services), latency, packet loss, jitter, and mean time to restore (MTTR) for fault resolution. Measurement methodology, reporting periods, and the mechanism for customers to report service degradation to the operator's network operations centre (NOC) must be defined.
Service Credits and Remedies: Financial penalties — service credits — payable to the customer when the service provider fails to meet agreed service levels, expressed as a percentage of the monthly recurring charge (MRC) for each percentage point of availability shortfall. The aggregate cap on service credits per billing period and the credit redemption mechanism (offset against invoice or cash payment) should be stated.
Fees, Billing, and Payment: Monthly recurring charges (MRC), non-recurring charges (NRC) for installation and equipment, usage-based charges where applicable, billing cycle, payment terms (typically 30 days from invoice date), and the method of payment (bank transfer, EFT, or M-Pesa for smaller amounts). The CA's Consumer Protection Regulations 2010 require itemised billing on request and a mandatory dispute period before disconnection for non-payment.
Data Protection and Confidentiality: The operator's obligations as a data processor under the Data Protection Act No. 24 of 2019 when processing subscriber personal data; technical and organisational security measures; breach notification timelines consistent with Section 43 of the Data Protection Act (72 hours to the ODPC); and restrictions on disclosure of customer data to third parties without consent.
Term, Termination, and Exit: Initial contract term (typically 12–36 months for enterprise services), automatic renewal provisions, notice periods for non-renewal (typically 90 days), early termination fees reflecting the operator's sunk infrastructure costs, and obligations on termination to migrate the customer's services to a replacement provider with minimum disruption — number portability obligations under the Kenya Information and Communications (Consumer Protection) Regulations 2010 apply.
Dispute Resolution: The CA's consumer dispute resolution process under Section 102 of KICA provides a regulatory escalation path for unresolved billing or service complaints before court proceedings. The agreement may additionally provide for mediation or arbitration before the Nairobi Centre for International Arbitration (NCIA) under the Arbitration Act No. 4 of 1995. The forms-legal.com Kenya Telecommunications Services Agreement template includes all mandatory compliance provisions required under KICA and the CA's licensing framework.
Additional compliance elements for a Telecommunications Services Agreement (Kenya) used in Kenya include: Under the Companies Act No. 17 of 2015, the Registrar of Companies at the Office of the Attorney General maintains the register of Kenyan companies. Section 3 of the Law of Contract Act (Cap. 23) governs contractual obligations. The Competition Authority of Kenya (CAK) enforces the Competition Act No. 12 of 2010. The Kenya Revenue Authority (KRA) administers corporate tax under the Income Tax Act (Cap. 470). The High Court of Kenya has unlimited original jurisdiction under Article 165 of the Constitution of Kenya 2010. Forms-legal.com provides this template as a starting point for Kenya-compliant documentation.
Cite this page
Reference this free template in an article, syllabus, or research note:
Forms Legal. (2026). Telecommunications Services Agreement (Kenya) (Kenya) [Legal document template]. Forms Legal. https://forms-legal.com/kenya/business/services/telecommunications-services-agreement-kenya
"Telecommunications Services Agreement (Kenya) (Kenya)." Forms Legal, 2026, https://forms-legal.com/kenya/business/services/telecommunications-services-agreement-kenya.
@misc{formslegal-telecommunications-services-agreement-kenya,
author = {{Forms Legal}},
title = {Telecommunications Services Agreement (Kenya) (Kenya)},
year = {2026},
howpublished = {\url{https://forms-legal.com/kenya/business/services/telecommunications-services-agreement-kenya}},
note = {Free legal document template}
}Also available for these jurisdictions:
Frequently Asked Questions
Telecommunications Services Agreements between licensed operators and their enterprise customers in Kenya do not require prior approval from the Communications Authority of Kenya (CA) for standard commercial arrangements. The CA's licensing regime under the Kenya Information and Communications Act Cap. 411A regulates the operators themselves rather than individual commercial contracts. However, certain categories of agreement are subject to CA oversight. Interconnection agreements between licensed network operators must comply with the Kenya Information and Communications (Interconnection and Provision of Access) Regulations 2010 and must be filed with the CA within 14 days of execution under those regulations. Wholesale capacity agreements between facilities-based operators and MVNOs or ISPs reselling network services may require CA notification. Any agreement that involves the sharing of licensed spectrum, the transfer of a licence, or a change of control of a licensed operator requires CA prior approval under KICA. Standard enterprise service agreements — such as this template — do not require CA approval but must be structured consistently with the operator's CA licence conditions and applicable service quality regulations.
The Communications Authority of Kenya (CA) issues Quality of Service (QoS) regulations under Section 83B of the Kenya Information and Communications Act Cap. 411A establishing minimum performance standards for licensed telecommunications operators. Key standards include: for mobile voice services, a call setup success rate of at least 97%, a call drop rate not exceeding 2%, and voice quality (MOS score) targets; for mobile data services, minimum average download and upload speeds on 3G and 4G networks; for fixed broadband internet access, minimum sustained throughput as a percentage of advertised speed; for customer service, complaint resolution within defined timeframes — typically 24 hours for network outages and 72 hours for billing complaints. Operators are required to submit quarterly QoS performance reports to the CA and to publish QoS data on their websites for transparency. The CA publishes comparative QoS reports, and operators failing to meet minimum standards face regulatory sanctions including financial penalties, licence suspension, or licence revocation. Enterprise customers should reference CA QoS benchmarks when drafting service level commitments in Telecommunications Services Agreements.
Telecommunications operators in Kenya that process personal data of subscribers are subject to the Data Protection Act No. 24 of 2019 administered by the Office of the Data Protection Commissioner (ODPC). Under the Act, a licensed operator is a data controller — or a data processor where processing is performed on behalf of an enterprise customer — and must comply with the eight data protection principles: lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; integrity and confidentiality; accountability; and data subject rights. Telecoms operators must be registered with the ODPC and must maintain a data protection policy and a record of processing activities. Call detail records (CDRs), location data, subscriber identity data (IMSI, IMEI), and internet browsing records are all personal data for the purposes of the Data Protection Act. The operator must notify the ODPC of a personal data breach within 72 hours under Section 43 of the Act. Where an enterprise Telecommunications Services Agreement involves the operator processing the enterprise customer's employees' data, the agreement should include a data processing addendum (DPA) assigning controller/processor roles, specifying processing purposes, and recording the technical and organisational security measures applied.
Mobile number portability (MNP) in Kenya is mandated by the Kenya Information and Communications (Consumer Protection) Regulations 2010 and is administered by the Communications Authority of Kenya (CA). MNP allows mobile subscribers to retain their telephone number when switching from one licensed operator to another. For enterprise Telecommunications Services Agreements, number portability is significant in two respects. First, the enterprise customer has a regulatory right to port its business telephone numbers to a new operator at the end of the agreement term, and the outgoing operator cannot contractually restrict or delay this right beyond the CA-mandated porting timelines. Second, the agreement should address the process for migrating number blocks, DDI ranges, and short codes on termination of the agreement. Fixed-line number portability, governed by the same consumer protection regulations, applies to fixed telephone numbers allocated to enterprise customers. Enterprise agreements should include a clear migration and exit provision requiring the outgoing operator to cooperate with porting requests, provide number information to the replacement operator, and complete the transition within the CA's regulatory timelines — typically 5 working days for individual number porting and 15 working days for bulk enterprise porting.
Early termination fees (ETFs) in Kenya Telecommunications Services Agreements reflect the operator's contractual right to recover infrastructure investment costs where an enterprise customer terminates the agreement before the end of the minimum contract term. There is no statutory cap on ETFs for B2B telecommunications agreements, though the Consumer Protection Act No. 46 of 2012 restricts penalty clauses in consumer contracts. Common ETF structures in Kenya enterprise telecoms agreements include: a flat early termination charge equal to a specified number of months' remaining MRC (typically 50–100% of charges for the unexpired term); a declining scale ETF that reduces as the contract progresses toward its end date; and a cost-recovery ETF based on the operator's actual unrecovered capital expenditure on dedicated infrastructure installed for the customer. The CA's Consumer Protection Regulations 2010 require that ETF structures be clearly disclosed in the customer's service agreement before signing. Enterprise customers should negotiate an ETF cap, a no-fault termination right triggered by repeated service level failures, and a change-of-control termination right exercisable without ETF liability. The ETF clause should be reviewed alongside the force majeure and material adverse change provisions to ensure alignment.
Yes. Business customers in Kenya have both contractual and regulatory rights to dispute telecommunications bills. Under the Kenya Information and Communications (Consumer Protection) Regulations 2010, a licensee must provide itemised billing on request and must have a documented internal dispute resolution procedure. A disputing customer should first raise the billing dispute in writing with the operator's customer service department within the dispute window specified in the service agreement — typically 30 to 60 days from invoice date. During a bona fide billing dispute, the operator is generally required to hold collection action in respect of the disputed amount pending resolution, while the customer pays the undisputed portion. If the internal dispute is not resolved satisfactorily, the customer may escalate to the Communications Authority of Kenya (CA) under Section 102 of KICA, which has authority to investigate billing complaints, order refunds, and impose penalties on operators for systematic billing errors. For amounts not resolved through the CA process, the customer may bring a claim before the High Court of Kenya under the Civil Procedure Act Cap. 21 or refer the dispute to arbitration under the Arbitration Act No. 4 of 1995 if the agreement so provides.
Cybersecurity obligations in a Kenya Telecommunications Services Agreement arise from multiple regulatory sources. The Computer Misuse and Cybercrimes Act No. 5 of 2018 establishes offences relating to unauthorised access to computer systems, interception of communications, and cyber fraud, and imposes obligations on service providers to implement technical controls to prevent their networks from being used to enable cybercrimes. The Communications Authority of Kenya (CA) issues cybersecurity guidelines and directives to licensed operators under KICA, including requirements to maintain a cybersecurity incident response plan and to report significant network security incidents to the National KE-CIRT/CC within prescribed timelines. Licensed operators are required under Section 31 of KICA to maintain lawful interception capabilities enabling authorised security agencies to intercept communications on production of a valid court order or other lawful authority. Enterprise Telecommunications Services Agreements should specify the operator's minimum cybersecurity standards for the customer's dedicated network infrastructure — including encryption standards, access control, penetration testing frequency, and security operations centre (SOC) monitoring — and should define the incident notification procedure, stating the timeframe within which the operator must notify the customer of a security incident affecting the customer's services or data. The Data Protection Act No. 24 of 2019 independently requires notification of personal data breaches within 72 hours.
This template is provided for informational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change over time. Consult a qualified attorney for advice specific to your situation.Full disclaimer
Found an error? Let us knowRelated Documents
You may also find these documents useful:
Cloud Services Agreement (Kenya)
A Kenya Cloud Services Agreement governing cloud computing services, compliant with the Data Protection Act No. 24 of 2019, the Computer Misuse and Cybercrimes Act No. 5 of 2018, and ODPC data processing requirements.
Outsourcing Agreement (Kenya)
A Kenya Outsourcing Agreement governing the provision of business process or IT services by a service provider to a client, compliant with the Law of Contract Act Cap. 23, the Data Protection Act No. 24 of 2019, and the Employment Act No. 11 of 2007.
Service Level Agreement (Kenya)
A Kenya Service Level Agreement (SLA) defining measurable performance standards, uptime commitments, and remedy mechanisms between a service provider and a client under the Law of Contract Act Cap. 23.
Data Processing Agreement (Kenya)
A Kenya Data Processing Agreement between a data controller and data processor, compliant with the Data Protection Act No. 24 of 2019 s.45 and the Data Protection (General) Regulations 2021.
Confidentiality Agreement (Kenya)
A Kenya Confidentiality Agreement (mutual or one-way) protecting trade secrets, business information, and personal data, compliant with the Law of Contract Act Cap. 23 and the Data Protection Act No. 24 of 2019.