Your Privacy is Our Duty
We built Zimasa to make health measurable, understandable, and actionable—while protecting your privacy at every step.
Security
Enterprise-grade security measures protect your health data with encryption, regular audits, and compliance with international standards.
Learn about our securityPrivacy
You control your health data. Transparent practices ensure you always know what we collect, why, and how you can manage it.
Read our privacy policyTerms of Service
Clear, straightforward terms explain your rights, our responsibilities, and how we work together to improve your health.
View terms of serviceHow We Keep Your Data Safe
By working with key partners and regulators, we ensure your data is protected by the highest security standards.
Security by Design
Security is built into Zimasa from the ground up—not added as an afterthought. Every feature is designed with privacy and protection as core principles.
Encrypted Storage
We separate user details from health information and store each type of data separately in encrypted servers with strict access controls.
Regular Testing
We regularly test our security systems and conduct internal and external audits to identify and fix vulnerabilities before they become issues.
Compliance Team
Our dedicated Compliance Department ensures every employee fulfills their security responsibilities and follows best practices.
Compliant to the Highest Standards
Kenya DPA 2019
Data Protection Act Compliant
ISO 27001
Information Security Standard
SOC 2 Type II
Security & Privacy Audited
You Are in Control
Your health data belongs to you. We give you complete control over what to save, share, or delete.
What We Collect
Account Information
Name, contact details, program eligibility from your employer or payer.
Health Data You Choose to Share
Screening results, activity categories, participation streaks—only what you authorize.
Usage & Technical Information
Device info, app usage patterns, for security and performance optimization.
Why We Collect It
Provide Services
Create your account, display benefits, and book healthcare providers.
Personalize Experience
Smart nudges, reminders, and suggested next steps tailored to you.
Measure Results
Aggregate analytics on activation, redemption, and health outcomes.
Security & Compliance
Keep the platform secure and comply with legal requirements.
Your Rights Under Kenya DPA 2019
Access
View all data we hold about you
Correct
Update inaccurate information
Delete
Request data removal
Object
Opt-out of certain processing
Port
Transfer data to another service
Restrict
Limit how we use your data
Clear & Fair Terms
Our terms are designed to be transparent about your rights, our responsibilities, and how we work together.
Service Agreement
Understand how you can use Zimasa, what we provide, and the responsibilities we share.
Read full termsUser Responsibilities
Guidelines for using Zimasa responsibly, protecting your account, and maintaining accurate information.
Learn your roleDisclaimers & Limitations
Important information about service limitations, warranties, and liability boundaries.
Read disclaimersUpdates & Changes
How and when we update our terms, and how we'll notify you of significant changes.
See update policyWant to Know More?
Our Data Protection Officer is here to answer your questions and help you exercise your rights.
Address
Turnkey House, No. 14 Chalbi Drive
Lavington, Nairobi, Kenya
Office of the Data Protection Commissioner (ODPC):
If you're not satisfied with our response, you can contact the ODPC directly at
www.odpc.go.ke