Log In
Join for free

Kennedy Omondi Ochieng Vs Fingrow Capital Limited

ODPC COMPLAINT NO. 1966 OF 2024
ODPC COMPLAINT NO. 1966 OF 2024

1. Introduction

This case involves allegations of unlawful disclosure of confidential financial personal data by Fingrow Capital Limited to third parties without consent.

Table of Contents

2. Nature of Complaint

The Complainant alleged that the Respondent unlawfully disclosed his confidential financial data including payslips, bank statements, ID details, and guarantor information to third parties via email without authorization.

3. Analysis of Evidence

Complainant’s Position
  • Had credit facility with Respondent
  • Respondent’s General Manager emailed sensitive financial data to ABC Bank’s general customer service address
  • Data included 3 months of payslips, 6 months of bank statements, promotion letter, ID card, and guarantor details
  • Information was accessible to unauthorized bank staff
  • Provided email evidence showing unauthorized disclosure
Respondent’s Defense

The Respondent failed to respond to the ODPC’s notification of complaint or provide any defense against the allegations.

4. Issues for Determination

  1. Whether the Complainant’s personal data was lawfully processed
  2. Whether the Complainant is entitled to any remedies under the Act

5. Final Determination

  1. The Respondent was found liable for unlawful processing of sensitive financial data
  2. The Respondent was ordered to pay compensation of KES 200,000 to the Complainant
  3. Parties retain right to appeal within 30 days

6. Significance and Impact

Financial Data Protection
  • Reinforces strict protections for sensitive financial information
  • Prohibits sharing of financial data without explicit consent
Third-Party Disclosures
  • Clarifies that sharing data with general email addresses constitutes unauthorized disclosure
  • Establishes liability for improper data sharing practices
Credit Sector Compliance
  • Sets precedent for financial institutions handling customer data
  • Highlights need for secure data sharing protocols

Broader Impact: This ruling strengthens protections for financial personal data and establishes clear consequences for unauthorized disclosures in Kenya’s financial sector.

For full determination, click 🗃️

Tags:
I O

I O

Ian Olwana supports African organisations in turning data protection laws into practical, sustainable governance practices.

http://datagovernance.africa

Leave a Reply

Your email address will not be published. Required fields are marked *