1. Introduction
This Privacy Policy explains how SKYGRID KENYA LIMITED (trading as Rise to Lead, operating the website upliftsense.com) collects, uses, discloses, and protects your personal data when you interact with our coaching services, programs, and digital platforms. We are registered in Kenya (Nairobi) and comply with the Kenya Data Protection Act (DPA) 2019, the EU General Data Protection Regulation (GDPR), and the California Consumer Privacy Act (CCPA) where applicable.
We are deeply committed to safeguarding your privacy. We never sell, rent, or share your personal data in ways not described here. Every data point we collect is tied to a specific, consented purpose related to delivering our transformational coaching services.
2. Personal Data We Collect
We collect only the minimum personal data necessary to deliver our services effectively. At every collection point, we request your explicit consent.
2.1 Information You Provide Directly
- Identity & Contact: Full name, email address, WhatsApp phone number (optional), and any additional details you voluntarily share during coaching sessions or registration forms.
- Lead Magnet & Masterclass Registration: When you download a free resource or register for a webinar, we collect name and email. You may also opt to share your WhatsApp number for direct updates.
- Payment Information: All payments are processed by PayHero. We never see or store your full credit card, M‑Pesa PIN, or banking credentials. We receive only a transaction confirmation and the contact details you provide at checkout (name, email, phone number).
- Testimonials & Recordings: With your separate, explicit consent, we may record coaching sessions (audio/video) and collect written or video testimonials for promotional use. You may withdraw consent at any time without affecting service delivery.
- WhatsApp Group Participation: When you join our private cohort community, your WhatsApp profile name and number become visible to group admins (Coach Charles M and designated assistants).
2.2 Information Collected Automatically
We do not currently use cookies or advanced analytics. However, our website hosting and future tools may collect:
- Technical Data: IP address, browser type, device information, pages visited (via standard server logs). This is anonymized and used only for security and performance monitoring.
- Email Engagement: When we send emails through our marketing platform, we may track opens and link clicks to gauge the relevance of our content. You can disable this by turning off automatic image loading in your email client.
2.3 Social Media & Advertising
We may in the future use Facebook Pixel, Google Analytics, or similar tools. If that happens, we will update this policy and seek your consent where required. Currently, no such tracking is active on our site.
3. How We Use Your Data
We process personal data solely for the following business purposes, always anchored on a lawful basis:
- To deliver our services: Sending you the lead magnet PDF, masterclass login details, program materials, and bonuses.
- To communicate with you: Responding to inquiries, providing customer support, and sending administrative updates (e.g., changes to schedule, policy updates).
- To process payments: Sharing necessary details with PayHero to complete transactions.
- To improve our coaching: Analyzing aggregate engagement trends (e.g., email open rates) to make our content more impactful.
- To market future programs: Only with your explicit consent, we may send information about upcoming intensives or VIP packages. You can opt out of marketing emails at any time via the unsubscribe link.
- To comply with the law: Retaining transaction records for tax and regulatory obligations.
4. Legal Basis for Processing
Our processing is grounded on one or more of the following legal bases:
- Consent: You have given clear, affirmative consent for us to process your data for a specific purpose (e.g., downloading a roadmap, joining a WhatsApp group, receiving marketing emails).
- Contractual Necessity: Processing is necessary to fulfill a contract with you (e.g., delivering a paid program you enrolled in).
- Legitimate Interest: We may process data to improve our services, prevent fraud, or secure our platforms, provided your rights and freedoms do not override those interests. You can object to processing based on legitimate interest by contacting us.
- Legal Obligation: We retain payment records to comply with Kenyan tax and company laws.
For any processing based on consent, you have the right to withdraw consent at any time by emailing us. Withdrawal does not affect the lawfulness of processing that occurred prior to withdrawal.
5. How We Share Your Data
We do not sell personal data. We share information only with trusted third‑party service providers who assist us in operating our business, and only as necessary. All providers are contractually bound to protect your data and comply with applicable privacy laws.
5.1 Third‑Party Tools & Their Roles
- PayHero – Payment processing (receives name, email, phone number; we rely on their PCI‑DSS compliance).
- Brevo (Sendinblue) – Email marketing platform (stores your name, email, and engagement data on our behalf).
- Zapier – Automation middleware that connects our apps (passes data between Brevo, PayHero, and other tools).
- Zoom – Video conferencing (name, email for webinar registration; recordings stored with consent).
- Google Drive / YouTube (unlisted) – Secure storage of program materials, video walkthroughs, and testimonials (accessed only by authorized personnel).
- Canva – Used to design lead magnets and visual assets (no personal data stored in Canva).
- WATI / ManyChat (optional) – WhatsApp messaging platform used with your consent.
We have Data Processing Agreements (DPAs) or rely on each provider’s standard terms that incorporate adequate safeguards (e.g., Standard Contractual Clauses for EU‑US transfers).
5.2 Legal Disclosures
We may disclose your data if required by law, court order, or governmental regulation, or to protect the rights, property, or safety of SKYGRID KENYA LIMITED, our clients, or others.
6. International Data Transfers
Your personal data may be transferred to and processed in countries outside Kenya, including the United States and the European Union, where our third‑party servers are located. We ensure such transfers are safeguarded by:
- Standard Contractual Clauses (SCCs) adopted by the European Commission, which our providers incorporate into their terms.
- Adequacy decisions where applicable (e.g., Kenya’s DPA recognizes certain jurisdictions as providing adequate protection).
- Contractual obligations that impose equivalent data protection standards.
By using our services, you acknowledge that your data may be transferred internationally under these safeguards.
7. Data Retention
- Email subscribers (non‑buyers): If you haven’t opened or engaged with our emails for 12 consecutive months, we will automatically delete or anonymize your data from our active marketing list.
- Paid clients: We retain purchase records and related communications for 7 years to comply with Kenyan tax and company legislation.
- WhatsApp group members: After a cohort ends, we may archive the group. Your phone number will remain visible only to admins until the group is deleted (typically within 90 days post‑program).
- Testimonials & recordings: Kept indefinitely unless you request deletion. You can revoke consent at any time, and we will remove public-facing content within 30 days.
When the retention period expires, we securely delete or irreversibly anonymize your data so it can no longer be linked to you.
8. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include:
- SSL/TLS encryption for all data transmitted via our website.
- Strong, unique passwords and two‑factor authentication on all administrative accounts.
- Regular review of third‑party security postures.
- Limited access: only Coach Charles M and vetted executive assistants who need data for business communication have access to personal information. All access is logged and revocable.
Despite our efforts, no method of electronic storage or transmission is 100% secure. In the event of a data breach that poses a risk to your rights, we will notify you and the relevant supervisory authority within 72 hours, as required by law.
9. Your Data Protection Rights
Depending on your location, you may exercise the following rights by emailing privacy@upliftsense.com. We will respond within 30 days. To protect your privacy, we may ask for proof of identity before processing your request.
9.1 Under Kenya’s Data Protection Act (All Users)
- Right to be informed: You are entitled to know what data we collect and why (this policy).
- Right of access: Request a copy of the personal data we hold about you.
- Right to rectification: Correct inaccurate or incomplete data.
- Right to erasure (“right to be forgotten”): Request deletion of your data, subject to legal retention obligations.
- Right to restrict processing: Limit how we use your data in certain circumstances.
- Right to data portability: Receive your data in a structured, machine‑readable format.
- Right to object: Object to processing based on legitimate interest or direct marketing.
- Right not to be subject to automated decision‑making: We do not use profiling or automated decisions.
9.2 Additional GDPR Rights (EU/EEA Residents)
- Lodge a complaint with a supervisory authority in your EU member state.
- Withdraw consent at any time (for consent‑based processing).
9.3 CCPA Rights (California Residents)
- Right to know: Request disclosure of categories and specific pieces of personal information collected, sources, purposes, and third parties with whom we share it.
- Right to delete: Request deletion of personal information we have collected, subject to exceptions.
- Right to opt‑out of sale: We do not sell personal data, so this right is inherently protected.
- Right to non‑discrimination: We will not discriminate against you for exercising any CCPA right.
To exercise any of these rights, please contact us at the email above. For California residents, you may designate an authorized agent to make requests on your behalf.
10. Children’s Privacy
Our services are not directed to individuals under the age of 18 (or the age of majority in your jurisdiction). We do not knowingly collect personal data from minors. If we become aware that a minor has provided us with personal information without parental consent, we will take steps to delete such information immediately. If you believe a minor has submitted data to us, please contact us.
11. Cookies and Similar Technologies
Currently, upliftsense.com does not use cookies, pixels, or tracking scripts. Our website is a static informational platform with embedded forms. If in the future we deploy analytics or advertising cookies, we will update this policy and implement a consent management banner where required by law. You will always have the option to reject non‑essential cookies.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. When we do, we will revise the “Last Updated” date at the top. For material changes, we will notify you via email (if we have your address) and prominently post a notice on our website. Continued use of our services after the effective date constitutes acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please reach out:
We are committed to resolving any privacy issues promptly and transparently. You also have the right to file a complaint with the Office of the Data Protection Commissioner (ODPC) in Kenya (odpc.go.ke) or your local supervisory authority.