Privacy Policy

1. Introduction

Metal on Cloud ("we," "our," or "us"), a Gewape Cloud Group company, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our bare metal infrastructure and colocation services.

2. Information We Collect

Personal Information

• Name and contact information (email, phone, address)
• Billing and payment information
• Company name and business details
• Government-issued identification (for verification)

Technical Information

• IP addresses and network traffic metadata
• Server configuration and usage data
• Access logs and authentication records
• Support ticket communications

3. How We Use Your Information

• Provide, maintain, and improve our services
• Process transactions and send billing notifications
• Respond to customer service requests
• Send technical notices and security alerts
• Comply with legal obligations and prevent abuse

4. Data Sovereignty & Storage

For our Kenya colocation services, customer data remains within Kenya in compliance with the Kenya Data Protection Act (DPA) 2019 and ODPC requirements. We do not transfer your data outside Kenya unless explicitly authorized by you or required by law.

5. Data Security

We implement industry-standard security measures including:

• 256-bit encryption for data in transit
• Physical security with biometric access controls
• 24/7 CCTV monitoring at all facilities
• Regular security audits and penetration testing

6. Your Rights

Under the Kenya Data Protection Act, you have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Object to processing of your data
• Data portability

7. Contact Us

For privacy-related inquiries or to exercise your rights, contact our Data Protection Officer:

Email: privacy[at]metaloncloud.com
Address: Nairobi, Kenya