Trust, Privacy & Security

Privacy & Data Handling

This page is maintained by Danid Training Institute — College of Health Sciences (DTI) to explain how we collect, use and safeguard information when you apply, enrol or interact with our admissions team. Last updated: 17 June 2026.

Plain summary: We collect only the information needed to handle your enquiry, admission, training and accreditation records. We do not sell your data. You can request access, correction or deletion at any time by emailing admin@danidcentre.org.

Who we are

Danid Training Institute — College of Health Sciences is a TVETA & CDACC accredited healthcare training college based in Kisumu, Kenya. This privacy notice applies to https://training.danidcentre.org and to admissions communications by phone, WhatsApp and email.

Information we collect

  • Applicant details you submit through our forms: name, phone number, email, course of interest, intake, message.
  • Communication records: WhatsApp click events, call requests, and email correspondence with the admissions team.
  • Payment references when you initiate an M-Pesa transaction (transaction ID, amount, phone number — handled via Safaricom Daraja).
  • Technical data: anonymised analytics (page views, device type, referrer) collected via Google Analytics with IP anonymisation.
  • Student records after enrolment: KCSE results, ID/passport, NEMIS/CDACC registration details required by accrediting bodies.

How we use your information

  • To respond to admissions enquiries and process applications.
  • To send course information, intake dates, fee structures and brochures you requested.
  • To process M-Pesa payments and issue receipts.
  • To maintain student academic and accreditation records as required by TVETA, CDACC, NITA, KNDI and AHA.
  • To improve our website using aggregated, anonymised analytics.

We do not use your information for unrelated advertising and we do not sell your personal data.

Who has access

Applicant data submitted through this site is stored in our admissions database and is accessible only to authorised DTI admissions and administrative staff. Access is protected by individual login accounts with row-level security policies — staff can only see records permitted by their role.

Service providers we rely on to operate the site (hosting, email, analytics, M-Pesa payments) process limited data on our behalf under their own privacy terms.

Subprocessors & integrations

  • Lovable Cloud — application hosting, database and authentication.
  • HostPinnacle — custom domain (training.danidcentre.org) DNS.
  • Google Analytics — anonymised usage analytics.
  • WhatsApp Business / Meta — when you click a WhatsApp link.
  • Safaricom Daraja (M-Pesa) — when you initiate a Paybill 522533 payment.

Cookies & analytics

We use a minimal set of first-party cookies for session management and Google Analytics cookies for anonymised traffic measurement. You can disable cookies in your browser; essential authentication cookies are required only if you sign in to a staff or student account.

Data retention

  • Admissions enquiries are kept for up to 24 months after last contact, then archived or deleted.
  • Student academic records are retained as required by TVETA and CDACC for accreditation and verification.
  • Payment records are kept for 7 years for tax and audit compliance.
  • Analytics data is aggregated and retained per Google Analytics' default settings.

Your rights

You have the right to:

  • Request a copy of the personal data we hold about you.
  • Ask us to correct inaccurate information.
  • Ask us to delete your enquiry data, subject to legal record-keeping requirements.
  • Withdraw consent for marketing or non-essential communications at any time.

To exercise any of these rights, email admin@danidcentre.org. We aim to respond within 14 working days.

Security practices

We protect your data using HTTPS encryption in transit, encrypted database storage, role-based access controls, and row-level security policies on all sensitive tables. Administrative actions are logged for accountability. This is not a certification — it describes the controls currently enabled on the platform.

If you believe you've found a security issue, please email admin@danidcentre.org with details so we can investigate.

Children's data

Our programs are intended for applicants aged 17 and above. We do not knowingly collect data from children under 13. If you believe a minor has submitted data, contact us so we can remove it.

Changes to this notice

We may update this notice as our practices evolve or to reflect legal requirements. Material changes will be highlighted on this page with a revised "last updated" date.

Contact us

For any privacy question, request or complaint:

This page is maintained by Danid Training Institute — College of Health Sciences and describes our current data-handling practices. It is not legal advice and does not constitute a certification by any third party.