Privacy Policy

Effective Date: April 2026  |  Last Updated: April 2026

Version 1.0

1.  Who We Are

MDMC Life (“MDMC,” “we,” “us,” or “our”) is a digital platform providing Kingdom-focused books, teaching resources, and community for Christian professionals, entrepreneurs, and leaders. MDMC Life operates as a brand of Kingdom Fashion Revolution, a business registered in Kenya.

For the purposes of data protection law, Kingdom Fashion Revolution — trading as MDMC Life — is the Data Controller responsible for your personal information collected through this website.

2.  Laws That Govern This Policy

This policy is written in compliance with the following laws and regulations:

•  Kenya Data Protection Act 2019 — the primary law governing how we collect, use, store, and share personal data in Kenya.

•  Kenya Data Protection (General) Regulations 2021 — the operational regulations issued under the Act.

•  General Data Protection Regulation (GDPR) — the European Union data protection law, which applies when we process personal data belonging to individuals located in the European Economic Area (EEA). We apply GDPR-aligned standards to all users internationally as a matter of best practice.

•  CAN-SPAM Act and international email marketing standards — which govern our use of email communications.

By using the MDMC Life website and purchasing our products, you acknowledge that you have read this Privacy Policy and agree to its terms.

3.  What Information We Collect

We collect different types of information depending on how you interact with our website. We only collect information that is necessary for the purposes described in this policy.

3.1  Information You Give Us Directly

You provide this information voluntarily when you take an action on our website:

•  Full name — when you make a purchase or subscribe to our email list.

•  Email address — when you make a purchase, subscribe to our email list, or contact us through the contact page.

•  Billing address — when you make a purchase. This is collected and processed by our payment processors (see Section 6).

•  Payment information (card details, PayPal account, or Paystack account) — this is handled entirely by our payment processors. MDMC Life does not store, see, or have access to your full card or account details at any point.

•  Any message or information you choose to include when contacting us through our contact page or by email.

3.2  Information We Collect Automatically

When you visit our website, certain information is collected automatically by our systems and third-party tools:

•  IP address — a numerical label assigned to your device when it connects to the internet.

•  Browser type and version — for example, Chrome, Safari, Firefox.

•  Device type — desktop, tablet, or mobile.

•  Operating system — for example, Windows, macOS, Android, iOS.

•  Pages visited on our website, the order in which you visited them, and the time spent on each page.

•  The website or link that referred you to our site (the referral source).

•  The date and time of your visit.

•  Cookies and similar tracking technologies (see Section 7 for full details).

This information is collected primarily through Google Analytics and helps us understand how visitors use our website so we can improve the experience.

3.3  Information We Receive From Third Parties

When you complete a purchase through WooCommerce using PayPal or Paystack, we receive a transaction confirmation from those platforms that includes your name, email address, and order details. This allows us to fulfil your order and provide customer support. We do not receive your full payment details from these processors.

4.  Why We Collect Your Information and Our Legal Basis

The Kenya Data Protection Act 2019 and the GDPR both require that we have a valid legal reason — called a “lawful basis” — for processing your personal information. The table below explains why we collect each type of data and the lawful basis we rely on.

5.  How Long We Keep Your Information

We do not keep your personal information for longer than is necessary for the purpose for which it was collected. The following retention periods apply:

•  Purchase records and transaction data — retained for seven (7) years from the date of purchase. This is required for tax and financial record-keeping purposes under Kenyan law.

•  Email address and name (newsletter subscribers) — retained for as long as you remain subscribed. When you unsubscribe, your data is removed from our active mailing list within thirty (30) days. We may retain a suppression record of your email address to ensure we do not inadvertently contact you again.

•  Customer support correspondence — retained for two (2) years from the date of the last interaction, in case follow-up is needed.

•  Website analytics data (Google Analytics) — retained in accordance with Google’s data retention settings, which we have set to a maximum of twenty-six (26) months.

•  Data submitted through our contact form — retained for two (2) years unless it is related to a purchase, in which case it is treated as part of the purchase record.

When your data is no longer required, it is securely deleted or anonymised so that it can no longer identify you.

6.  Third-Party Services We Use

We use a small number of carefully selected third-party services to operate MDMC Life. Each of these services may process your personal data on our behalf as a “data processor.” We only share what is necessary for each service to function.

The following table lists every third-party service we currently use that may process your personal data:

Each of these services has its own privacy policy governing how they handle data. We encourage you to review their policies using the links above. If any of these third-party services change, we will update this policy accordingly.

7.  Cookies and Tracking Technologies

Cookies are small text files that are placed on your device when you visit a website. They help websites remember your preferences and understand how you use the site. We use the following types of cookies on the MDMC Life website:

7.1  Strictly Necessary Cookies

These cookies are essential for the website to function correctly. Without them, you would not be able to browse the site or make a purchase. They do not track your browsing activity across other websites and do not require your consent.

•  Session cookies — keep you logged in during a single browsing session.

•  Shopping cart cookies — remember what you have added to your cart.

•  Security cookies — protect against cross-site request forgery and other security threats.

7.2  Analytics Cookies (Google Analytics)

Google Analytics places cookies on your device to collect anonymised information about how you and other visitors use our website. This includes which pages are visited most, how long visitors spend on the site, and where visitors come from. This information helps us improve the website.

Google Analytics may transfer data to servers located in the United States. Google has implemented Standard Contractual Clauses to ensure this transfer complies with GDPR requirements. You can opt out of Google Analytics tracking at any time by installing the Google Analytics Opt-Out Browser Add-On, available at tools.google.com/dlpage/gaoptout.

7.3  Marketing and Payment Cookies

PayPal and Paystack may place cookies on your device during the checkout process to enable secure payment processing and fraud prevention. These are governed by their respective privacy policies.

7.4  Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse all cookies, accept only certain cookies, or delete cookies that have already been set. Please note that disabling strictly necessary cookies will prevent you from completing a purchase on our website.

Instructions for managing cookies in common browsers:

•  Google Chrome — Settings > Privacy and Security > Cookies and other site data

•  Mozilla Firefox — Settings > Privacy and Security > Cookies and Site Data

•  Safari — Preferences > Privacy > Manage Website Data

•  Microsoft Edge — Settings > Privacy, Search, and Services > Cookies

We do not currently display a cookie consent banner, but we plan to implement one in line with best practices. When that is in place, you will be given a clear choice about non-essential cookies when you first visit the site.

8.  International Data Transfers

MDMC Life is based in Kenya. However, some of the third-party services we use — including Google Analytics, WooCommerce, PayPal, and Zoho — are based in or process data in countries outside Kenya, including the United States.

When your data is transferred outside Kenya, we ensure that appropriate safeguards are in place to protect it. These safeguards include:

•  Standard Contractual Clauses (SCCs) — contractual agreements approved by data protection authorities that require the receiving organisation to protect your data to the same standard as required in Kenya and the EU.

•  Adequacy decisions — where the receiving country has been recognised as providing adequate data protection.

•  Service-specific protections — each of our third-party processors has its own data protection measures and certifications, such as PCI-DSS compliance for payment processors and SOC 2 certification for cloud services.

If you are located in the European Economic Area (EEA), you have the right to obtain a copy of any safeguards used to transfer your data internationally. Contact us at info@mdmclife.com to request this.

9.  Your Data Protection Rights

Under the Kenya Data Protection Act 2019 — and, where applicable, the GDPR — you have the following rights regarding your personal information. We take these rights seriously and will respond to any request within thirty (30) days of receiving it.

→  The Right to Be Informed

You have the right to know what personal data we collect about you, why we collect it, and how we use it. This Privacy Policy fulfils that obligation.

→  The Right of Access

You have the right to request a copy of the personal data we hold about you. We will provide this in a clear, readable format.

→  The Right to Rectification

If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it.

→  The Right to Erasure (“Right to Be Forgotten”)

You have the right to request that we delete your personal data where there is no compelling reason for us to continue holding it — for example, if we no longer need it for the purpose it was collected, or if you withdraw your consent. Note that we may not be able to delete data we are legally required to retain, such as financial records.

→  The Right to Restrict Processing

You have the right to request that we temporarily stop using your personal data while we verify its accuracy or consider an objection you have raised.

→  The Right to Data Portability

Where we process your data based on your consent or for the performance of a contract, you have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format.

→  The Right to Object

You have the right to object to us processing your data based on our legitimate interests. You also have the right to object to receiving marketing communications from us at any time. You can unsubscribe from our emails by clicking the unsubscribe link at the bottom of any email we send.

→  The Right to Withdraw Consent

Where we process your data based on your consent (for example, for our email newsletter), you have the right to withdraw that consent at any time. Withdrawing consent does not affect the lawfulness of processing that occurred before the withdrawal.

→  Rights Related to Automated Decision-Making

We do not currently use your personal data for any automated decision-making processes or profiling that produce legal or similarly significant effects.

Complaints

If you believe we have handled your personal data in a way that violates your rights or applicable data protection law, you have the right to lodge a complaint with the relevant supervisory authority.

In Kenya, the supervisory authority is the Office of the Data Protection Commissioner (ODPC):

•  Website: odpc.go.ke

•  Email: info@odpc.go.ke

•  Telephone: +254 20 3676 000

If you are located in the European Economic Area, you may also lodge a complaint with the data protection authority in your country of residence.

We would always prefer to resolve any concerns directly before you escalate to a regulator. Please contact us first at info@mdmclife.com and give us the opportunity to address your concern.

10.  Marketing Communications

MDMC Life sends email communications to people who have:

•  Explicitly subscribed to our mailing list through the website, or

•  Purchased a product from us — in which case we may send you related updates and resources, unless you have opted out.

Every marketing email we send includes a clear and functional unsubscribe link. You can also opt out at any time by emailing info@mdmclife.com with the subject line “Unsubscribe.” We will process your request within five (5) working days.

Unsubscribing from our marketing emails will not prevent us from sending you transactional emails that are necessary to fulfil a purchase — for example, your order confirmation or download delivery.

We use Zoho Campaigns to send our emails. Zoho stores your name and email address and provides us with delivery and open-rate statistics. These statistics are anonymised at the individual level — we can see aggregate data (e.g. 40% of subscribers opened a particular email) but we do not track individual reader behaviour for marketing profiling purposes beyond what is standard to email delivery systems.

11.  Children’s Privacy

MDMC Life is designed for adults. Our books and teaching resources are intended for Christian professionals, entrepreneurs, and leaders — not for children under the age of eighteen (18).

We do not knowingly collect personal data from anyone under the age of eighteen. If you are under eighteen, please do not submit any personal information to us through this website.

If you are a parent or guardian and you believe that a child under your care has provided personal information to us without your consent, please contact us immediately at info@mdmclife.com. We will investigate and delete the information promptly if confirmed.

12.  How We Protect Your Information

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it against unauthorised access, accidental loss, disclosure, alteration, or destruction.

These measures include:

•  SSL/TLS encryption — our website uses HTTPS, which encrypts data transmitted between your browser and our server.

•  Secure payment processing — all financial transactions are handled by PCI-DSS compliant processors (PayPal and Paystack). We do not store payment card details on our servers.

•  Access controls — access to personal data held by MDMC Life is restricted to those who need it to fulfil their role.

•  Third-party security — we only use third-party services that have robust security practices and relevant certifications.

However, no method of transmission over the internet or method of electronic storage is 100% secure. While we do everything we can to protect your personal data, we cannot guarantee its absolute security. If you have reason to believe your interaction with us has been compromised, please contact us immediately at info@mdmclife.com.

13.  Links to Other Websites

Our website may contain links to external websites, including the privacy policies of our third-party service providers listed in Section 6. Clicking on those links will take you away from the MDMC Life website.

We are not responsible for the privacy practices or content of any external websites. We encourage you to read the privacy policy of every website you visit.

14.  Changes to This Privacy Policy

We may update this Privacy Policy from time to time as our services change, as new legal requirements come into effect, or as we refine our practices. When we make significant changes, we will:

•  Update the “Last Updated” date at the top of this page.

•  Notify subscribers via email where the change materially affects how we use their personal data.

•  Where required by law, seek fresh consent before implementing the change.

We encourage you to review this policy periodically. Continuing to use the MDMC Life website after a change has been posted constitutes your acceptance of the updated policy.

The version history of this policy is maintained internally. If you would like to see a previous version, contact us at info@mdmclife.com.

15.  Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal data, please contact us using the details below. We aim to respond to all queries within five (5) working days.

MDMC Life  |  mdmclife.com  |  info@mdmclife.com

Privacy Policy — Version 1.0  |  Effective April 2026

Operating under Kingdom Fashion Revolution — Registered Business, Nairobi, Kenya