Privacy Policy

1. Overview

2. Collection of Information

3. Use of Information

4. Information Sharing

5. Advertising and Analytics by Third Parties

6. Data Retention

7. User Choice

8. User Around The World

9. Residents of Kenya and Africa

10. Any Questions

Overview

This Privacy Notice explains how Soros Group Ltd. and its related entities, including our affiliate Museums Inc. (collectively referred to as “Soros,” “we,” or “our”), collect, use, and share personal information when you visit our websites, access client portals, make purchases from our online store, or use any of our products and services (together, the “Services”). By interacting with our Services, you agree to the collection and handling of your information as described in this Notice. If you have questions about our privacy practices, please reach us at privacy@soros.co.ke

From time to time, we may update this Privacy Notice to reflect changes in our business operations, services, or applicable legal requirements. Whenever updates occur, we will adjust the “Last Revised” date above. In certain cases, we may also provide additional notice, such as posting an announcement on our homepage or sending an email update. We encourage you to review this Notice regularly so that you remain informed about how Soros safeguards your information and the choices you have.

Collection of Information

Information You Provide to Soros

Soros collects details that you provide directly, such as when you subscribe to our mailing lists, register on our customer or partner portals, or contact us to learn more about our services and opportunities. We also collect information that you share through our Services when you complete a form, take part in a survey, promotion, or event, submit inquiries to our team, purchase items from our online store, communicate with us via third-party platforms such as social media, request customer assistance, or otherwise engage with Soros or our affiliate Museums Inc.

The types of personal information we may collect include your name, mailing address, phone number, email address, demographic details, organization or company name, country of residence, payment details, stated interests, and any other information you choose to provide. In certain cases, sensitive information that you disclose may be securely stored or transmitted as part of our business operations.

For specialized programs or applications, Soros may collect additional data to verify eligibility or meet regulatory requirements. This could include details such as your date of birth, identification numbers, government-issued documents, or other information necessary to process your application.

Information We Automatically Collect

When you interact with Soros Services, we automatically collect certain types of information about your activities, transactions, and devices, including: Transaction Records: If you make a purchase, return an item, or use Soros’s online store, we collect details related to that transaction, such as the items purchased, purchase amount, payment method, date, and location of the order. Log Data: We capture information about your use of our Services, including your browser type, access times, pages viewed, IP address, and the website or page you visited before coming to Soros platforms. Device Details: We may collect information about the computer or mobile device you use, such as the hardware model, operating system and version, unique device identifiers, and network information. Cookies and Tracking Tools: Soros uses cookies, web beacons, and similar technologies to collect data. Cookies are small files stored on your device that help us enhance your experience, analyze which features are most used, and count site visits. Web beacons are small graphic files embedded in our Services or emails that assist in delivering cookies, tracking engagement, and measuring the success of marketing campaigns. To learn more about cookies and your options to manage or disable them, please see the Managing Your Preferences section below. Information From External Sources: We may also receive information about you from trusted partners, service providers, affiliates (including Museums Inc.), and publicly available sources, which we combine with data collected through our Services to better serve you.

Use of Information

Soros uses the information we collect to deliver, support, and enhance our Services. This includes responding to your requests, fulfilling orders, managing accounts, and providing updates on programs or opportunities. We may also use your information to:

• Provide Service Updates: Send technical notices, system alerts, updates, security notifications, and respond to customer service requests or inquiries.
• Process Transactions: Manage payments, fulfill purchases from Soros’s online store, provide confirmations and invoices, and handle returns or exchanges.
• Communicate With You: Share news, offers, programs, events, or promotions from Soros and our affiliate Museums Inc., as well as updates on products and services we believe may interest you.
• Analyze Usage Trends: Monitor and evaluate trends, activity, and engagement to improve the performance and functionality of our Services.
• Protect Against Fraud: Detect, investigate, and help prevent fraudulent transactions, unauthorized access, or other unlawful activities, and protect the rights and property of Soros and its partners.
• Facilitate Promotions: Manage entries for contests, promotions, or events and deliver applicable rewards.
• Personalize Experiences: Tailor our Services, content, and advertising through trusted third-party providers to better match your preferences and interests.
• Other Purposes: Use the information for any additional purposes that we disclose at the time of collection or with your consent.

Information Sharing

Soros may share information about you in the following ways, or as otherwise described in this Privacy Notice:

• With Service Providers: We share information with vendors, contractors, consultants, and other trusted partners who require access to data in order to perform services on our behalf, such as website hosting, payment processing, analytics, marketing support, and data management.
• With Advisors and Regulators: We may share information with our legal counsel, auditors, and professional advisors when necessary to protect our business interests, as well as with regulators or government agencies when required to comply with legal or regulatory obligations.
• For Legal Reasons: We may disclose your information if we believe it is required under applicable laws, regulations, legal processes, or government requests, including lawful requests to meet national security or law enforcement requirements.
• For Protection: If your actions appear inconsistent with our policies or agreements, or if necessary to safeguard the rights, property, or safety of Soros, Museums Inc., our users, or others, we may share relevant information.
• Business Transactions: In the event of a merger, sale of assets, financing, or acquisition involving Soros, your information may be disclosed or transferred as part of that process.
• Within Our Group: We may share information between Soros, Museums Inc., and any future affiliates, subsidiaries, or related entities under common ownership or control.
• With Your Consent: We will share your information for any other purpose if you direct us to or explicitly consent to the sharing.

We may also share aggregated or anonymized data that cannot reasonably be used to identify you.

Advertising and Analytics by Third Parties

Soros partners with outside providers to deliver analytics, serve advertisements, and offer related services across the web. These providers may use cookies, web beacons, device identifiers, and similar technologies to collect information about how you interact with our Services and with other websites and applications. This may include details such as your IP address, browser type, pages visited, time spent on pages, links clicked, and conversion data.

Soros and its partners use this information to:

• Analyze and track usage trends;
• Evaluate the popularity and effectiveness of certain content or features;
• Deliver advertising and content on third-party sites that are better aligned with your interests;
• Gain insights into your online activity to improve the relevance of our Services.

Additionally, Soros works with trusted third-party platforms (such as LinkedIn) to run tailored advertising campaigns. In some cases, Soros or these platforms may convert information you provide (such as your email address) into a unique identifier to match with existing user accounts on those platforms. This helps us learn more about your preferences and serve you ads that are customized to your interests. These platforms may also provide options for you to manage or opt out of receiving such targeted ads.

Data Retention

Soros retains the information we collect for as long as necessary to fulfill the purposes for which it was gathered, or for other valid business needs. This may include meeting legal, regulatory, or contractual obligations, resolving disputes, maintaining security, and enforcing our agreements. When information is no longer required, Soros takes steps to securely delete, anonymize, or otherwise prevent its continued use.

User Choice

Managing Your Account Information
You may review, correct, or update your personal information by contacting Soros at privacy@soros.co.ke. Soros may retain certain details as required under Kenyan law or for legitimate business purposes, such as maintaining financial records, complying with regulations, or resolving disputes. Cached or archived copies of information may also be retained for a limited period.

Use of Cookies
Most web browsers are set to accept cookies by default. If you prefer, you can adjust your browser settings to block or delete cookies. However, please note that disabling cookies may affect the availability, speed, or functionality of Soros’s services.

Marketing & Promotional Messages
You may opt out of receiving promotional communications from Soros in the following ways:

Email: Click the unsubscribe link included at the bottom of our marketing emails, or contact us directly at privacy@soros.co.ke.

SMS/Phone: Reply STOP to any SMS you receive from Soros, or contact our customer service team to request removal from SMS or phone marketing lists.

Even if you opt out of promotional communications, Soros may still send you important non-promotional messages, such as account updates, service notifications, or information relating to your ongoing business with us.

User Around The World

Soros processes and stores information primarily in Kenya. However, in some cases, Soros and its trusted service providers may transfer, store, or access your information in other countries. These jurisdictions may not always provide the same level of data protection as Kenya.

Whenever such transfers occur, Soros ensures that appropriate safeguards are in place to protect your information. This includes compliance with the Kenya Data Protection Act, 2019, and following guidance issued by the Office of the Data Protection Commissioner (ODPC).

For users located in the European Union (EU), United Kingdom (UK), or other regions with specific data protection requirements, Soros will also take into account the principles of the General Data Protection Regulation (GDPR). This means that when personal data is transferred outside of these regions, Soros will ensure adequate safeguards are in place, which may include:

• The use of Standard Contractual Clauses (SCCs) approved by the European Commission.
• Ensuring that third-party partners provide an adequate level of protection consistent with GDPR requirements.
• Taking reasonable technical and organizational measures to protect your personal information.

Soros remains responsible for the handling of your personal information, even when third-party partners or affiliates—such as Museums Inc.—process it on our behalf.

In certain cases, Soros may also be required to disclose information in response to lawful requests by government authorities, regulators, or security agencies in compliance with applicable Kenyan laws, including but not limited to the Data Protection Act, 2019, the Kenya Information and Communications Act, 1998 (as amended), and other relevant national security or law enforcement legislation.

Complaints & Redress:
If you have concerns about how Soros handles your information in relation to international transfers, you may first contact us directly at privacy@soros.co.ke. If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC) in Kenya or, if applicable, your local data protection authority in the EU, UK, or Switzerland.

Residents of Kenya and Africa

Legal Basis For Processing

Soros primarily operates in Kenya and across Africa. When we collect and process your personal information, we do so in accordance with the Kenya Data Protection Act, 2019, guidance from the Office of the Data Protection Commissioner (ODPC), and other applicable African data protection laws.

We process your personal data under the following legal bases:

• Contractual Necessity
  Soros may process your personal information when it is necessary to perform a contract with you. For example, to complete your purchases, deliver services, or provide access to Soros platforms.
• Legitimate Interests
  Soros may process your data for legitimate business purposes such as maintaining and improving our services, securing our systems, conducting analytics, and supporting operations across Kenya and Africa—provided that such processing does not override your fundamental rights and freedoms.
• Consent
  Where required by law, Soros will obtain your consent before processing your information. For example, if you subscribe to our marketing updates, newsletters, or SMS alerts, we will only contact you with your permission. You may withdraw your consent at any time.
• Legal Obligations
  Soros may process and share your information where necessary to comply with Kenyan law (e.g., the Kenya Data Protection Act, 2019) or other applicable African regulations. This includes responding to lawful requests from regulators, law enforcement agencies, or courts.

Your Rights

As a resident of Kenya or other African jurisdictions with applicable data protection frameworks, you may have the following rights:

• The right to access the personal information Soros holds about you.
• The right to request correction of inaccurate or incomplete data.
• The right to request deletion of your personal data where legally applicable.
• The right to object to or restrict certain forms of processing, such as direct marketing.
• The right to withdraw consent where consent has been provided.
• The right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC) in Kenya, or the relevant authority in your country of residence.

To exercise these rights, please contact Soros at privacy@soros.co.ke We will handle requests in line with the Kenya Data Protection Act, 2019 and other applicable African data protection laws.

Any Questions?

If you have any questions about this Privacy Policy or how Soros handles your personal information, please contact us at privacy@soros.co.ke

If you are in Kenya and have concerns about Soros’s processing of your personal data that we are not able to resolve, you may lodge a complaint with the Office of the Data Protection Commissioner (ODPC):

If you are in another East African country, you may raise your concern with your national Data Protection Authority, such as:

• Uganda: Personal Data Protection Office (under NITA-U)
• Tanzania: Personal Data Protection Commission (established under the Data Protection Act, 2022)
• Rwanda: National Cyber Security Authority (data protection oversight)

Soros also seeks to align with regional frameworks, including the East African Community (EAC) data protection initiatives and the African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention).

Rest of Africa

For users in other African countries, Soros will cooperate with local authorities where they exist, such as:

• South Africa: Information Regulator
• Nigeria: Nigeria Data Protection Commission (NDPC)

We also align with broader COMESA and African Union (AU) efforts to harmonize data protection across the continent.

United States of America

If you are located in the United States, you may contact Soros directly regarding privacy matters. While there is no single federal data protection authority, complaints may also be raised with your state attorney general’s office or relevant consumer protection authority depending on your state of residence.

European Union, the United Kingdom, and Switzerland

If you are in the EEA, UK, or Switzerland, and have concerns about Soros’s processing of your personal data that we cannot resolve, you have the right to lodge a complaint with your local Data Protection Authority:

EEA: European Data Protection Board 

UK: Information Commissioner’s Office (ICO)

Switzerland: Federal Data Protection and Information Commissioner (FDPIC)