Data Protection and Privacy Policy

Lyte-Pile Investments (Pvt) Ltd t/a LK Cellular Connect Zimbabwe

  1. Introduction

Lyte-Pile Investments (Pvt) Ltd (“Lyte-Pile”, “CEIR Zimbabwe”, “we”, “our”, or “us”) is an indigenous Zimbabwean ICT company, established in 2019, and the licensed operator of the Central Equipment Identity Register (CEIR Zimbabwe). Our services include IMEI/ESN verification, device authentication, whitelisting, blacklisting, mobile phone tracking, counterfeit detection, and lawful interception support for law enforcement and mobile network operators.

This Policy outlines how we collect, use, store, share, and protect personal data in compliance with:

  • The Data Protection Act [Chapter 11:12] of Zimbabwe (2021),
  • Guidelines issued by POTRAZ (Postal and Telecommunications Regulatory Authority of Zimbabwe),
  • Applicable international best practices.

We are committed to respecting and protecting the privacy of all individuals who interact with our systems, platforms, and services, including subscribers, law enforcement agencies, mobile network operators, and business partners.

  1. Scope

This Policy applies to:

  • All personal data processed by CEIR Zimbabwe, whether collected through our Websites (www.ceirzimbabwe.com), our CEIR software, mobile applications, or offline interactions.
  • Data collected and processed in connection with IMEI whitelisting, blacklisting, and mobile phone fraud/theft investigations.
  • All employees, contractors, and third parties who process personal data on behalf of CEIR Zimbabwe.
  1. Definitions
  • Personal Data: Any information relating to an identified or identifiable individual (e.g., name, contact number, IMEI number, national ID).
  • Processing: Any operation performed on personal data, whether automated or manual (collection, storage, transfer, deletion, etc.).
  • Data Subject: Any individual whose personal data we process (e.g., mobile subscriber, complainant, employee).
  • Controller: CEIR Zimbabwe, which determines the purpose and means of processing data.
  • Processor: Any third party contracted by CEIR Zimbabwe to process data on its behalf.
  1. Legal Basis for Processing

We only process personal data under lawful bases as set out in the Data Protection Act:

  • Consent – where you have given us clear permission.
  • Legal Obligation – where processing is required by Zimbabwean law, regulation, or court order.
  • Legitimate Interests – where necessary to prevent fraud, theft, and ensure network/device security.
  • Public Interest & Security – for law enforcement, public safety, and combating crime.
  1. Categories of Data Collected

Depending on the service provided, CEIR Zimbabwe may collect and process:

  • Identification Data: Full name, national ID, passport, or other government-issued identification.
  • Contact Data: Address, phone number, email.
  • Device Data: IMEI/ESN/MEID, device brand/model, SIM number (if applicable).
  • Transaction Data: Records of device registration, blacklisting/whitelisting actions, theft reports.
  • System Data: IP address, login information, browser type, system logs for security monitoring.

We do not knowingly collect data from children under 18 unless explicitly authorized by parents/guardians or required by law.

  1. Purpose of Data Processing

We process personal data strictly for legitimate business and regulatory purposes, including:

  • Mobile device authentication (validating IMEI numbers).
  • Whitelisting, blacklisting, and greylisting of devices.
  • Mobile phone tracking & recovery in collaboration with mobile network operators and law enforcement.
  • Fraud detection & crime management (counterfeit, cloned, or tampered IMEIs).
  • Regulatory compliance & lawful interception as mandated by POTRAZ and other authorities.
  • Customer service and support (handling queries and complaints).
  • System security monitoring and prevention of unauthorized access.
  1. Data Sharing & Third Parties

We may share personal data with:

  • Mobile Network Operators (MNOs) – for enforcing whitelisting/blacklisting and ensuring stolen devices cannot connect to networks.
  • Law Enforcement Agencies – for investigations, recovery of stolen devices, and crime prevention.
  • Regulators (POTRAZ and Government Authorities) – in compliance with statutory reporting obligations.
  • Service Providers/Processors – strictly under binding contracts ensuring compliance with data protection obligations.

We do not sell, rent, or trade your personal data.

If data must be transferred outside Zimbabwe, we ensure adequate safeguards consistent with the Data Protection Act.

  1. Data Subject Rights

Under the Act, you have the following rights:

  • Right to Access – request a copy of your personal data we hold.
  • Right to Rectification – request corrections to inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”) – request deletion of data when legally permissible.
  • Right to Restrict Processing – request limitation of certain processing activities.
  • Right to Object – object to processing based on legitimate interest.
  • Right to Data Portability – request transfer of your data in a structured, machine-readable format.
  • Right to Withdraw Consent – withdraw your consent at any time.

Requests must be submitted to our Data Protection Officer (DPO) at: info@ceirzimbabwe.com

We will respond within the timelines set by the Data Protection Act.

  1. Data Security & Retention
  • We implement technical and organizational measures (encryption, firewalls, access control, secure servers) to safeguard personal data.
  • Access to sensitive data (IMEIs, user records) is restricted to authorized personnel only.
  • Personal data is retained only for as long as necessary to fulfil the purposes outlined or as required by law.
  • When no longer needed, data is securely deleted or anonymized.
  1. Cookies & Tracking

Our websites and applications may use cookies and tracking technologies for:

  • Security authentication
  • Analytics and system monitoring
  • Improving user experience

Users can manage cookies through their browser settings, but disabling essential cookies may limit system functionality.

  1. Children & Minors

We do not knowingly collect or process data of minors under 18 years unless authorized by law enforcement, parents, or guardians in cases of theft reporting or device recovery.

  1. Policy Updates

This Policy may be updated periodically to reflect changes in law, regulation, or company operations. Updates will be posted on our website and communicated through appropriate channels.

  1. Links to other websites

Our website ceirzimbabwe.com may contain links to other websites, which are not under our control. We are not responsible for the content of these websites. We recommend you familiarize yourself with the privacy policy of every website that you visit, if such policy exists.

  1. Contact Information

For any questions, requests, or complaints regarding this Policy or your data rights, contact:

Data Protection Officer
Lyte-Pile Investments (Pvt) Ltd t/a LK Cellular Connect Zimbabwe
No. 3 Stoke Road, Belmont, Bulawayo, Zimbabwe
info@ceirzimbabwe.com
+263 77 365 2804

 

Contact

CEIR Zimbabwe | No. 3 Stoke Street, Belmont, Bulawayo
Phone:  +263292262452 | +263292261205 | +263 773 652 804
Email: info@ceirzimbabwe.com

GSMA Association

“Our collaboration with GSMA for IMEI number identification, validation and IMEI authentication.”

POTRAZ License

“Licensed by Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ)”

Who we are

“We are a POWERHOUSE in combating counterfeit mobile phone devices in Zimbabwe”

© 2024: Website by Bronix Technologies

About | Contact | Privacy Policy|