Data commissioner Immaculate Kassait has told Kenyans to be wary of the amount of personal information they give out.
Kassait said data collectors should not demand more information than is required by law in order to identify a person.
She was speaking on Spice FM on Wednesday, informing Kenyans about the Data Protection Day commemorated on January 27.
Kassait said a commonly talked about topic of personal information is access to buildings.
"It is required by law to deposit one's national ID or passport when accessing a public building," she said.
The commissioner said there has been a lot of public outcry about the issue.
She said Private Security Agency Regulation dictates such.
However, there have been cases where some IDs deposited at the entrances of buildings have been photocopied and data used for the wrong reasons.
"However, going beyond that purpose of collecting that information and storing that information for an unnecessary amount of time is dangerous to the safety of people's data," Kassait said.
She added that collecting information that is beyond personal identification is also dangerous.
"Why do you need to know my email address or my residence when I am accessing a building?" the commissioner said.
She said one should not be asked for their biometrics in order to access a building.
"Data collectors should practice data minimisation and only collect what is needed to identify someone," Kassait said.
