Who is Africa Data Protection?
Africa Data Protection is a non-profit organisation that aims to actively contribute to a secure and ethical digital future for all African citizens.
Why this privacy policy?
Africa Data Protection's privacy policy aims to reflect our association's commitment to comply with the requirements for the protection of personal data arising from:
- The General Data Protection Regulation (GDPR);
- The French Data Protection Act;
- Any other legislation of an African country applicable to the association's activities.
What personal data do we collect on this website and for what purposes?
If you use this website, we may collect some of your personal data.
Personal data is defined as any information that enables you to be identified directly or indirectly, in accordance with the definition given by article 4.1 of the GDPR.
We collect personal data in the following situations:
1. When you join and/or make a donation to the association
When you wish to make a donation to the association or become a member, the following information is indirectly collected: surname, first name, date of birth, e-mail address, postal address and country of residence.
This information is collected indirectly by our sub-processor, the Helloasso association, which is responsible for processing your membership and/or donations.
Please note that we do not collect your bank details under any circumstances.
To find out more about Helloasso's terms of services and privacy policy, please click on the following link: https://www.helloasso.com/confidentialite
As a member of the Africa Data Protection association, you will have access to some of our tools. Your personal information will also enable us to give you access to these various benefits.
2. When you register for our online courses
We collect the following information: user name, surname, first name and e-mail address. This data is hosted by our service provider One.com. Please note that we do not collect your password under any circumstances, as this is managed securely. Your first and last names are only used to generate your certificate of attendance.
During the course, we also collect data relating to your success rate, as well as the date on which you obtained your certificate. Adding a photo to your profile is optional.
To find out more about One.com's privacy policy, please click on the following link: https://www.one.com/en/info/privacy-policy
3. When interacting with the association via the newsletter, blog and webinars
You can communicate with the association by contacting us via the email address available on the website (info@africadataprotection.org).
In this case we collect your e-mail address, which you have freely used to contact us.
Your e-mail address, collected at the time of your membership or donation, also enables us to send you our newsletters and news about our association. You can unsubscribe via a link that you will find in each e-mail sent or by writing to dpo@africadataprotection.org .
You can also register for the association's webinars. In this case, we will collect your surname, first name and e-mail address. This information will only be used to manage your webinar registration.
Finally, you can contact us with any requests for information.
Do cookies need to be deposited when you visit this site?
The cookies placed on your terminal are essential to the operation of the website and are intended for the service provider responsible for its maintenance. These cookies do not allow us to identify you.
What is the legal basis for processing your personal data on this website?
As an association under the French law of 1901, the processing of personal data is based either on:
• Legitimate interests of the association: this is the case, for example, for processing relating to the management of your donation;
• Your consent: this is the case, for example, for processing relating to your request to subscribe to the newsletter.
In all cases, you have the right to object to the processing of your personal data and you may also withdraw your consent at any time when the processing initiated is based on your consent.
Who are the personal data processed by this site intended for?
The data collected is intended for the volunteers in charge of managing the association for the purposes indicated above.
Where necessary, the association may occasionally share your data with third parties (IT service providers, for example). In such cases, the necessary technical and organisational security measures are taken by all parties to protect your personal data.
How are the personal data processed by this site secured?
All pages on this site that allow personal data to be entered use the https protocol.
The Africa Data Protection association is committed to protecting the personal data processed on this site in accordance with the state of the art.
How long is your personal data kept?
The personal data collected is kept for a period that varies according to the purpose for which it is used.
In any event, your personal data is kept for as long as is necessary to achieve the intended purpose.
For example, data collected for the purpose of sending newsletters is kept until the person concerned unsubscribes, or exercises a right of opposition or deletion.
What rights do you have regarding the use of your data?
As the association is legally registered in France, French and European legislation on the protection of personal data gives data subjects the following rights over their personal data:
- The right of access
Exercising this right allows the holder to find out whether data concerning him or her is processed by the association and, if so, to obtain a copy of it in an understandable format.
- The right of rectification
Exercising this right allows the holder to request the correction of inaccurate or incomplete information previously held by the association.
- The right to limit processing
The exercise of this right allows its holder, firstly, to ask the association to freeze the use of data concerning him/her, for the time necessary to verify the accuracy of said data (this right is exercised in addition to the prior exercise of other rights. In addition, when the association, in accordance with its policy, plans to delete certain data for various reasons, the individuals whose data is concerned may exercise their right to restrict processing in order to retain said data; of course within the limits prescribed by law.)
- The right to object
The exercise of this right allows the holder to object to data belonging to him/her being used by the association within the limits laid down by law.
- The right to erasure
The exercise of this right enables the holder to obtain from the association the deletion of personal data concerning him/her that it holds, under the conditions laid down by law. In a way, this is an extension of the right to be forgotten previously enshrined by the European courts.
- The right to portability
This right is reserved exclusively for people whose data has been collected on the legal basis of consent. By exercising this right, the holder can obtain the transfer of his or her personal data to a third party, if such a transfer is technically possible.
In accordance with the RGPD and the French Data Protection Act, you may object to the use of your personal data by contacting the association, or lodge a complaint with the CNIL. You can exercise any of these rights by contacting us at the following address: dpo@africadataprotection.org
How are you informed of changes to this policy?
Any change in the content of this policy will be the subject of a notice that will be published on our website.