African ICT Foundation
Statement of Privacy
The African ICT Foundation’s Commitment to Responsible & Ethical Privacy Practices
In keeping with the goals and objectives of The African Information and Communications Technology Foundation (“African ICT Foundation or AICTF”), we are committed to the highest degree of respect for the privacy of our members, visitors to our websites and attendees of our events. In this Privacy Statement, we use “we,” “us” or “our” to refer to African ICT Foundation and “you” or “your” to refer to you, the user, member or visitor to our web sites. For certain purposes of this Privacy Statement, we distinguish between individuals who choose to register and join AICTF as a member (“Members”) and users of our websites (the “Sites”) who simply visit the Sites (“Visitors”) and do not choose to register as Members. Unless indicated otherwise, all provisions of this Privacy Statement apply to Visitors and Members.
When we do not rely on your consent to this Privacy Statement for use of “Your Data” (as defined below), we will tell you so. By accessing and using any of the Sites as a Visitor, you expressly and knowingly consent to the information collection and use practices as described in this Privacy Statement.
Our commitment to your privacy, is based on the following principles which we apply to our use of both your personally identifiable data (“Personal Data”) and to certain anonymous information we collect when you visit our Sites (“Technical Information”, and together with Personal Data, “Your Data”):
We will describe Your Data we will collect;
We will inform you clearly about our collection and use of Your Data;
We will either seek your express informed consent or rely on other legally permissible bases for the use of Your Data – either way, we will inform you of the basis for our use of Your Data;
We will give you control over the privacy preferences that apply to Your Data, including the rights to (a) change your mind about our use, (b) have access to change or correct inaccurate aspects of Your Data, and (c) require that we delete all or parts of Your Data;
We will not sell or rent Your Personal Data to others;
We endeavour to maximise the protection of Your Data, and provide you with prompt notice in the unlikely event that a data loss incident or breach occurs; and
We will endeavour to be completely transparent and open about our data privacy policies and practices.
How do We Collect Information?
We collect Your Data in the following basic ways:
You give it to us when you register as a Member or if a Member or a Visitor registers for an event including but not limited to webinars, signing up for a newsletter or making a comment on a blog or social media;
You give it to us in email inquiries or in your public comments;
We automatically collect Technical Information when you visit our Sites; and
We obtain legally available information from outside sources, including commercially available geographic and demographic information along with other publicly available information, such as public posts to social networking sites.
What Information Do We collect?
On the Sites, we request certain Personal Data, for purposes such as registering to become a Member, renewing your membership, participating in discussion groups, submitting inquiries and comments, or registering for a webinar or our conferences or events. This may include name, title, company/organisation name, postal address, email address, work, home and mobile phone numbers. See our Frequently Asked Questions (FAQ) list for specific data elements we may request and collect.
We or our authorised vendors may collect Technical Information that we do not associate with any individual Site user. This information includes –
how many visits we have to the Sites,
- when those Sites are visited,
- browser types used for Site visits,
- name of the Internet service providers,
- the Internet Protocol (IP) address through which you access the Internet;
- pages that you access while at one of the Sites, and
- the Internet address of the website from which you linked directly one of the Sites.
How Do We Use Your Data Collected at Our Sites?
We do not sell or rent any Personal Data supplied by you. We occasionally work with other companies, consultants, and contractors to provide limited services on our behalf, such as website hosting, public relations, mailing, answering customer questions about products and services, and sending information including but not limited to our research, white papers, policy positions and events. We will only provide those companies the Personal Data they need to perform the service for which they are retained and they agree to treat information confidentially and to only use it for the purposes of providing services under our agreement with them. See our FAQs for a current listing of those third parties that perform these services for AICTF
We may use Your Data to provide you with more effective customer service and to improve the Sites and any related products or services we may provide or make available.
We may use your Personal Data to provide you with important information about your AICTF .
We may use Technical Information to periodically analyse Site logs to assess aggregate usage trends in order to better serve the needs of Visitors and Members and maximise the user viewing experience. Under some circumstances this information may be used for purposes of systems administration, fraud prevention or server troubleshooting and security. This information may also be used to help improve the Sites, analyse trends, and administer the Sites.
We may disclose Your Data if required to do so by law or in the good faith belief that such action is necessary to (a) conform to the requirements of the law or comply with legal process served on us or the Sites; (b) protect and defend our rights or property, (c) act in urgent circumstances to protect the personal safety of our employees and staff, agents, users of our products or services, or members of the public, or (d) effect any merger, acquisition, or sale of all or a portion of our assets, in which case you will be provided notice of the following via email and/or a prominent notice on the relevant Site, (i) the change in ownership, (ii) the uses of Your Data in the transaction, and (iii) choices you may have regarding Your Data. To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are required to provide Your Data to third parties as part of legal process.
In addition, we will use Your Data to:
Provide information or a service requested or consented to by you.
Assist in the performance of our activities and public interest functions.
Comply with relevant contractual obligations with you and other third parties.
Improve Site performance and content, including trouble shooting and diagnostics.
Improve your engagement and interaction with other Members of our community.
Improve our engagement and interaction with you.
Facilitate your attendance at and participation in our events, communities or blogs.
Confirm your identity.
Process a request or payment / donation submitted to us.
Comply with legal requests.
Can I Choose not to Receive Commercial Email Communications?
We realise that unwanted and non-relevant email notices and communications can be unwelcome. Every promotional, event or related communication we send to you via email contains instructions and an easily discover-able link that will allow you to unsubscribe and stop all subsequent commercial or marketing messages and/or direct you to a preference centre to select topics of interest to you. Unless you consent (opt in) to the receipt of commercial or marketing emails, we will not use your email address for such purposes. You can always change your email preferences by visiting our membership portal and clicking through to the preferences page.
By joining AICTF, Members may opt-in to the inclusion of their email contact information in our Member email communication and Member newsletter lists. Members can manage their email preferences including opting in and out of working groups, committees and special interest group (SIG) communications through the AICTF membership portal .
Members may receive periodic email or postal mailings from us with information about us, upcoming events, or issues related to the Internet including but not limited to news, public policy and emerging best practices and standards. We offer you the opportunity to select which, if any, of these communications you would like to receive.
All of our practices are designed and intended at a minimum to satisfy state, national, provincial and federal legal requirements limiting email communications. In addition to these laws and regulations governing email marketing there are other laws and regulations governing telemarketing and direct mail. As a general rule, we do not engage in those types of targeted marketing activities including but not limited to device finger printing, profiling and or cross device tracking.
Other Legal Bases for Using Your Data
In the event we do not rely on your consent to this Privacy Statement as the basis for our permitted use of Your Data, we will tell you so. For example, we may tell you that we are relying on our obligation to meet our contractual obligations to you. We may also rely on a “legitimate interest’s assessment” to process Your Data. Current circumstances where we use this approach are described in the FAQs. We will separately notify or disclose to you when we rely on an alternative legal basis for the use or processing of Your Data.
Credit Card Information
Credit card information is not collected or stored on our servers. When you conduct transactions through a Site, payment and payment card information for transactions with us is entered directly into a third-party processor’s systems and is not transmitted through or stored by us. The card processor provides us with an authorisation code which is securely stored with the payment record on our servers.
Our Sites use third parties for web analytics services, including Google Analytics, to collect Technical Information. See our FAQ for a current listing of such third parties. These third parties do or may use “cookies” or similar technologies, which are text files placed on your computer, to help analyse how you use a Site. The information generated by the cookie about your use of a Site (including your IP address) will be transmitted to and stored by these service providers’ servers. They will use this information for the purpose of evaluating your use of a Site, compiling reports on website activity for website operators and providing other services relating to website activity and Internet usage. They may also transfer this information to third parties where required to do so by law, or where such third parties process the information on their behalf.
You may refuse and block the use of all of our (and third party) cookies by selecting the appropriate settings on your browser. However please note that if you do this you may not be able to use the full functionality of our Sites and it might impact your overall experience.
While no data transmission over the Internet can be guaranteed to be 100 percent secure, we take reasonable and appropriate measures designed to protect the security of data transmitted to us upon receipt. AICTF is a strong advocate of privacy enhancing technologies including our efforts with respect to encryption. By default, the Sites encrypt connections between client devices and our servers to minimise the ability of any third party to “eavesdrop” on Your Data. In addition, where feasible, data is stored encrypted. If your browser does not support HTTPS encryption, you are encouraged to contact us by phone or in writing.
Our databases and system administration logs, are restricted to access by authorised and authenticated users. We use reasonable industry security standard safeguards (which may include physical, procedural and technical measures) to protect against the unauthorised disclosure of Personal Data. We take reasonable steps to ensure that Your Data is complete and relevant to its intended use. We will take reasonable and appropriate security measures to protect against unauthorised access, disclosure, alteration or destruction of Your Data.
Cross Border Transfers
If you visit our Sites from a country other than Nigeria, your communications will likely result in the transfer of Your Data across national borders. Our servers or offices may be located in countries other than the country from which you access our Sites, also resulting in the transfer of Your Data across international borders. If you provide Your Data when visiting our Sites from outside Nigeria, you acknowledge and agree that this data may be transferred from your then current location to our offices and servers and to those of our affiliates, agents, and service providers located in Nigeria and in other countries. Nigeria and such other countries may not have the same level of data protection as those that apply in the jurisdiction where you live.
For site visitors who reside in the European Economic Area, Switzerland or the United Kingdom, we will only transfer Your Data (a) to jurisdictions with “adequate protection” as used in the General Data Protection Regulation governing transfer of personal data outside of the European Union (the “GDPR”), or (b) to recipients with appropriate safeguards in place, including where contractual arrangements exist which include Standard Contractual Clauses (as defined in the GDPR) without any additions, modifications, or omissions.
The Sites contain links to other sites, organisations and resources. Please be aware that we cannot be and are not responsible for the privacy or security practices of such other sites. We encourage you, when you leave our Site(s), to read the privacy statements of those other sites that collect personally identifiable information and have up-to date security and anti-virus software on all of your devices. This Privacy Statement applies only to the Sites.
Accessing and Updating Personal Data
Users may request access to their Personal Data collected and stored by us (if any) to verify if it is complete and accurate or to request that it be deleted. At a minimum, we will respond to your request within any applicable time-frame required by law and will otherwise take reasonable steps to respond to legitimate requests to access, correct, delete or update any such information retained by us. Requests may be sent by email to privacy at africanictfoundation.org. It is important to understand that deletion of your Personal Data may adversely impact your ability to enjoy the full benefits of membership.
We will only retain Your Data stored on our servers in accordance with the legitimate needs of our business and as required or permitted by applicable law. We will not retain any unused Personal Data on our systems longer than necessary for legitimate business purposes.
Social Media, Blogs & Discussion Groups
Our collection and use of any of Your Data is subject to the laws and regulations of the countries and political subdivisions in which our Visitors and Members reside. We are and remain committed to complying with all such legal obligations and use these legal requirements as the minimum beginning point for our use and collection of Your Data. Included in these laws and regulations are (a) the GDPR, which governs among other things, consents, uses and cross-border transfers of personal data concerning European Union residents, and (b) the California Online Privacy Protection Act, governing such matters with respect to California residents. If you have any questions regarding this Privacy Statement or you feel that the Sites are not following these legal requirements or our stated information policy, please contact us by email to privacy at africanictfoundation.org or at either of the addresses or phone numbers listed in the Contact Us section of the Sites. You may also contact us at that address if you have any concerns about the accuracy of, or wish to correct, your Personal Data we have collected from you.
Control of Your Personal Information “Do Not Track” Notice:
We respect enhanced user privacy control and support the development and implementation of a standard “Do Not Track” (DNT) browser feature, designed to provide users universal and persistent control over the collection, sharing and use of information by third parties regarding their web-browsing activities. Once the specification is finalised we intend to honour user’s requests with respect to browser tracking.
Children / Minors
The Sites are not targeted at, directed to or intended for the use of children under the age of thirteen. No person under the age of thirteen should use any Site or under any circumstances provide any Personal Data or other information at a Site. If you become aware that any individual under the age of thirteen has used any Site, please contact us immediately at privacy at africanictfoundation.org. By use of any Site you represent and warrant that you are over the age of thirteen.
Nigeria Privacy Rights
There is presently no specific or comprehensive data privacy or protection law in Nigeria. The only legislation that provides for the protection of the privacy of Nigerian citizens in general terms is the Constitution of the Federal Republic of Nigeria (Promulgation) Act, Chapter C23, Laws of the Federation of Nigeria 2004 (as amended) (the “Constitution”). Section 37 of the Constitution provides that:
“The privacy of citizens, their homes, correspondence, telephone conversations and telegraphic communications is hereby guaranteed and protected”.
Other than this constitutional provision, there is no other law that sets out detailed provisions on the protection of the privacy of individuals in Nigeria. There are however, a few industry-specific and targeted laws and regulations that provide some additional privacy-related protections.
One such industry-specific regulation is the Consumer Code of Practice Regulations 2007 (the “NCC Regulations”) issued by the Nigerian Communications Commission (“NCC”) – the regulator of the telecommunications industry in Nigeria). The NCC Regulations provide that all licensees must take reasonable steps to protect customer information against “improper or accidental disclosure” and must ensure that such information is securely stored. It also provides that customer information must “not be transferred to any party except as otherwise permitted or required by other applicable laws or regulations”. Unlike the Constitution, the application of the NCC Regulations is not restricted to Nigerian citizens; they apply to all customer information relating to customers of any nationality that use a licensee’s network.
In addition to the NCC Regulations, the National Information Technology Development Agency (“NITDA”) which is the national authority that is responsible for planning, developing and promoting the use of information technology in Nigeria, has also issued guidelines on data protection (the “NITDA Guidelines“). The NITDA Guidelines prescribe the minimum data protection requirements for the collection, storage, processing, management, operation, and technical controls for information
and is currently the only set of regulations that contains specific and detailed provisions on the protection, storage, transfer or treatment of personal data. The NITDA Guidelines apply to federal, state and local government agencies and institutions as well as private sector organisations that own, use or deploy information systems of the Federal Republic of Nigeria, and also apply to organisations based outside Nigeria if such organisations process personal data of Nigerian residents.
Any user, who wish to request further information about our compliance with these requirements, or have questions or concerns about our privacy practices and policies, may contact us at: privacy at africanictfoundation.org
or by mail at:
African ICT Foundation
Attn: The Executive Secretary
1 Protime close, Mopo Akinlade road
Off Abraham Adesanya, Lekki phase 2
Ajah, Lagos, Nigeria
Member Personal Data, Communication & Database
“Members” are defined as individuals, companies, organisations and/or institutions that choose to register with and have an agreed membership relationship with us. All of Your Data as a Member is covered by this Privacy Statement.
In order for you to fully enjoy the benefits of membership in AICTF, we need to be able to use Your Data for communication, record keeping and the other purposes described in this Privacy Statement. If you choose not to permit us to use Your Data as described in this Privacy Statement, you will not be able to continue as a Member. Of course, you will still be able to visit our Sites as a Visitor and to take advantage of all of the opportunities provided to Visitors to the Sites.
Changes to this Privacy Statement
We routinely update this Privacy Statement to provide additional explanation and clarification of our practices and to reflect new or different privacy practices, such as when we add new services, functionality or features to our Sites. You can determine when this Privacy Statement was last revised by referring to the Effective Date above on this page. We will also provide an archive of our past privacy policies with the ability to plainly see the changes from one to another. Any changes to this Privacy Statement will also be announced on our home page.