- How your Personal Information is collected and used
- Protecting your Information
- Data sharing and Transfer
- Accessing and changing your Information
- Changes to this privacy statement
- Questions or suggestions
AFRINIC as company respects your privacy and is committed to protecting any personal information that you provide us in the course of our service or in any other context of our operations.
This privacy statement describes how AFRINIC collects, uses, and protects your personal information.
As the Regional Internet Registry (RIR) serving the African and Indian Ocean region, AFRINIC distributes Internet Number Resources comprising Internet protocol (IPv4 and IPv6) addresses and Autonomous System Numbers (ASNs). In so doing, AFRINIC collects personal information that is necessary to support its role as the RIR for the region. AFRINIC endeavors to ensure that all information it holds is accurate, complete, and up-to-date.
2) How your Personal Information is collected and used
AFRINIC collects personal information for the following reasons:
- to support Internet resource requests
- for account and billing purposes
- to administer meetings, training events, and other communication activities (such as mailing lists and the MyAFRINIC portal)
- to monitor network performance
- for recruitment
- for surveys, polls or elections
Each of these purposes is described below
2.1 Data used to support resource requests
Internet addresses are public resources. To ensure that these resources are managed responsibly, AFRINIC must collect a range of information including:
- Documentation of network infrastructure, plans, and customer details which demonstrate the need for addresses requested; and
- Personal information of people authorised by an organisation to request resources and maintain database entries.
AFRINIC collects such information from text forms that are submitted by email; web forms, on either the main AFRINIC website or the MyAFRINIC web portal; from general correspondence by phone, email, post, and fax; and from face-to-face meetings. AFRINIC uses this information to evaluate resource requests and administer member accounts. It may store some or all of this information for archival purposes, for tractability and for the purposes of validating or auditing resource allocations in future.
Some of the personal information you provide may be publicly registered in the AFRINIC WHOIS Database. This is limited to contact details relating to the allocation of specific public Internet resources. Please note that in relation to the network contact details, the AFRINIC WHOIS Database allows organisations to register "role objects" in place of personal details.
2.2 Data used for account and billing purposes
The AFRINIC Secretariat collects organisational and personal information for billing and account administration purposes. All AFRINIC members are required to provide an email address that will be included on a mailing list for membership-related announcements. This does not need to be a personal email address. AFRINIC does publish the names and URLs of AFRINIC member organisations on its main website but does not publish personal details relating to those members.
2.3 Data used for meetings, training, and communication activities (such as mailing lists and the MyAFRINIC portal)
In order to administer meetings, training sessions, and public discussion lists, it is necessary for AFRINIC Ltd to use registration forms and voluntary subscription procedures to collect the required information.
The information gathered by registration forms is used to help plan and conduct public meetings and training sessions. AFRINIC archives registration details to help plan future events and develop services. The information gathered by mailing list subscription procedures is used only in the mailing lists you specify.
AFRINIC provides simple online tools to allow you to manage your own subscription status on mailing lists.
Certain events such as AFRINIC meetings require photography and videography and such media may be used in AFRINIC publications or on the AFRINIC website. AFRINIC always takes necessary steps to inform event attendees that photography and videography may take place.
2.4 Data used to monitor network performance
AFRINIC logs certain technical data from visits to AFRINIC websites in order to analyse how the online services are used and how they perform. This is needed to maintain and develop services. No attempt is made to personally identify people who browse these websites, or build profiles of their browsing patterns.
In cases where AFRINIC online services are abused or attacked, AFRINIC may use the logged information to investigate the incidents or to deny further access to those responsible. AFRINIC does use "cookies". If you agree, the file is added and the cookie helps analyse Web traffic or assists with the provision of services. You can choose to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you set your browser to warn you before accepting cookies, you will receive a warning message with each cookie. If you set your browser to reject cookies you may not be able to use some services on various sites.
2.5 Data used for recruitment
3 Protecting your Information
AFRINIC policies and agreements contain specific protections for the confidentiality and security of information collected by AFRINIC Operations. All AFRINIC staff members, contractors, and Executive Council members, are required to sign non-disclosure agreements relating to any confidential information received. In addition, AFRINIC maintains a high level of physical security and protection for all its computer and network facilities, and in particular for those in which personal information may be stored.
4 Data sharing and Transfer
AFRINIC may need to share information with other Internet related organisations such as ICANN and IANA. The information shared is limited to that which is required in application of any global policy to which AFRINIC subscribes to and for the respective purpose, and is subject to those other organisations providing guarantee equivalent to levels of security and protection. Only Internet operational and troubleshooting applications may download information from the AFRINIC WHOIS Database. Only information that is normally publicly available is transferred in these downloads. The AFRINIC Secretariat does not share personal information which is collected from event registration forms, except when required for the management of the event or service in question. AFRINIC may publish a lists of meeting attendees on its website as part of its commitment to open and transparent policy development. However, only the name of the attendee and their organisation is listed. AFRINIC does not share any mailing list subscription details, although it may on occasion forward external messages to a particular mailing list if it is relevant and appropriate for that list. AFRINIC does, however, provide publicly searchable archives of all public mailing lists as this is necessary for the open and transparent policy development process. AFRINIC does not share personal information that you have provided in relation to recruitment unless you expressly consent to this.
5 Accessing and changing your Information
Individuals and organisations that maintain information in the AFRINIC WHOIS Database are able to modify their own registration details by using either email or web-based methods. To prevent unauthorised changes there are strict procedures to identify people and verify their right to request changes. You may modify, at any time, any information you have used in a web-based form. [You will need to create a password and AFRINIC will then send you a personalised URL which allows you to modify that information]. This data will generally be deleted from AFRINIC servers after two weeks.
You may unsubscribe yourself, at any time, from any AFRINIC mailing lists you have subscribed to.
If you have concerns about the accuracy or appropriateness of any other personal information held by AFRINIC, please contact us. AFRINIC staff will seek to correct any mistakes and resolve problems as soon as possible.
In the event that AFRINIC becomes aware of any loss, corruption or leakage of personal data submitted to it by a data subject, as defined by the Data Protection Act of 2004 in Mauritius, AFRINIC shall notify the data subject and the community thereof.
7 Changes to this privacy statement
AFRINIC will amend this statement from time to time. If there are any substantial changes, they will be announced on the AFRINIC website.
8 Questions or suggestions