AFRINIC is committed to protecting your privacy, confidentiality and security of the data that you provide us when using our website, contact our office, or when interacting with us.
Please read this privacy statement carefully as it contains essential information on how AFRINIC, as a controller, treat the personal data that you provide us.
1. Why and how we use your data?
We use your data in the course of our organisational activities and interaction with you for the following purposes:
- performing our agreement with you;
- assisting you with your queries or concerns;
- treating your applications for specific job vacancies or on a spontaneous basis;
- ensuring the security of our offices and people;
- keeping an accurate evacuation list in case of emergency;
- complying with any legal or regulatory obligations imposed on us;
- promoting our corporate initiatives (like events and cocktails) on AFRINIC social media; and
- Sending you communications if you have consented to receiving the same, and for any other purposes for which we have your consent.
2. Which personal data do we collect?
To fulfil our role as a Regional Internet Registry, AFRINIC collects information through the use of our websites, the MyAFRINIC member portal, the New Member Registration Portal systems, WHOIS services, mailing lists and interactions with individuals.
Thus when interacting with us, we may collect the following personal data for our organisational activities (refer to section 2 below)
- your name and surname;
- your national identity card number;
- your passport details;
- your residential address;
- your contact details (phone and fax numbers, email addresses);
- CV, pictures and qualifications details when you either spontaneously apply for a job at AFRINIC or respond to a vacancy notice;
- your photos and videos when you participate in corporate events, cocktails, sports events organised by AFRINIC;
- your name, surname, signature and national identity card details in our visitors’ logbook when you visit us;
- any other personal data necessary to fulfil your special requests; and
- any other personal data that you choose to provide to us.
Also, when you choose to receive our campaign communications, we ask that you provide us with your email address. The provision of this information is purely voluntary, and you may opt-out of receiving our campaign communications at any time by unsubscribing to these communications.
3. To whom do we disclose personal data?
Your data may be shared as follows:
- between and among members of AFRINIC as may be relevant for the purposes set out in section 2 above, but we shall only do so on a strictly need to know basis;
- with our employees for purposes of fulfilling our organisational activities, treating job applications or conducting an internal analysis to improve our company and services; and
- with our agents, advisers, accountants, auditors, lawyers, other professional advisors, contractors or third-party service providers to assist us to manage better, support or develop our business and comply with our legal and regulatory obligations.
AFRINIC ensures that your data is always safe. Only designated staff will access your information to fulfil our agreement, treatment of job applications, or promoting our professional relationship with you. Also, third parties with whom we share your data will be contractually obliged to safeguard all personal data to which they have access.
Please note that some disclosures will not require your consent, this happens when we share your data with;
- law enforcement bodies/agencies and other statutory authorities if required by law and
- if required or authorised by law or if we suspect any unlawful activities on your part.
4. Overseas transfers of your information
In some cases, we may need to transfer your data with organisations located in countries outside our territorial limits to provide our services to you. We will secure the data transfer.
Occasionally, we could use your name and contact information to send you emails, post, or social media information that we think may be of interest to you, including stories, events, products and services offered by AFRINIC. However, we can only do so with your consent.
You will also be able to opt-out from receiving such communications at any time, free of charge, by contacting us following the section “Contact Us” below.
6. How long do we keep your information?
Your data will be stored for as long as required to fulfil our organisational purposes and for the period required by law. As per legal requirements, we will take reasonable steps to secure and anonymise your data and destroy it when retention is no longer necessary for legal or organisational goals (as set out in section 2 of this statement).
7. Processing of personal data must be justified
We will only process your data where we are satisfied that we have an appropriate legal basis to do so, such as
- for the performance of a contract between us;
- where you have provided us with your express consent to process your data for a specific purpose;
- our use of your information is necessary to fulfil our statutory obligations with relevant authorities (regulators, tax officials, law enforcement bodies) or otherwise meet our legal responsibilities;
- our use of your data is in our legitimate interest as a Regional Internet Registry;
- for the purpose of historical, statistical or scientific research.
8. Security of personal information
AFRINIC has in place reasonable technical and organisational measures to prevent unauthorised or accidental access, processing, erasure, loss or use of your data and to keep your data confidential. These measures are subject to ongoing review and monitoring.
We cannot guarantee that our website will function without disruptions. We shall not be liable for damages that may result from;
- the uses of electronic means of communication, including, but not limited to, damages resulting from the failure or delay in delivery of electronic communications,
- interception or manipulation of electronic communications by third parties or by computer programs used for electronic communications and transmission of viruses.
9. Links to other websites
We do not accept any responsibilities or liabilities for their policies or for any data which they may collect through their sites. Please check these policies before you submit any personal information to these other websites.
10. Access to your data
You have the right to request a copy of the personal data we hold about you. To do this, contact our Data Protection Officer and specify what information you would like. We will take all reasonable steps to confirm your identity before providing details of your data.
You will not have to pay a fee to access your data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
11. Correction of your data
You have the right to ask us to update, correct or delete your data. We will take all reasonable steps to confirm your identity before making changes to personal data we may hold about you.
We would appreciate it if you would take steps to notify us of any changes with your data accuracy that we need to know.
12. Withdrawal of consent and request for deletion of personal data
You may also withdraw your consent to receiving information from us, or more generally to our processing of your data, at any time, and you may in certain circumstances ask us to delete your data. However, we may not be able to fulfil our contractual obligations towards you if you entirely withdraw your consent or ask us to delete your data entirely. To protect your data, we shall require you to first prove your identity at the time of the request, for instance, by providing a copy of your national identification card, contact details or answering some other security questions to satisfy our authentification process, before we may proceed with your request(s).
Whenever reasonably possible and required, we will strive to grant these rights within 30 days. However, our response time will depend on the complexity of your requests. We will respond to your requests free of charge, unless if, your request involves processing or retrieving a significant volume of data, or if we consider that your application is unfounded, excessive or repetitive in which case we reserve the right to charge a fee (as mentioned above regarding access).
There may be circumstances where we are not able to comply with your requests, typically in relation to a request to erase your personal data or where you object to the processing of your data for a specific purpose or where you request that we restrict the use of your data where we need to keep your data to comply with a legal obligation or where we need to use such information to establish, exercise or defend a legal claim. To make these requests, or if you have any questions or complaints about how we handle your data or would like us to update the information we maintain about you and your preferences, please contact our Data Protection Officer at the address set out under section 16 below.
13. Cookies policy
13.1) What is a cookie?
Cookies are small data files that your browser places on your computer or device. Cookies help your browser navigate a website and the cookies themselves cannot collect any data stored on your computer or your files. When a server uses a web browser to read cookies, they can help a website deliver a more user-friendly service. For your privacy, the browser lets a website access cookies that it has already sent to you.
13.3) How are third party cookies used?
13.4) How do I reject and delete cookies?
14. Amendments to this Privacy statement
AFRINIC may amend this privacy statement from time to time. We will publish all amendments on our website for your information regarding the way we collect and use your data. Any changes to this privacy statement will become effective upon posting of the revised privacy statement on the website. Use of our website following such changes constitutes your acceptance of the revised privacy statement than in effect but, to the extent such changes have a material impact on your rights or obligations as regards our handling of your data, such changes will only apply to personal data after the changes are applied.
This privacy statement is governed by and shall be construed in accordance with the laws of the Republic of Mauritius. This privacy statement is in the English language, and we may translate it into other languages. In the event of any inconsistency between the English version and the translated version of this privacy statement, the English version shall prevail.
16. How to contact us?
The Data Protection Officer,
11th Floor, Standard Chartered Tower
72201, Cybercity Ebène
Republic of Mauritius
If you believe that we have not handled your request appropriately, you may complain with the Mauritius Data Protection Office at the following address:
Data Protection Commissioner (DPC)
The Data Protection Officer,
5th floor, SICOM Tower,
Wall Street Ebène, Mauritius
However, we ask that you, please try to resolve any issues with us first before referring your complaint to the DPC.
|Version 3 (Current)||21 November 2019|
|Version 2||19 December 2015|
|Version 1||May 2012|