Data Privacy and Protection Policy
This policy elaborates AAS’s obligations to protect the personal information of all those who provide it to AAS and to ensure that all records that come into the possession of AAS in the performance of its duties and responsibilities are properly collected, securely protected, confidentially managed and not made accessible to any third party without following due process or getting the consent of parties involved.
The AAS will ensure that personal data is gathered legally and under strict conditions, and those who collect and manage it protect it from misuse and exploitation, as well as respect the rights of data owners.
a) Type of information collected
AAS may collect personal information from applicants when they access any of the AAS websites and/or register and/or create an account on the AAS Ishango Online System, including, IP address, location, name(s), email address(es), personal address(es), business address(es), personal identification documents, and phone number(s).
b) Use of personal information
AAS will use the personal information collected by it for the following purposes:
- To process and review applications made on the AAS website/online system by external parties.
- To correspond with data owners who may be applicants, experts, consultants and partners.
- To conduct due diligence activities which may include identity verification, anti-terrorism, anti- corruption, legal personality, economic sanctions and financial checks.
- To provide ongoing service to applicants, experts, consultants, partners and other relevant organizations and individuals.
- To inform applicants, experts, consultants and partners about any relevant AAS news and information, or any relevant news or information of AAS’s partners or affiliates, including future Requests for Proposals or any other related information.
- For other purposes related to the mandate of AAS.
d) Disclosure of Personal Information
Under no circumstances will personal information collected, be communicated or disseminated to third parties, except:-
- Service providers and suppliers
- Funding Partners
- Third party contractors, consultants and experts
- When required by law.
e) General Data Protection Regulation (GDPR) Rights
The AAS will enable these rights for all users whose personal information is held in corporate systems:-
Right to Access
Users can access most of the data The AAS has about them through their portal on the AAS Ishango Grants Management System (Ishango), or any other corporate system in use. If users would like a complete report on what personal information The AAS has about them, they should email firstname.lastname@example.org.
Right to Rectification
The AAS will strive to keep records accurate. If users would like to modify an inaccurate record, in most cases they can edit the data themselves through the portals.
Right to Data Portability
If users would like a copy of their personal data to transfer to a new system, they should email email@example.com.
Right to Object
Users can object to The AAS processing users data in certain circumstances. They should email firstname.lastname@example.org with more information about their request and reason for objecting.
Right to Restrict Use
Uses can request that The AAS restrict the processing of their data in certain circumstances.
Right to Erasure
Users can request that The AAS delete their data in some circumstances. They should email email@example.com with more information about their request.
f) How long does The AAS keep data?
Retention periods vary depending on the category of data. In every case, data will be kept for as long as necessary to fulfill the originally intended purpose.