Wednesday, Oct 27, 2021

1. INTRODUCTION

In compliance with the EU Pillar Assessment No. 9 on Personal Data Protection, IGAD has aligned its cookie policy to the the ePrivacy Directive (also known as the EU cookie law). The EU cookie law regulates the use of data by websites, companies and service providers, how they are allowed to handle it, use it and for what purpose they are allowed to share it.

A cookie is a small data file that a website places on its users’ devices (computer, phone and tablet), which enables it to recognize them and know things about them. It’s positioned between a website and its users.>

In general terms, there are different ways of categorizing cookies. The first way is in the originator and owner of the cookies.

  • First-party cookies are those placed on a user’s computer by the website that he or she has visited.
  • Third-party cookies are those cookies belonging to a third party with access to the first-party site.

The other way to categorize cookies is on how long the cookie stays on the user’s browser for:

  • Session cookies are temporary cookies that are only stored on a user’s device for the duration of their stay on a given website, their session. The minute they click away, these cookies expire.
  • Persistent cookies, on the contrary, are cookies that linger on the user’s browser for much longer than merely a session, sometimes even for years. These are often “necessary cookies” and “preference cookies” that handle things like user log-in or language settings on a website, but they might also be “analytics cookies”, “advertisement cookies”, and “social media cookies” that enable actions such as personal profiling and targeted online marketing.

IGAD will post a Cookies Notice on its websites that is separate from the Privacy Policy.

Anyone who visits an IGAD website should be:

  • Notified that IGAD is using cookies.
  • Given information about the type of cookies IGAD is using.
  • Informed of what options are available to them if they want to opt out of having the website's cookies stored on their devices.

It is important to note that:

  • It is a must to acquire consent before placing cookies on a user's device. User consent must be given through affirmative action. This means that they must be asked for consent through an opt-in checkbox or by allowing users to configure cookies preferences from the Settings section of the website. User consent cannot be assumed or implied.
  • It must be easy to opt out of use of cookies. The website must give users an easy way to opt out of cookies, even after consent has been given. If consent was asked through options in the Settings section, then it should be possible to withdraw consent in the same section.

2. OBJECTIVE

The purpose of this document is to lay the necessary foundation and framework from which IGAD will develop its Cookie implementation on its corporate website and any other website it owns.

It describes the statements that are to be made public as per the requirement of the IGAD Data Protection Policy.

3. SCOPE

This policy shall apply to all of IGAD’s publicly available websites including the corporate website and the institution’s websites.

All staff, website developers (outsourced or internal) who may be involved in the design and development of an IGAD website are required to adhere to the requirements of this policy.

4. POLICY STATEMENTS

4.1 What are Cookies

In the context of computers, cookies are small files that contain information about browsing activity. Whenever you visit a website, the website sends a cookie to the device you're using to access the website. Your device automatically stores the cookie in a file that's located within your web browser.

When you revisit a site, the website will respond in a more personalized way, remembering your preferences, providing faster page load times and so forth.

4.2 Types of cookies used by IGAD

This Website uses “technical” Cookies and other similar Trackers to carry out activities that are strictly necessary for the operation or delivery of the Service.

These cookies are not essential but they help to personalize and enhance your online experience with IGAD. They help us to remember your preferences e.g. language preference and thus save you from having to reenter information that you had already shared with us. Deletion of these cookies may result in limited functionality of our service.

4.3 The purpose of using the cookies

This document informs Users about the technologies that help this Website to achieve the purposes described below. Such technologies allow the Owner to access and store information (for example by using a Cookie) or use resources (for example by running a script) on a User’s device as they interact with this Website.

For simplicity, all such technologies are defined as "Trackers" within this document – unless there is a reason to differentiate. For example, while Cookies can be used on both web and mobile browsers, it would be inaccurate to talk about Cookies in the context of mobile apps as they are a browser-based Tracker. For this reason, within this document, the term Cookies is only used where it is specifically meant to indicate that particular type of Tracker.

Some of the purposes for which Trackers are used may also require the User's consent. Whenever consent is given, it can be freely withdrawn at any time following the instructions provided in this document.

This Website uses Trackers managed directly by the Owner (“first-party” Trackers). Unless otherwise specified within this document, third-party providers may access the Trackers managed by them. The validity and expiration periods of Cookies and other similar Trackers may vary depending on the lifetime set by the Owner or the relevant provider. Some of them expire upon termination of the User’s browsing session.

4.4 Opting out of Cookies or Withdrawing Consent

There are various ways to manage Tracker related preferences and to provide and withdraw consent, where relevant:

Users can manage preferences related to Trackers from directly within their own device settings, for example, by preventing the use or storage of Trackers.

Additionally, whenever the use of Trackers is based on consent, Users can provide or withdraw such consent by setting their preferences within the cookie notice or by updating such preferences accordingly via the relevant consent-preferences widget.

It is also possible, via relevant browser or device features, to delete previously stored Trackers, including those used to remember the User’s initial consent.

Other Trackers in the browser’s local memory may be cleared by deleting the browsing history.

With regard to any third-party Trackers, Users can manage their preferences and withdraw their consent via the related opt-out link (where provided), by using the means indicated in the third party's privacy policy, or by contacting the third party.

4.4.1 Locating Tracker Settings

Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses:

  • Google Chrome
  • Mozilla Firefox
  • Apple Safari
  • Microsoft Internet Explorer
  • Microsoft Edge
  • Opera

Users may also manage certain categories of Trackers used on mobile apps by opting out through relevant device settings, such as the device advertising settings for mobile devices, or tracking settings in general (Users may open the device settings, view and look for the relevant setting).

4.5 Cookies Notice

Displaying a banner pop-up box on the IGAD website is an effective way of letting visitors know that IGAD is using cookies. It's important that the information in the pop-up is clear and easy to understand.

IGAD will provide a cookies notice to users as soon as they arrive at the corporate website in the form of the banner pop-up box. This notice will include:

  • Information about your use of cookies,
  • A link to your Privacy Policy and/or Cookies Policy,
  • Information about how cookies settings can be adjusted, and
  • A method for users to consent to or decline your use of cookies

This will be done via a popup bar appearing at the bottom of the web page that is conspicuous enough without significantly blocking the webpage and creating an experience for the website user that makes them feel like consent is a prerequisite to viewing the website content.

The pop-up banner content shall be the same as or closely resemble that in Appendix A of this Policy.

5. ROLES AND RESPONSIBILITIES

  • All stakeholders submitting Exception approval requests, should authorize and accept the residual risks for which the Exception process is sought.
  • The final approval of the Exception will be obtained only from the functional heads.
  • Information Technology, Data Protection Officer and Risk functions would act as a Coordinator to collate and track Exception closure.
  • Data Protection Officer will ensure that there is no exception to any policies, procedures or standards that would lead to the loosening of controls against breach of PII or the exposure of PII to threats.

6. COMPLIANCE

Noncompliance with this policy may result in breach of applicable legislation, loss of revenue, image and/or reputation. Any breach of this policy will be dealt with according to IGAD HR disciplinary policy and procedures and may lead to termination of employment. Where required, illegal activities may also be reported to the appropriate authorities

7. EXCEPTIONS

Where systems, procedures or processes are not able to meet the requirements of this policy and an appropriate business justification exists, an exception should be raised for review and approval according to the Policy Exception Handling Procedure

8. REVISION

This policy will be reviewed at regular intervals in order to ensure relevance and general responsiveness especially to new and emerging issues. Other areas of interests will be incorporated from time to time. IGAD will attempt to notify users of any modifications by an appropriate communication means, or any other where possible.

This Privacy Statement describes our policies and procedures on the collection, use and disclosure of your information when you use this website service and tells you about your privacy rights and how the law protects you.

We use your personal data to provide and improve the web services. By using the web services, you agree to the collection and use of information in accordance with this Privacy Statement.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Statement:

  • Account means a unique account created for You to access our Service or parts of our Service.
  • Organization (referred to as either "the Organization", "We", "Us" or "Our" in this Agreement) refers to IGAD,
  • Cookies are small files that are placed on your computer, mobile device or any other device by a website, containing the details of your browsing history on that website among its many uses.
  • Country refers to: Republic of Djibouti
  • Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.
  • Personal Data is any information that relates to an identified or identifiable individual.
  • Service refers to the Website.
  • Service Provider means any natural or legal person who processes the data on behalf of the Organization. It refers to third-party companies or individuals employed by the Organization to facilitate the Service, to provide the Service on behalf of the Organization, to perform services related to the Service or to assist the Organization in analyzing how the Service is used.
  • Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.
  • Usage Data refers to data collected automatically, either generated using the Service or from the Service infrastructure itself (for example, the duration of a page visit).
  • Website refers to IGAD, accessible from https://www.igad.int/ and/or other institutional websites.
  • You means the individual accessing or using the Service, or the Organization, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Phone number
  • Address, State, Province, County, District, Postal Code, City
  • Usage Data

Usage Data

Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:

  • Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.
  • Flash Cookies. Certain features of our Service may use local stored objects (or Flash Cookies) to collect and store information about Your preferences or Your activity on our Service. Flash Cookies are not managed by the same browser settings as those used for Browser Cookies.
  • Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Organization, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser.

We use both Session and Persistent Cookies for the purposes set out below:

  • Necessary / Essential Cookies
    Type: Session Cookies
    Administered by: Us
    Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
  • Cookies Policy / Notice Acceptance Cookies
    Type: Persistent Cookies
    Administered by: Us
    Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
  • Functionality Cookies
    Type: Persistent Cookies
    Administered by: Us
    Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy.

Use of Your Personal Data

The Organization may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service.
  • To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.
  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.
  • To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
  • To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
  • To manage Your requests: To attend and manage Your requests to Us.
  • For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends and to evaluate and improve our Service, and your experience.

Sharing your personal information

We may share Your personal information in the following situations:

  • With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You.
  • With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor the IGAD Data Protection Policy. Affiliates include Our institutions, research partners, development partners or other companies that We control or that are under common control with Us.
  • With Your consent: We may disclose Your personal information for any other purpose with Your consent.

Retention of Your Personal Data

We will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Statement. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Organization’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

The Organization will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Statement and the IGAD Data Protection Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Disclosure of Your Personal Data

Business Transactions

We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Organization may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Organization may disclose Your Personal Data in the good faith if we believe that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of the Organization
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of Users of the Service or the public
  • Protect against legal liability

Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Children's Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update Our Privacy Statement and Policy from time to time. We will notify You of any changes by posting the new Privacy Statement on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Statement.

You are advised to review this Privacy Statement periodically for any changes. Changes to this Privacy Statement are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact us:

  • By email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Cookie Statement

We use cookies to improve user experience and analyze website traffic. For these reasons, we may share your site usage data with our analytics partners. By clicking “Accept Cookies,” you consent to store on your device all the technologies described in our Cookie Policy.





I agree and gave my permission to be contacted through email using the information I have supplied in this form for news and updates.