- The purpose of this policy is to highlight various obligations, best practices, and processes that support compliance with data privacy regulations applicable to NF in its role as both a data controller and a processor. NF also uses the information to help understand more about how supporters use our site and to make improvements. We also use the information for marketing purposes such as sending you our e-newsletter.
- This policy applies to all NF personnel and their operating units.
4. Collection and use of information
- 4.1 What Information We Collect from You
- NF collects, processes, and retains information about you when you visit our website. You may choose to provide us with the Personally Identifiable Information, or other information, to access protected information on the website or so that we can connect with you after your visit, based on your consent.
When you visit our website, we may track, collect and aggregate information indicating, among other things, which pages of our Site were visited, the order in which they were visited, when they were visited, and which hyperlinks were “clicked.” We also collect information from the URLs from which you linked to our website. Collecting such information may involve logging the IP address, operating system and browser application used. We may be able to determine from an IP address a user’s Internet Service Provider and the geographic location of his or her point of connectivity.
- 4.2 How NF uses your information
- The information we collect from you may be used in one of the following ways:
- To provide course information: We shall use your personal data to respond to your queries, understand training needs and trends and other requirements as relevant to training services.
- To communicate regarding training sessions and courses: Your information helps us keep you posted on courses, trainings, programs, initiatives and news & events.
- To customize content and improve the quality of service: NF may use your personal information to help create and personalize content. Geographic information may be used to assess the page response time and provide a better user experience.
- To obtain third-party services: We also share essential personal information with third parties who provide training services. When NF shares personal information with third-party service providers, we require that they use your personal information and other information only for the purpose of providing services to us and subject to terms consistent with this policy. Other than for the purpose of providing services, we will not sell or otherwise disclose your information to any other company.
- To contact you: Your information may be used to contact you in response to your request or to provide you with information that we think you may be interested in receiving. We will honour your request if you inform us that you do not want to receive any information that you have not specifically requested.
5. Fairness and Purpose
- NF will collect adequate, relevant, and necessary personal information and will process such information fairly and lawfully for the purpose it is collected. The purpose of collection will be specified not later than at the time of data collection, or on each occasion of the change of purpose.
6. Accuracy of information
- The information held by NF on this website shall be checked with you from time to time to ensure that it remains up to date. Should your personal circumstances change, you should notify us immediately. Refer to Section “Privacy Contact Information.”
7. Distribution of Information
- 7.1 Information Disclosure
i. NF may disclose your personal information as we believe to be necessary or appropriate:
- under applicable law, including laws outside your country of residence;
- to comply with the legal process;
- to respond to requests from public and government authorities, including public and government authorities outside your country of residence, for national security, and/or law enforcement purposes;
- to enforce our terms and conditions; and
- to allow us to pursue available remedies or limit the damages that we may sustain.
ii. We may share information with governmental agencies or other companies/ NGOs assisting us in fraud prevention or investigation. We may do so when:
- permitted or required by law; or
- trying to protect against or prevent actual or potential fraud or unauthorized transactions; or
- Investigating fraud that has already taken place. The information is not provided to these companies for marketing purposes.
- 7.2 Cross-Border Data Transfers
When conducting business, working on NF programs or projects, or implementing new processes or systems, an operation may require the transfer of personal information to other entities or third parties that are located outside of the NF operation’s country of business. While permissible data transfer mechanisms are defined by the applicable law or regulation, examples include:
- a data transfer agreement with the party who will access or obtain the personal information;
- notice to and/or approval from a country’s local data protection authority; or
- notice to and/or consent from the individual whose data is to be transferred.
8. Consent and Control
- 8.1 Consent
Consent is often referred to as an individual’s choice to “opt in” or “opt out” of NF’s use of personal information and is usually obtained by a “check box” or signature confirming that the individual understands and agrees to the processing of his or her personal information. At times, express written consent from the individual may be required based on the information-processing activity. NF receives consent from individuals before:
- collecting, using, or processing their personal information, including sensitive personal information, in certain ways or sharing their personal information with any third party;
- transferring the individuals’ personal information outside of their country of residence; or
- using or placing web cookies on an individual’s computer or other electronic devices.
- 8.2 Control of your information
NF also provides individuals with the right to control their personal information, which includes the right to access, modify, erase, restrict, transmit, or object to certain uses of their information.
You may request to review, correct, update, suppress, or otherwise modify any of your personal information that you have previously provided to us, or object to the use or processing of such personal information by us. Please send your requests to us via email. Refer to Section “Privacy Contact Information.”
In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information that you have provided to us suppressed from our database, or otherwise what limitations you would like to put on our use of your personal information that you have provided to us. NF may conduct an owner verification check to ascertain the identity of the requester.
While the majority of questions and issues related to access can be handled quickly, complex requests may take more effort and time. In such cases, issues will be addressed, or you will be contacted regarding the progress and appropriate next steps, within 30 days.
9. Data Storage
- Your personal information is stored on our systems or third-party cloud provider with industry best security certifications and practices.
10. Commitment to data security
- Your personally identifiable information is kept secure. Only authorized employees, partners, funders, vendors, and other third-party providers (who have agreed to keep information secure and confidential) have access to this information. Data access is strictly on a need-to-know, least privilege principle.
NF ensures that our supplier employs industry-standard security measures to ensure the security of information through legally binding terms and conditions. However, users of our website are responsible for maintaining the security of any password, user ID, or other form of authentication involved in obtaining access to password-protected or secure areas of the websites. Access to and use of password-protected and/or secure area of this website are restricted to authorized users only. Any unauthorized access to such areas is prohibited and may lead to criminal prosecution.
11. Retention and disposal
- We keep your Personally Identifiable Information for no longer than necessary for the purposes for which the Personally Identifiable Information is processed. The length of time we retain Personally Identifiable Information for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.
12. Supplier Obligations
- Our supplier being the cloud service provider for this website and therein being the custodian of information will be liable for the management of the following:
- security of the personal information
- appropriate retention and disposal of personal information
- appropriate storage of personal information
13. Privacy Contact Information
- If you have any questions regarding our Privacy Statement or if you need to update, change, or remove information, please email us at email@example.com
14. Changes to this Policy