Welcome and thank you for your interest in the International Centre for Research in Agroforestry (ICRAF, ‘we’, ‘us’ or ‘our’) www.worldagroforestry.org (Website).
- What we collect
- If the website offers you the option to register, we will collect the information you provide to us in the registration form. This may include identification data such as your name, email address or other account or registration data.
- Profile information that you provide for your user profile (e.g., first and last name).
- User content (e.g., photos, comments and other materials) that you post to the website.
- Any communication between you and ICRAF. For example, we may send you website-related emails (e.g., account verification, changes/updates to features of the website, technical and security notices). Note that you may opt out of website-related emails.
- We will collect information about you when you interact with us, for example, when you report a problem, contact or communicate with us.
- To deliver our newsletter we use a third party provider (MailChimp) We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter.
- When you use a mobile device like a tablet or phone to access our website, we may access, collect, monitor, store on your device, and/or remotely store one or more “device identifiers”. Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify the device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device's operating system or other software or data sent to the device by ICRAF.
- When you use the website, our servers automatically record certain information about your device. This information may include an equipment identifier (e.g., IMEI, UDID), country of origin, Internet Protocol (“IP”) address, and the dates and times of your requests. We use this information to provide and support, if needed, and to create de-identified or aggregate information about our users.
- We use a third party provider, (MailChimp) to manage our social media interactions. If you send us a private or direct message via social media, the message will be stored by the provider in accordance with their terms. It will not be shared with any other organization.
- Metadata is usually technical data that is associated with User Content. For example, metadata can describe how, when and by whom a piece of User Content was collected and how that content is formatted.
- Users can add or may have metadata added to their User Content including a hashtag (e.g., to mark keywords when you post a photo), geotag (e.g., to mark your location to a photo), comments or other data. This makes your User Content more searchable by others and more interactive. If you geotag your photo or tag your photo using other's APIs then, your latitude and longitude will be stored with the photo and searchable (e.g., through a location or map feature) if your photo is made public by you in accordance with your privacy settings.
- What we use the data for
- Help you efficiently access your information after you sign in
- Remember information so you will not have to re-enter it during your visit or the next time you visit the website
- Provide personalized content and information to you and others
- Provide, improve, test and monitor the effectiveness of our website
- Develop and test new products and features
- Monitor metrics such as total number of visitors, traffic and demographic patterns
- Diagnose or fix technology problems
- Automatically update the application on your device
- Provide you with customer support
- Perform research and analysis about your use of, or interest in, our products, website or content
- Communicate with you by email, postal mail, telephone and/or mobile devices (including through in-application advertising) about websites that may be of interest to you, either from us, our parent or subsidiary companies or other third parties
- Enforce our terms, conditions and policies and to communicate with you
- Manage and improve the website
- For complaints: when we receive a complaint from a person we create a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint
- We will only use the personal information we collect to process the complain. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
- We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
- We will keep personal information contained in the complaint files in line with our Retention Policy. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need-to-know’ principle.
- Similarly, where enquiries are submitted to us, we will only use the information supplied to us to deal with the enquiry and any subsequent issues.
- When we take enforcement action against someone, we may publish the identity of the defendant in our Annual Report or elsewhere. Usually we do not identify any complainants unless the details have already been made public.
- Who has access to the data
- We will not rent or sell your personal information to third parties outside ICRAF without your consent, except as noted in this Policy.
- We may share your information as well as information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that help us provide the website to you ("Service Providers"). Our Service Providers will be given access to your information as is reasonably necessary under confidentiality terms.
- We will remove parts of data that could be used to identify you and share anonymized data with other parties. We may also combine your information with other information in a way that it is no longer associated with you and share that aggregated information.
- If you delete information that you posted to the website, copies may remain viewable in cached and archived pages of the website, or if other users or third parties have copied or saved that information.
- In addition, we may disclose the personal information we collect through the website when we, in good faith, believe disclosure is appropriate to:
- Comply with applicable law
- Prevent or investigate a possible crime, such as fraud or identity theft
- Enforce the terms of the website or other agreements that govern your use of the website and/or our website
- Protect the rights, property or safety of ICRAF, our users or others
- Protect your vital interests.
- If you comment on our blog or other public forums, you should be aware that any information you submit there can be read, collected or used by other users of those blogs, and could be used to send you unsolicited messages. We are not responsible for the information you choose to submit in these blogs or for any content you receive as a result of sharing such information.
- How we store and secure your data
- Most of the information we collect is retained by us on our servers. If you are using the website from a country other than the country in which our web servers are located, the various communications will necessarily result in the transfer of information across international boundaries.
- We use commercially reasonable safeguards to help keep the information collected through the website secure, and take reasonable steps (such as requesting a unique password) to verify your identity before granting you access to your account. However, ICRAF cannot ensure the security of any information you transmit to ICRAF or guarantee that information on the website may not be accessed, disclosed, altered or destroyed.
- In case of any breach to our systems we shall inform you within 72 hours of the breach occurring.
- Personal information is retained for the length of time it is needed for use and then based on the applicable System Organization Records Disposition Schedule. Non-personal information is maintained indefinitely in aggregate form.
- User rights
- Rectification – If your personal data is inaccurate or incomplete, you can request for the same to be rectified
- Erasure – You may request that your personal data be removed from our servers. ICRAF may however, legally turn down a request for some specific reasons including:
- Right of Freedom of Expression and Information
- To comply with a legal obligation
- Public interest
- Archiving purposes
- Exercise or defence of legal claims.
- Restrict processing – To block the further processing of data. ICRAF may still be able to store data.
- To object to their data being used for processing.
- Other websites
Our site contains links to other websites. When you click on one of these links, you leave ICRAF’s website and go elsewhere. ICRAF does not accept liability for misuse of any information by any website controller to which we may link. We encourage you to read the privacy statements of these linked sites, which may differ from ours. In addition, if you take advantage of an offer from one of our partners, you may be providing information directly to that partner. We encourage you to review the privacy statements of these partners, as we are not responsible for the privacy practices of any partners or linked sites.
- Contacting us