Privacy Policy

Continental Business Integrity Standards Council (CBISC)

Last Updated: March 16, 2023

1. Introduction

The Continental Business Integrity Standards Council (CBISC) is committed to protecting the privacy and confidentiality of personal information provided to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us in any capacity.

By accessing our website or using our services, you consent to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use our website or services.

2. Information We Collect

2.1 Personal Information

We may collect the following types of personal information:

  • Contact information (name, email address, phone number, postal address)
  • Business information (company name, position, industry sector)
  • Professional credentials and qualifications
  • Financial information for certification and membership fees
  • Documentation submitted for accreditation and certification processes

2.2 Technical Information

When you visit our website, we automatically collect:

  • IP address and browser information
  • Device type and operating system
  • Pages visited and time spent on our website
  • Referring website information
  • Cookies and similar tracking technologies

3. How We Use Your Information

CBISC uses your personal information for the following purposes:

  • Processing applications for business accreditation and certification
  • Providing advisory and mentorship services
  • Organizing networking events and training programs
  • Communicating about our services and industry updates
  • Maintaining member and client databases
  • Conducting research and analysis to improve our services
  • Complying with legal and regulatory requirements
  • Preventing fraud and ensuring security

4. Information Sharing and Disclosure

CBISC does not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We may share information with trusted third-party service providers who assist us in operating our website, conducting business, or servicing you, provided they agree to keep this information confidential.

4.2 Legal Requirements

We may disclose your information when required by law, court order, or government regulation, or when we believe disclosure is necessary to protect our rights, property, or safety.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.

4.4 Consent

We may share your information with your explicit consent for specific purposes not covered in this policy.

5. Data Security

CBISC implements appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication procedures
  • Employee training on data protection practices
  • Secure data storage and backup systems

However, no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Factors affecting retention periods include:

  • The nature of our relationship with you
  • Legal and regulatory requirements
  • The need to resolve disputes or enforce agreements
  • Legitimate business interests

7. Your Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

  • Access: Request access to your personal information we hold
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request transfer of your information to another organization
  • Restriction: Request restriction of processing in certain circumstances
  • Objection: Object to processing based on legitimate interests
  • Withdrawal: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided below.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience. Cookies are small files stored on your device that help us:

  • Remember your preferences and settings
  • Analyze website traffic and usage patterns
  • Improve website functionality and performance
  • Provide personalized content and advertisements

You can control cookie settings through your browser preferences, but disabling cookies may affect website functionality.

9. International Data Transfers

CBISC operates across multiple African countries and may transfer your personal information between countries for business purposes. We ensure appropriate safeguards are in place for international transfers, including:

  • Adequacy decisions by relevant data protection authorities
  • Standard contractual clauses
  • Binding corporate rules
  • Other legally recognized transfer mechanisms

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly.

11. Changes to This Privacy Policy

CBISC may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending email notifications to registered users
  • Providing notice through our services

Your continued use of our services after the effective date of changes constitutes acceptance of the updated policy.

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Continental Business Integrity Standards Council (CBISC)
Data Protection Officer
Gigiri, Nairobi, Kenya

Email: accreditation@cbisc.org
Subject Line: Privacy Policy Inquiry

Business Hours: Monday - Friday: 8:00 AM - 6:00 PM EAT

13. Governing Law

This Privacy Policy is governed by the harmonized data protection laws of the African Union, including the African Union Convention on Cyber Security and Personal Data Protection, and applicable international data protection regulations. CBISC operates under a trans-African legal framework that recognizes the continental scope of our operations and ensures consistent data protection standards across all African jurisdictions where we provide services. Any disputes arising from this policy will be subject to resolution through the African Continental Free Trade Area (AfCFTA) dispute resolution mechanisms or the jurisdiction of competent courts in the country where the data subject resides.