Privacy Policy &
Cookie Declaration
At STEMAIDE, we are committed to protecting your personal data and being transparent about the technologies we use.
Introduction
STEMAIDE Africa ("we", "us", "our") is committed to protecting the privacy and security of your personal data. This Data Privacy Policy outlines how we collect, use, disclose, and protect your personal information.
A. Purpose of the Data Privacy Policy
The purpose of this Data Privacy Policy is to inform individuals about how STEMAIDE Africa collects, uses, stores, and protects personal data. This policy ensures transparency and accountability in our data handling practices.
B. Scope and Applicability of the Policy
This policy applies to all personal data collected by STEMAIDE Africa from customers, users, and visitors of our website, services, and products. It outlines our practices and procedures for handling such data.
C. Definitions of Key Terms
- Personal Data: Information relating to an identified or identifiable individual.
- Data Subject: The individual whose personal data is being collected, held, or processed.
- Processing: Any operation performed on personal data, whether automated or manual.
- Data Controller: The entity that determines the purposes and means of processing personal data.
- Data Processor: The entity that processes data on behalf of the Data Controller.
Collection of Personal Data
A. Types of Personal Data Collected
We collect various types of personal data, including but not limited to:
- Contact details (name, email address, phone number).
- Demographic information (age, gender).
- Educational background.
- Usage data (interaction with our products and services).
- Payment information.
B. Legal Basis for Collecting Personal Data
We collect and process personal data based on the following legal grounds:
- Consent of the data subject.
- Performance of a contract.
- Compliance with legal obligations.
- Legitimate interests pursued by STEMAIDE Africa.
C. Methods of Collecting Personal Data
Personal data is collected through various methods, including:
- Direct interactions (filling out forms on our website).
- Automated technologies (cookies and web beacons).
- Third-party sources partners and affiliates.
D. Consent and Withdrawal of Consent
Data subjects have the right to consent to the collection and processing of their personal data. They can withdraw their consent at any time by contacting us.
E. Children's Data and Parental Consent
We do not knowingly collect personal data from children under the age of 13 without parental consent. Parents or guardians can review, modify, or delete their child's personal data by contacting us.
Use of Personal Data
A. Purpose of Using Personal Data
Personal data is used for various purposes, including:
- Providing and improving our products and services.
- Communicating with users.
- Processing payments.
- Conducting research and analysis.
B. Data Minimization Principle
We collect only the personal data necessary to fulfill the specified purposes and avoid excessive data collection.
C. Lawful Processing of Personal Data
All personal data is processed lawfully, fairly, and transparently in compliance with applicable laws and regulations.
D. Retention and Storage of Personal Data
Personal data is retained only as long as necessary to fulfill the purposes for which it was collected or as required by law.
E. Accuracy and Updating of Personal Data
We take reasonable steps to ensure that personal data is accurate and up-to-date. Data subjects can update their information by contacting us.
F. Data Sharing and Transfer
Personal data may be shared with third parties for specific purposes, such as service provision and legal compliance. We ensure that such transfers are conducted securely and in compliance with applicable laws.
Rights of Data Subjects
A. Overview of Data Subjects' Rights
Data subjects have several rights regarding their personal data, including the right to access, rectify, erase, restrict processing, object to processing, and data portability.
B. Access to Personal Data
Data subjects can request access to their personal data by contacting us. We will provide the requested information within a reasonable time frame.
C. Rectification and Erasure of Personal Data
Data subjects can request the rectification of inaccurate data and the erasure of data that is no longer necessary for the specified purposes.
D. Restriction of Processing
Data subjects can request the restriction of processing under certain conditions, such as when the accuracy of the data is contested.
E. Objection to Processing
Data subjects can object to the processing of their personal data for direct marketing purposes or other legitimate interests.
F. Data Portability
Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
G. Automated Decision-Making and Profiling
Data subjects have the right not to be subject to decisions based solely on automated processing, including profiling, that significantly affect them.
Data Security
A. Measures to Ensure Data Security
We implement appropriate technical and organizational measures to ensure the security of personal data, including:
- Access controls
- Encryption
- Regular security assessments
B. Encryption and Pseudonymization
Personal data is encrypted during transmission and storage. Where appropriate, we also pseudonymize data to protect individuals' privacy.
C. Incident Response and Breach Notification
We have procedures in place to detect, respond to, and report data breaches. Affected data subjects will be notified promptly if a breach poses a high risk to their rights and freedoms.
D. Employee Responsibilities and Training
Our employees are trained on data privacy and security practices. They are required to follow internal policies and procedures to protect personal data.
Third-Party Processors
A. Use of Third-Party Processors
We may engage third-party processors to perform certain functions on our behalf, such as payment processing and data analysis.
B. Due Diligence in Selecting Processors
We conduct due diligence to ensure that third-party processors have adequate data protection measures in place.
C. Data Processing Agreements with Processors
We enter into data processing agreements with third-party processors to ensure compliance with data protection laws.
D. Monitoring and Auditing of Processors
We regularly monitor and audit third-party processors to ensure they comply with our data protection requirements.
International Data Transfers
A. Transfer Mechanisms
Personal data may be transferred to countries outside the European Economic Area (EEA) using appropriate transfer mechanisms, such as:
- Standard contractual clauses
- Adequacy decisions
- Binding corporate rules (BCRs)
B. Adequacy Decisions
We ensure that transfers are based on adequacy decisions by the European Commission or standard contractual clauses that provide appropriate safeguards.
C. BCRs and Certification
We may use BCRs or other certification mechanisms to ensure that personal data transferred internationally is adequately protected.
Compliance and Enforcement
A. Data Protection Officer (DPO)
Our Data Protection Officer (DPO) is responsible for overseeing compliance with this policy and data protection laws. The DPO can be contacted at dop@stemaide.com.
B. Internal Policies and Procedures
We have internal policies and procedures in place to ensure compliance with data protection laws and this policy.
C. Impact Assessments
We conduct data protection impact assessments (DPIAs) for high-risk processing activities to identify and mitigate potential risks.
D. Audits and Reviews
We regularly audit and review our data protection practices to ensure ongoing compliance and identify areas for improvement.
E. Breaches and Complaints
We have procedures in place to handle data breaches and complaints. Data subjects can contact us to report a breach or file a complaint.
Updates & Conclusion
Updates and Amendments
Review and Revision: We regularly review and update this policy to reflect changes in our practices or legal requirements. The latest version will always be available on our website.
Notification of Changes: We will notify data subjects of any significant changes to this policy and obtain their consent where required.
Conclusion
Commitment: STEMAIDE Africa is committed to protecting the privacy and personal data of our users. We strive to implement best practices and comply with all applicable data protection laws.
Contact Information: If you have any questions or concerns about this Data Privacy Policy or our data protection practices, please contact us at: contact@stemaide.com.
Cookie Declaration
Cookies are small files stored on your device (computer or mobile device). They allow our site to recognize your browser and capture certain information to provide a more personalized experience.
priority_high Essential Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you, such as setting your privacy preferences, logging in, or filling in forms.
query_stats Analytical/Performance Cookies
We use tracking technologies like Google Analytics to understand how visitors interact with our ecosystem. This helps us improve the structure and content of our website. All data is anonymized.
settings Functional Cookies
These allow the website to remember choices you make (such as your language or currency preference) and provide enhanced, more personal features.
Effective Date: January 31, 2024. This declaration is reviewed periodically to ensure alignment with GMT and International data standards.
Ready to start the revolution?
Join thousands of students and teachers building the future.