We (Kitchen21) strive to ensure that the privacy of the users of our Site is recognized and protected at all times by our institution. This is because we attach great importance to the privacy of the users of our Site.
- The way personal information is collected and utilized;
- Your rights regarding the personal information;
- Who is responsible for processing of the collected and processed information.
The following information will be collected from individuals that visit our sites, and/ or utilize our programmes and services.
- First Name
- Phone Number
- Email Address
- Other programme/project specific information.
Forms and methods of data collection
We collect personal information through the following ways:
- Programme registration forms
- Survey forms
- Web inquiry
Purpose for which we collect
Your personal information collected we use it for the following purposes:
- Statistical evaluation
- Contact: We may use your Personal Information to contact you with newsletters, marketing or promotional materials.
- Managing the website
- a) Controller
The “Controller” is Kitchen21’s Impact Department. The Controller is in charge of determining the purposes for which personal information is processed and the means at the service of such processing.
- b) Obligations of the Controller
The Controller is committed to protecting the personal information collected, to not transmit it to third parties without informing you, and to respect the purposes for which personal information was collected. In the event that the integrity, confidentiality or security of your personal information is compromised, the Controller is committed to notifying you within 72 hours of noticing the security breach.
Right of access, of rectification and of removal
You have the right to consult, update, modify or request the removal of your personal information. The user can request for any of what has been mentioned in the foregoing statement by following the procedure as have been described hereinafter: the user must submit a request through email: firstname.lastname@example.org
Sharing of Personal Information
The personal information we collect (through Programme registration forms, survey forms and web inquiry) is not transmitted to any third party (Unless in specific circumstances as required by law) and is processed only by us.
Storage period of Personal Information
The controller will keep in its computer systems, in reasonable security conditions, the entirety of the personal information collected for the following duration: 10 years.
General Principles Relating to The Collection and Processing of Personal Data Under European Regulation 2016/679
In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of your personal data comply with the following principles:
- Lawfulness, fairness and transparency: your personal data may only be collected and processed with your consent. Every time your personal data is collected, you will be informed that your personal data is collected and for which reasons your personal data is collected;
- Data minimization: only personal data necessary for the purpose to which it is necessary is collected;
- Storage limited in time: personal data is stored for a limited time; of which you are notified;
- Integrity and confidentiality of collected and processed personal data: The Controller is committed to guaranteeing the integrity and confidentiality of the collected personal data.
In order to be lawful and to comply with Article 6 of European Regulation 2016/679, collection and processing will only occur if one of the following applies:
- You have given your express consent;
- Processing is necessary for compliance with a legal obligation; Processing is necessary in order to protect your vital interests or those of another physical person;
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
Additional Rights Pursuant to European Regulation 2016/679
- a) Right to submit a complaint to the competent authority
In the event that the Controller does not answer your request, you wish to challenge his or her decision or you believe one of your rights has been infringed upon, you have the right to submit a complaint to the competent authority.
The security of your Personal Information is important to us, that is why we ensure it is stored in a secure environment. Further, to ensure that your privacy is protected only the controller has access to your personal information. However, it is worth remembering that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
We are committed to respecting the legislative provisions as specified in:
- The Data Protection Act No. 3 of 2021 (‘The Data Protection Act’) | National Assembly of Zambia; and
- General Data Protection Regulation, Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
Last updated: 04 April 2022