1.3 All your personal Information shall be held and used in accordance with the EU General Data Protection Regulation 2016/679 ("GDPR") and national laws implementing GDPR and any legislation that replaces it in whole or in part and any other legislation relating to the protection of personal data.
As part of our Data Controller responsibilities we have an assigned Data Protection Officer (or equivalent). The Data Protection Officer for ISNAD Institute is Waheed Yousef and can be contacted at firstname.lastname@example.org
Data – Collectively all the information that you submit to ISNAD Institute via the website. This definition incorporates, where applicable the definitions provided in the Data Protection Laws.
Data Protection Laws – Any applicable law relating to the processing of personnel data, including but not limited to the Directive 96/46/EC (Data Protection Directive) or the GDPR, and any national implementing laws, regulations and secondary legislation, for as long as the GDPR is effective in the UK
GDPR – The General Data Protection Regulation (EU) 2016/679
ISNAD Institute, We, or Us – ISNAD Institute, a non-profit community organisation.
User or You – Any third party that accesses the website and is not either (i) employed by ISNAD Institute and acting in course of their employment, or (ii) engaged as a volunteer/consultant or otherwise provide services to ISNAD Institute and accessing the website in connection with the provision of such services.
Website – The website you are currently using, www.ISNAD.courses, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
a. the singular includes the plural and vice versa;
c. a reference to a person includes firms, companies, government entities, trusts and partnerships;
d. “including” is understood to mean “including without limitation”;
e. reference to any statutory provision includes any modification or amendment of it;
3.2 For the purposes of the applicable Data Protection Laws, ISNAD Institute is the “data controller”. This means that ISNAD Institute determines the purposes for which, and the manner in which, your data is processed.
4.1 As a visitor, you do not have to submit any data in order to use this Website.
4.2 The site collects only personally identifiable information that is specifically and voluntarily provided by visitors. Such information may consist of, but is not limited to:
- your name, email address, telephone number
- answers to questions about your course application and preferences
4.3 If you, as a visitor, choose to submit data to this Website (including the mobile optimised version of the website accessible from your portable hand-held device), you agree to the use of such data in accordance with this privacy statement. Only authorised personnel have access to personally identifiable information submitted through the Website. Such employees and volunteers are required to maintain the confidentiality of this sensitive data.
4.4 You may provide us with Information in a number of ways:
a) by supplying us with the Information as listed above, on an individual basis via our application form.
b) by corresponding with us by email, in which case we may retain the content of your email messages together with your email address and our responses;
c) by corresponding with us by WhatsApp or SMS, in which case we may retain the content of your messages together with your contact number and our responses;
5.1 As required by the GDPR we must only request data if we have a legal basis for doing so. You are agreeing to provide this information in order for us to form a contract that will allow us to use your details and information presented so that we may provide services to you and carry out statistical analysis.
6.1 Any or all of the above data may be required by us from time to time in order to provide you with the best possible service and experience when using our website. Specifically, your data may be used by us for the following reasons:
- To communicate with you in regards to our courses
-Internal recording keeping
- Improvement of our products and services
- Transmission by email, sms, and whatsapp for marketing materials that may be of interest to you
- Contact for market research purposes which may be done using email, telephone, mobile, or mail. Such information may be used to customise or update the website
6.2 We may use your data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not satisfied with this, you have the right to object in certain circumstances (see the section headed “Your Rights”).
6.3 For the delivery of direct marketing to you via e-mail, sms, or WhatsApp, we will need your consent, whether via an opt-in or a soft opt-on:
a. soft opt-in consent is a specific type of consent which applies when you have previously engaged with us (for example, you contact us for more details on our courses, and we are marketing a similar course/service). Under “soft opt-in” consent, we will take your consent as given unless you opt-out.
b. For other types of marketing, we are required to obtain your explicit consent, that is, you need to take positive and affirmative action when consenting by, for example, checking a tick box that we’ll provide.
c. if you are not satisfied about our approach to marketing, you have the right to withdraw consent at any time. To find out how to withdraw your consent, see the section headed “Your Rights” below.
7.1 The data you provide during course application(s):
- will be made available to us and our processors
- will be used for communication with you regarding your application
- will be used for statistical analysis
7.2 Although we may provide visitor information to service providers that handle information on our behalf, we will not share the information with third parties for secondary or unrelated purposes unless otherwise disclosed at the point of collection and not without having gained acceptance at the point of collection.
8.1 The personal data that you provide when applying for a course with ISNAD Institute is retained until you request the data to be deleted.
8.2 To request your data to be deleted, contact us at email@example.com.
9.1 You have certain rights in relation to personal information we hold about you. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on your request:
a. Right of Access: You have the right at any time to ask us for a copy of the Information about you that we hold, and to confirm the nature of the Information and how it is used
b. Right to correct – the right to have your data rectified if it is inaccurate or incomplete
c. Right to erase – the right to request that we delete or remove your data from our systems
d. right to restrict our use of your data – the right to “block” us from using your data or limit the way in which we can use it
e. right to data portability – the right to request that we move, copy, or transfer your data
f. right to object – the right to object to our use of your data including where we use it for our legitimate interests
9.2 To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your data (where consent is our legal basis for processing your data) please contact us via this email address: firstname.lastname@example.org.
9.3 If you are not satisfied with the way a complaint you make in relation to your data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioners Office (ICO). The ICO’s contact details can be found at their website: https://ico.org.uk.
9.4 If is important that the data we hold about you is accurate and current. Please keep us informed if your data changes during the period for which we hold it.
10.1 Data we collect from you may be stored and processed in and transferred to countries outside the European Economic Area (EEA). For example, this could occur if our serves are located in a country outside the EEA, or one of our service providers is situated in a country outside the EEA.
10.2 We will only transfer data outside the EEA where it is complaint with data protection legislation and the means of transfer provides adequate safeguards in relation to your data by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission, or by signing up to the EU-US Privacy Shield framework, in the event that the organisation in receipt of data is based in the United States of America.
10.3 To ensure that your data received adequate levels of protection, we have put in place appropriate safeguards and procedures with the third parties we share your data with. This ensures your data is treated by those third parties in a way that is consistent with the Data Protection Laws.
12.1 Similar to other websites, our website uses a technology called "cookies" and web server logs to collect information about how our website is used. A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit a website, that site's computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies.
12.2 Information gathered through cookies and web server logs may include the date and time of visits, the pages viewed, time spent at our Website, and the websites visited just before and just after our Website.
12.3 Cookies, in conjunction with our web server's log files, allow us to calculate the aggregate number of people visiting our website and which parts of the website are most popular. This helps us gather feedback so that we can improve our Website and better serve our customers. Cookies do not allow us to gather any personal Information about you and we do not generally store any personal Information that you provided to us in your cookies.
You may contact ISNAD Institute by email at email@example.com.