CIFOR-ICRAF are committed to protect your personal data and respect your privacy. CIFOR-ICRAF collect and further process personal data based on our Personal Data Protection Policy and pursuant to the respective national laws or regulations on the protection of natural persons with regard to the processing of personal data, as applicable.
This privacy notice explains the reason for the processing of your personal data, the way we collect, handle, and ensure protection of all personal data provided, how that information is used and what rights you have in relation to your personal data. It also specifies the contact details of the responsible data controller with whom you may exercise your rights and of the Data Protection Officer.
This privacy notice applies to all online services managed by Communications, Outreach and Engagement (COE) of CIFOR-ICRAF, irrespective of the domains, systems, platforms or devices (e.g., desktop computers or mobile phones) used to process their services.
Concepts such as “personal data”, “personally identifiable information” or “processing” are used in accordance with the definitions in the ISO/IEC 29184 standard or the EU General Data Protection Regulation (GDPR Article 4), respectively.
The CIFOR-ICRAF Personal Data Protection Policy provides the corporate framework for processing personal data in compliance with any relevant national law or regulation and good practice with regard to personal data protection, where available.
2. How to contact us
If you would like to exercise your data subject rights, or if you have comments, questions or concerns, or if you would like to submit a complaint regarding the collection and use of your personal data, please feel free to contact the Data Controller of CIFOR-ICRAF:
- Center for International Forestry Research
Situ Gede, Bogor Barat
Bogor 16115, Indonesia
Telephone: +61 251 8622-622
- World Agroforestry (ICRAF)
United Nations Avenue, Gigiri
PO Box 30677, Nairobi, 00100, Kenya
Telephone: +254 20 7224000
You may contact the Data Protection Officer of CIFOR-ICRAF (email@example.com) with regard to issues relating to the processing of your personal data.
3. Which personal data do we collect and further process?
In order for CIFOR-ICRAF to ensure an excellent website user experience, we collect the following data on our website, among others:
- Personally identifiable information (e.g., name, e-mail address for distribution lists and contact forms);
- Website tracking (e.g., Web pages visited, date and time Website was accessed, data volume sent in bytes, source / referrer URL from where Web page was accessed, Web browser used, operating system used, IP address used).
- Website content data (e.g., event registration).
4. Why do we collect your data?
CIFOR-ICRAF collect and process data from website visits to:
- Improve the user experience when using or returning to our website;
- Provide personalized content and information to users;
- Provide information, updates or services requested by users;
- Announce event or conference information;
- Provide customer support; and
- Monitor website visits, traffic and demographic patterns for statistical purposes.
CIFOR-ICRAF shall only collect the personal data for the purposes stated in this privacy notice. We do not collect special categories of personal data.
Your personal data will NOT be used for any automated decision-making, including profiling.
5. How do we collect your data?
- Strictly necessary cookies for ensuring a complete user experience when browsing our website, e.g., accessing secure areas of the site.
- Preference or functionality cookies for recording particular user choices, e.g., language or regional settings.
- Statistics or performance cookies for collecting information about site usage in an aggregated and anonymized fashion for functional improvement purposes, e.g., pages visited, links clicked. These include cookies from third-party analytics services such as Google Analytics, which are strictly used by CIFOR-ICRAF to analyze website visits.
CIFOR-ICRAF collect two main types of cookies:
(1) Technical necessary cookies:
|Name of cookie||Description|
|Cookie Manager||Manage the cookies|
(2) Third-party cookies:
|Name of cookie||Description|
|Google analytics||Web analytics|
After closing the Web browser, the cookie settings will be automatically removed.
CIFOR-ICRAF use a third-party provide, that is, MailChimp, to manage internal and external newsletters as well as other bulk e-mail messages. We gather statistics around e-mail opening and clicks using industry standard technologies to help us monitor and guide the performance-related improvements.
CIFOR-ICRAF also use additional social media outlets to inform about our work, engage in a dialogue with the general public, and receive feedback:
The Facebook site is managed by CIFOR-ICRAF COE, and available at:
Facebook is used to raise awareness of our research work and initiatives. Active Facebook elements, that is, social plug-ins, are employed on our website.
The Twitter account is managed by CIFOR-ICRAF COE , and available at:
Twitter is used to share information and interact with our stakeholders. Active Twitter elements, that is, social plug-ins, are employed on our website.
The Instagram account is managed by CIFOR-ICRAF COE , and available at:
Instagram is used to communicate our research work to the public. Active Instagram elements, that is, social plug-ins, are employed on our website.
(4) YouTube / Google Maps:
The YouTube channel is managed by CIFOR-ICRAF COE, and available at:
YouTube is used to show video content about our research work and initiatives; Google Maps is used to help showcase the locations of our research work across the globe. Active YouTube and Google (Google Maps) elements, that is, social plug-ins, are employed on our website.
The LinkedIn account is managed by CIFOR-ICRAF COE, and available at:
LinkedIn is used to share information and connect with our stakeholders.
The SlideShare account is managed by CIFOR-ICRAF COE, and available at:
SlideShare is used to share presentations about our research work and initiatives.
The Flickr account is managed by CIFOR-ICRAF COE, and available at:
Flickr is used to share photos of those related to our activities.
CIFOR-ICRAF do not receive your personal data indirectly from these other sources.
6. Who has access to your personal data and to whom is it disclosed?
Access to your personal data is given to the following persons, without prejudice to a possible transmission to the bodies in charge of a monitoring, inspection or audit task in accordance with relevant laws and regulations:
- CIFOR-ICRAF staff members as well as external experts and contractors who work on behalf of CIFOR-ICRAF for the purposes of maintaining the website;
- Bodies in charge with a monitoring, audit or inspection task in application of relevant laws and regulations; and
- Members of the public who receive data of contractors or beneficiaries, which are made public in accordance with relevant regulations.
CIFOR-ICRAF only disclose your personal data to third parties if:
- You have given your explicit consent;
- The processing is necessary to execute a contract with you;
- The processing is necessary to comply with legal obligations;
- The processing is necessary to safeguard legitimate interests; or
- There is no reason to believe that you have a legitimate interest in not disclosing your information.
Any third-party service provider contracted to CIFOR-ICRAF that we may share your personal data with are obliged to keep your details securely, and to use them only to fulfill the service they provide you on our behalf.
7. On what legal ground(s) do we process your personal data?
The processing operations on personal data carried out in this context are necessary and lawful because the processing is necessary for:
- Providing services based on user consent (e.g., subscription to newsletters, news updates, event information);
- Ensuring excellent user experience based on a legitimate interest (e.g., general website usage);
- Compliance with legal obligations to which CIFOR-ICRAF controllers are subject; or
- Performance of a contract to which the data subject is party, or in order to take the steps at the request of the data subject prior to entering into a contract.
8. How do we protect and safeguard your personal data?
Where data are in an electronic form, CIFOR-ICRAF securely stores them on corporate servers. Security requirements ensure that only designated persons have the possibility to access the data kept for the purpose of undertaking the processing operations.
Where data are kept in a paper format, they are stored in the premises of the competent business unit of CIFOR-ICRAF. Access to and within these premises is controlled.
9. How long to we keep your personal data?
CIFOR-ICRAF will keep your personal data only as long as they were collected for the intended purpose and if they are no legal obligations to maintain them for certain periods of time. In case the personal data cannot be deleted due to certain legal obligations, the processing will be restricted and not used for any other than the initial purpose.
IP numbers stored in server logfiles are collected during website visits, anonymized, and maintained for a maximum of seven (7) days before being destroyed.
10. What are your rights and how can you exercise them?
CIFOR-ICRAF would like to ensure that you are fully aware of all of your data subject rights. Every user is entitled to the following:
The right to access: You have the right to request CIFOR-ICRAF for copies of your personal data. Depending on the scope of your request, we may charge you a small fee for this service.
The right to rectification: You have the right to request that CIFOR-ICRAF correct any information you believe is incorrect. You also have the right to request CIFOR-ICRAF to complete information you believe is incomplete.
The right to erasure: You have the right to request that CIFOR-ICRAF erase your personal data under certain conditions.
The right to restrict processing: You have the right to request that CIFOR-ICRAF restrict the processing of your personal data, under certain conditions.
The right to object to processing: You have the right to object to CIFOR-ICRAF processing your personal data, under certain conditions.
The right to data portability: You have the right to request that CIFOR-ICRAF transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you exercise any of your data subject rights and make a request, CIFOR-ICRAF have one (1) month to respond to you.
11. Changes to our privacy notice
CIFOR-ICRAF keep their privacy notice under regular review and reserve the right to modify it. This also includes modifications based on changes in our online services as well as the technologies utilized. Any modifications are placed on this Web page. We recommend consulting this Web page on a regular basis. This privacy notices was last updated on 1 June 2021.
12. How to contact the competent supervisory authorities
Should you wish to report a complaint or if you feel that CIFOR-ICRAF have not addressed your concern in a satisfactory manner, you may contact the competent supervisory authority.