Privacy Policy for TALKAM Human Rights App and Devatop Centre for Africa Development Websites

1. This policy applies to all users of the TALKAM Human Rights App and visitors to our website (www.talkam.app and www.devatop.org )or platforms, irrespective of their location globally. It governs how we collect, use, store, and disclose your data while using our app and associated services. This policy does not apply to activities you engage in outside of our app or platform.

1. Information we collect falls into one of two categories: 'voluntarily provided' information and 'automatically collected' information.
2. Voluntarily provided' information refers to any information you knowingly and actively provide us when using our app and its associated services.
3. Automatically collected' information refers to any information automatically sent by your device in the course of accessing our app and its associated services.

The following information are included:

2.1 Personal Information
We may collect the following information
• Identity Information: Name, email address, phone number, gender, age, and location
• Location Information: Geo-location data, when permitted by the user
• Account Details: User details and profile information
• Device Information: Information about your device, such as operating system, device model, etc
2.2 Non-Personal Information
• Usage patterns, analytics, and aggregated data that do not identify you directly
2.3 Information about abuses
• Reports of human rights abuses, including victim or perpetrator information

Information from TALKAM Human Rights App or any associated platforms are used for any or some of the following purposes:

1. Facilitate case reporting and management of human rights abuses.
2. Responding to reported cases of human rights abuses
3. Enhance user experience by personalizing app features.
4. Provide user support and respond to inquiries.
5. Improve the app through usage analytics and feedback.
6. Comply with legal obligations and protect user safety.

We process personal information based on:

1. User Consent: Obtained during registration or before collecting sensitive data.
2. Legitimate Interests: Improving app functionality and promoting human rights advocacy.
3. Legal Obligation: Compliance with applicable laws or judicial processes.
4. Case Management: In line with our mandate and legal duties, we use and as well as share information about reported human rights abuses to legal entities whose responsibilities involved responding to cases. Such entities include the anti-human trafficking agencies, human rights agencies/organizations, and relevant law enforcement agencies within the country of operation. The case managers respond to reported cases, under strict confidentiality agreements. These case managers can be in any country but are bound by data protection agreements.
5. With Service Providers: Entities that support our operations (e.g. hosting, analytics), bound by data protection agreements.

1. Data is securely stored on servers (cloud) compliant with international security standards.
2. Personal information is retained only as long as necessary to fulfill its purpose or comply with legal obligations.
3. Reports of abuse are anonymized after to protect user privacy.

1. Our app and web servers are protected, and our systems are monitored to prevent unauthorized access.  We are constantly vigilant in preventing cyber-attacks, fraudulent intrusion, unauthorized access, loss or corruption of personal data. 
2. We implement robust measures to secure your data, including:

1. Encryption of sensitive data in transit and at rest.
2. Periodic security audits and vulnerability assessments.
3. Legal Obligation: Compliance with applicable laws or judicial processes.
4. Access controls limit data access to authorized personnel only.
5. With Service Providers: Entities that support our operations (e.g. hosting, analytics), bound by data protection agreements.
6. Training of case managers on data privacy and security.

1. Although we will do our best to protect the personal information you provide to us, we advise that no method of electronic transmission or storage is 100% secure and no one can guarantee absolute data security.
2. You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services. For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential.
3. We encourage every user to maintain the security of their own devices and passwords by:

1. Using strong and secure passwords.
2. Logging out from the App after any use.
3. Ensuring the user is the only one with access to the App in their device.

1. We strongly recommend one account for one user and discourage the user from sharing his login details with a second party or on any platform accessible to the public.

1. We keep your personal information only for as long as we need to. This period may depend on what we are using your information for, in accordance with this privacy policy. For example, information about human rights abuses is retained as long as it is needed in responding to cases and for documentation and accountability purposes.
2. If your personal information is no longer required for this purpose, we will delete it or make it anonymous by removing all details that identify you.

1. Our App may contain links to other websites. Save and except as otherwise expressly stated by us, any link to another website is not covered by our privacy policy. We strongly advise that you should satisfy yourself with the details of any privacy policy provided on other websites or links.

1. We hold your privacy rights very dear to our operations. Apart from the right to give, withhold or withdraw consent, you have rights to all relevant information that may guide you in making informed decisions about your personal data. For example, you have the right to be notified of anyone or any place to which we may transfer your personal data when the purpose of transfer is different from what we have stated in this privacy policy. Your rights under the Nigeria Data Protection Act, GDPR, and Other Frameworks include:

1. In reporting human rights abuses, there are types of personal data (like contact) that are mandatory for case managers (admins and human rights agencies/organizations) to process in order to carry out your instructions or perform our legal mandate (responding to the human rights abuses, following up with reporter to get more clarifications on certain information that will aid investigation of cases) for your benefit. If you withhold such information, it may be impracticable to carry out our mandate in relation to you. If you seek more clarification on our data processing contact our designated Data Protection Officer as provided under last ARTICLE below.
1. Right to be Informed
2. Right of Access
3. Right to Rectification
4. Right to Object to Processing
5. Right to Data Portability
6. Right to be Forgotten
7. Right in Relation to Automated Decision Making (which essentially entitles you to human intervention)

1. In carrying out our mandate effectively, we may require the services of third parties. Examples of such services include but are not limited to the following:
1. Internet connectivity
2. Cloud storage
3. Data analytics
4. Data security
5. Software development

1. In transferring your data to third parties, we shall be guided by the NDPA and relevant laws and regulations that guide data protection in any country of use.
2. Where data is transferred outside your country, we ensure it is protected and adhered to relevant privacy laws which include the General Data Protection Regulation (GDPR) of the European Union, Australian Privacy Act Compliance (AU), U.S. States Privacy Law Compliance, Personal Information Protection and Electronic Documents Act (PIPEDA) Compliance (Canada), and African Union Convention on Cybersecurity and Personal Data Protection.

1. We may use cookies and tracking technologies to:
1. Improve app functionality
2. Analyze usage patterns
3. Offer personalized content

1. In the case of cookies, we ensure that they have security protocols and are not vulnerable to abuses by anyone.

1. Our data subjects are encouraged to report any complaint or concern about their data privacy through our Data Protection Officer (DPO). DPO shall take action to redress any grievance within 21 (twenty-one) working days. If this extends for any reason, the data subject will be duly notified, and appropriate measures will be taken to ensure that the rights and interests of the data subject are protected.

1. This policy may be updated periodically to reflect changes in laws or our practices. Users will be notified of significant changes through in-app notifications or email.

1. If you have questions, concerns, or wish to exercise your rights, please contact our Data Protection Officer at: [email protected] and [email protected]