Draft V1.0 as of September 2024
This website and its connected and relevant digital platforms are owned and operated by Foundation for MSME Clusters (FMC). This privacy policy governs the management (collection, processing, use, sharing, transmission, storage, retention, and destruction) of data pertinent to the implementation of APAC Cybersecurity Fund (ACF) Program – a cyber hygiene awareness and capacity-building initiative that aims to upskill individuals from underserved organizations, including Micro, Small, and Medium Enterprises (MSMEs), non-governmental organizations, and social enterprises, to protect themselves from cyber risks.
In this policy, the following terms refer to The Asia Foundation:
This Privacy Policy explains (i) what Personal Information we collect when you access and use the ACF Program and The Asia Foundation websites and relevant digital tools and platforms; (ii) how we process, use, and share such information; and (iii) how we securely transmit, store, retain and maintain such information.
By visiting and using the ACF website and its relevant platforms, you are deemed to consent to the terms outlined in this privacy policy and to our collection, processing, and sharing of Personal Information for the purposes set forth herein. If you do not agree to this Privacy Policy, please do not access or otherwise use the Site.
The Asia Foundation respects the privacy of all users and visitors of our website and relevant digital tools and platforms. We aim to collect only relevant information for legitimate purposes that support the implementation of the ACF Program. The data collected includes the following:
A)Personally Identifiable Information (PII) or Personal Data voluntarily provided by users includes:
B) Sensitive Personal Data and other information voluntarily provided by users include:
Information, metadata, pixels, and cookies automatically collected by our site
As part of the implementation of its programs, The Asia Foundation processes data voluntarily provided by website users and visitors. This may include the assessment of the eligibility, compatibility, and impact of the ACF Program on its beneficiaries. This data is processed and managed by a limited number of authorized Foundation Employees and organizational partners. Where necessary and appropriate, selected Foundation partners that directly support the implementation of the program may access and process this data to conduct, coordinate, or execute ACF Program activities in compliance with this Data Privacy Policy. As part of its Safeguarding Commitment, the Foundation requires its employees, individual contractors, vendors, and partners to comply with this policy.
All information submitted by users and visitors is processed based on consent and is stored in accordance with industry cybersecurity standards and good practices. Only designated personnel of The Asia Foundation and designated authorized partners as described in this policy are permitted to access your information. Your data is not used for any other purpose or shared with any third party without your informed consent. The Asia Foundation does not share, sell, rent, or trade users’ names, addresses, email addresses, contact numbers, or other information with any unauthorized persons or entities.
When you use the ACF website or provide data while participating in the ACF Program, the Foundation may share this data with third-party digital platforms that we rely on for the delivery of the program. Third party platforms govern data according to their own respective data privacy policies. The Foundation will exercise its best judgement and care in ensuring that the tools and platforms it utilizes to deliver the ACF program are compliant with global cybersecurity standards and privacy regulations; however, the Foundation cannot always control the actions of third parties. In the case of mismanagement of data by third party platforms that the Foundation is using to deliver the ACF Program, the Foundation will work with relevant authorities and ACF participants in an effort to remedy the situation.
Additionally, if you reach out to the Foundation with specific questions or requests and you voluntarily provide your information through the contact form or by email, authorized personnel of the Foundation or its partners will use this information to correspond with you. Web analytics and metadata generated through your use of the site may be accessed by third party data analytics services, however only non-identifiable web traffic data are analyzed.
Like most internet sites, our web servers automatically recognize your metadata when you use or visit our site. The ACF website and corresponding data is stored in servers in Singapore which are hosted with Digital Ocean. The Asia Foundation and its staff use Microsoft SharePoint servers in our operations and data storage which uses 2-factor authentication.
Additional digital tools may be used to coordinate, implement, and supplement relevant ACF activities. These tools may include but are not limited to, email automation platforms, survey messaging services, and other similar digital tools. You will be asked to provide your consent when these additional data collection and processing activities are required for program management, impact measurement, and other relevant activities.
The ACF website uses Google Analytics, a tool powered by Google to track and analyze web traffic data through web cookies to better understand the online behavior of users while they are on the site. By default, where Chrome browser is used, Google Analytics collects information such as page information, user information, browser information, and other information to better understand the user interactions and use of our website. As you navigate between web pages, Google Analytics provides website owners JavaScript tags (libraries) to record information about the page you have seen, for example, the URL of the page.
The Google Analytics JavaScript libraries use HTTP Cookies to capture user actions and interactions on previous pages and interactions with the website. For more information on Google Analytics, click here.
Installed cookies and pixels may mean that your data is tracked by Google on the ACF site and once you leave the site.
Data collected by our website will be retained for the duration of the ACF Program. We may continue to store your data for a period of 5 years following the close of the website if required by our funders for auditing purposes or to maintain our legal records. You have the right to request that personal data you voluntarily submitted to participate in the ACF Program be erased from our data storage repositories by contacting apaccybersecurityfund@asiafoundation.org.
Please note, however, that some data due to the nature of the program and submission methodology cannot be erased without compromising utilization of courses and related tools of the program and in that instance the data while not erased will be stored in a manner that respects your privacy in accordance with industry standards.
The security of Personal Information is important to us. We follow generally accepted industry standards, including the use of appropriate administrative, physical, and technical safeguards, to protect the Personal Information submitted to us. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use reasonable acceptable means to protect your Personal Information, we cannot guarantee its absolute security or confidentiality. If you have any questions about security, please contact us at apaccybersecurityfund@asiafoundation.org.
You have the right to:
For questions, support, or to exercise any of your rights, please contact apaccybersecurityfund@asiafoundation.org.
If we should be contacted by authorities with a request to disclose your data, we will only do so if there is a fully binding request and legal obligation. While we may comply with electronically delivered notices, disclosed data can only be used in court if we have received an original copy of the court order by registered post or in person and provide a formal response.
If a request is made for encrypted message content that we do not possess the ability to decrypt, the fully encrypted message content may be turned over. If permitted by law, we will always contact a user first before any data disclosure.
This website might include links to other websites and systems. Users are reminded that these external sites have their own privacy policies. This Privacy Policy applies only to this website. Once visitors leave the ACF website, they are subject to privacy policies of the site(s) visited. The Asia Foundation is not responsible for privacy practices or content of third-party websites. We recommend you review the privacy policies on any third-party sites before using them.
The Asia Foundation believes every measure of precaution should be taken to protect children online. We do not knowingly ask children for any personal or sensitive information. Visitors who are children should ask their parent or legal guardian for assistance when using this website.
The Asia Foundation may revise this Privacy Policy from time to time without advance notice. Accordingly, we recommend that you check for updates to this Privacy Policy on an ongoing basis. Users of this website may also provide feedback to this policy through the contact information provided below.
The Asia Foundation is domiciled in California, United States of America at 9th Floor, 465 California St., San Francisco, CA 94104-1804, United States of America. The ACF Program is managed by a regional hub reporting to the Foundation’s Malaysia Office located in Suite 13.05 Level 13, The Gardens South Tower, Mid Valley City, Lingkaran Syed Putra, Kuala Lumpur, 59200, Malaysia
For feedback and other concerns about this policy, please contact apaccybersecurityfund@asiafoundation.org
V1.0 September 2024