Privacy Policy

Last updated: 15th September 2021

 

Statement on Privacy and personal data protection 

The ICF Bahrain Chapter cares about your privacy and we believe that transparency about how we use your personal information is rooted in our ICF Global ethical beliefs and commitments (General Data Protection Regulations “GDPR” and Global Privacy Policies) .  By accepting responsibility to protect personal data, in line with the Personal Data Protection (Law No. 30 of 2018), we are working towards providing you with better overall data management processes, improved customer relationships and more focussed responses in our marketing Collateral and campaigns.

If you are located outside of the Kingdom of Bahrain, The ICF Bahrain Chapter is the data controller and is responsible for your personal information pertaining to this website. 

ICF Bahrain Chapter Privacy Policy

This Policy

This Policy is addressed to individuals outside our organisation with whom we interact, including customers, business partners, vendors, visitors to our website, and other recipients of our services (together, “you”).

This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of Personal Data, or changes in respect of the Bahrain Personal Data Protection Law (the “PDPL”).

Processing your Personal Data

This section lists places where we get data that counts as part of your Personal Data.

Collection of Personal Data: 

We collect Personal Data about you:

  • When you provide it to us (e.g., where you contact us via telephone or by any other means)
  • In the ordinary course of our relationship with you (e.g., in the course of engaging with our website or Chapter)
  • That you choose to make public, including via social media (e.g., we may collect information from your social media profile(s) to the extent that you choose to make your profile publicly visible)
  • From third parties who provide it to us (e.g., Other ICF International Organisations)
  • When you visit our website or use any features or resources available on or through our website. When you visit our website, your device and browser may automatically disclose certain information (such as device type, operating system, browser type, browser settings, IP address, language settings, dates and times of connecting to our website and other technical communications information), some of which may constitute Personal Data.

Creation of Personal Data: 

We create Personal Data about you, such as records of your membership with us, and details of your interactions with the Chapter, subject to the PDPL.

Relevant Personal and Sensitive Personal Data:

This section explains what different types of Personal Data mean.

Pursuant to the PDPL, the categories of Personal Data about you that we Process are as follows:

Type of Personal Data

Description

Contact details

Address; telephone number; and email address

Personal details

given name(s); preferred name(s); gender; date of birth / age; marital status; Social Security number; passport number(s); driving license number(s); nationality; lifestyle and social circumstances; images of passports, driving licenses, and signatures; authentication data (passwords,
mother’s maiden name, challenge/response questions and answers, PINs); photographs; visual images; and personal appearance and behaviour

Family details

Names and contact details of family members and dependents

Financial

Your financial transactions with the Chapter

Transactional

Details about accounts activities

Behavioural

Details about how you use products and services from us and other organisations

Employment details

Industry; role; business activities; names of current and former employers; work address; work telephone number; and work email address

Electronic Identifying Data

IP addresses; cookies; activity logs; online identifiers; unique device identifiers; and geolocation data.

Sensitive Personal Data

Any personal information that directly or indirectly discloses any of the following: the ethnic origin of the individual, their ethnic group, political or philosophical views, religious beliefs, trade union affiliation, criminal record, or any data relating to their health or sexual status.

 

Processing your Sensitive Personal Data

We do not seek to collect or otherwise Process your Sensitive Personal Data, except where:

  1. Processing is necessary for compliance with a legal obligation.
  2. Processing is necessary for the detection or prevention of crime (including the prevention of fraud) to the extent permitted by the PDPL.
  3. You have made those Sensitive Personal Data public.
  4. Processing is necessary for the establishment, exercise or defence of legal rights.
  5. We have, in accordance with the PDPL, obtained your explicit consent prior to Processing your Sensitive Personal Data; or
  6. Processing is necessary for reasons of substantial public interest and occurs on the basis of an applicable law that is proportionate to the aim pursued and provides for suitable and specific measures to safeguard your fundamental rights and interests.

 

Purposes for which we may Process your Personal Data: 

We will only use your Personal Data when the law allows us to do so, most commonly we will use your Personal Data in the following circumstances:

  1. Where you have consented before the processing.
  2. Where we need to perform a contract, we are about to enter or have entered with you.
  3. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  4. Where we need to comply with a legal or regulatory obligation(s).

 

Here is a list of all the ways that we may Process your Personal Data: 

Anti-Money Laundering / KYC

  • Fulfilling our regulatory compliance obligations, including ‘Know Your Client’ checks
  • Confirming and verifying your identity (including by using credit reference agencies)
  • Screening against government, supranational bodies (including but not limited to the United Nations Security Council, the European Union, the UK HM Treasury, the U.S. Department of the Treasury’s Office of Foreign Asset Control) and/or law enforcement agency sanctions lists as well as internal sanctions lists and other legal restrictions

Providing products and services to you

  • managing relationships and related services
  • performance of tasks necessary for the provision of the requested services
  • communicating with you in relation to our services

Marketing

  • Communicating with you via any means (including via email, telephone, text message, social media, postor in person) subject to ensuring that such communications are provided to you in compliance with the PDPL
  • Maintaining and updating your contact information where appropriate

Operation of our website

  • Operation and management of our website
  • Providing content to you
  • Displaying advertising and other information to you
  • Communicating and interacting with you via our website

IT operations

  • Management of our communications systems
  • Operation of IT security
  • IT security audits

Financial management

  • Sales

Research

  • Conducting market or customer satisfaction research
  • Engaging with you for the purposes of obtaining your views on our products and services

Investigations 

  • Detecting, investigating, and preventing breaches of policy, and criminal offences, in accordance with applicable law.

Legal compliance

  • Compliance with our legal and regulatory obligations under applicable law

Legal proceedings

Establishing, exercising, and defending legal rights.

Improving our products and services

  • Identifying issues with existing products and services
  • planning improvements to existing products and services
  • creating new products and services

Risk Management

  • Audit
  • Compliance
  • Controls
  • Other risk management

Fraud prevention

  • Detecting, preventing, and investigating fraud.

Disclosure of Personal Data to third parties

We may disclose your Personal Data for legitimate business purposes (including providing services to you), in accordance with the PDPL. In addition, we may disclose your Personal Data to:

  1. you and, where appropriate, your family, your associates and your representatives.
  2. Governmental, legal, regulatory, or similar authorities, regulators, and central and/or local government agencies, upon request or where required, including for the purposes of reporting any actual or suspected breach of applicable law or regulation;
  3. Auditors, financial advisors, lawyers and other outside professional advisors to ICF Bah Chapter, subject to binding contractual obligations of confidentiality.
  4. Data aggregation services.
  5. Accreditation bodies.
  6. Third party Processors (such as payment services providers; shipping companies; etc.), located anywhere in the world, subject to the requirements noted below in this Section 3;
  7. Any relevant party, claimant, complainant, enquirer, law enforcement agency or court, to the extent
  8. Necessary for the establishment, exercise, or defence of legal rights in accordance with applicable law.
  9. Any relevant party for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and the prevention of threats to public security in accordance with applicable law.
  10. The press and the media; and
  11. Voluntary and charitable organisations.

 

If we engage a third-party Data Processor to Process your Personal Data, the Data Processor will be subject to binding contractual obligations to: 

  1. Only Process the Personal Data in accordance with our prior written instructions; and 
  2. Use measures to protect the confidentiality and security of the Personal Data, together with any additional requirements under applicable law.

International transfer of Personal Data

We may need to transfer your Personal Data to third parties as noted in Section 3 above, in connection with the purposes set out in this Policy and our ICF commitments. For this reason, we may transfer your Personal Data to other countries that may have different laws and data protection compliance requirements, including data protection laws of a lower standard to those that apply in the country in which you are located, in such circumstance we shall ensure that your Personal Data shall be held in a manner consistent with the rules and standards expected in the Kingdom of Bahrain.

If you want to receive more information about the safeguards applied to international transfers of personal data, please use the contact details provided in Section 10 below.

Data Security

We have implemented appropriate technical and organizational security measures designed to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of Processing, in accordance with the PDPL.

How long we keep your Personal Data

This section explains how long we may keep your Personal Data for and why.

  1. We will keep copies of your Personal Data for as long as you are a member of ICF B Chapter.
  2. We may keep your data for up to 7 years after you stop being a customer. The reasons we may do this are:
  3. To respond to a question or complaint, or to show whether we gave you fair treatment
  4. To study customer data as part of our own internal research
  5. To comply with any data retention rules that apply to us about keeping records. For example, the Central Bank of Bahrain requires us to retain certain data for a minimum of 5 years.
  6. We may also keep your data for longer than 10 years if we cannot delete it for legal, regulatory, or technical reasons.
  7. We will only use your Personal Data for those purposes and will make sure that your privacy is protected.

Your legal rights

Subject to the PDPL, you may have a number of rights regarding the Processing of your Personal Data, including:

  1. The right to request access to your Personal Data, together with information regarding the nature, Processing, and disclosure of your Personal Data.
  2. The right to request rectification of any errors in your Personal Data.
  3. The right to request, on legitimate grounds:
  4. Erasure of your Personal Data; or
  5. Restriction of Processing of your Personal Data; and
  6. Where we Process your Personal Data on the basis of your consent, the right to withdraw that consent.
  7. This does not affect your statutory rights.
  8. Subject to the PDPL, you may also have the following additional rights regarding the Processing of your Personal Data:
  9. The right to object, on grounds relating to your situation, to the Processing of your Personal Data by us or on our behalf; and
  10. The right to object to the Processing of your Personal Data by us or on our behalf for direct marketing purposes.

To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our Processing of your Personal Data, please use the contact details provided in Section 10 below.

Cookies

A cookie is a small file that is placed on your device when you visit a website. It records
information about your device, your browser and, in some cases, your preferences and browsing habits. We may Process your Personal Data through cookie technology. We use cookies and / or other tracking technology to distinguish you from other users of the App, App Site, the distribution platform, or Services Site and to remember your preferences. This helps us to provide you with a good experience when you browse our site and enables us to improve our site and services.

Direct Marketing

We may Process your Personal Data to contact you so that we can provide you with information on our products and services that may be of interest.

If you do not wish to receive marketing communications from us, you can opt out at any time by contacting your local chapter membership team contact. After you unsubscribe, we will not send you further promotional text messages, but we may continue to contact you to the extent necessary for the purposes of any services you have requested.

We may ask you to confirm or update your choices, if you take out any new products or services with us in future. We will also ask you to do this if there are changes in the law, regulation, or the structure of our business.

As we continue to update and improve its internal processes, systems and controls, we may notify you in the future about the best way for you to update your Personal Data and your preferences. 

Change in Terms of Privacy

ICF Bahrain Chapter reserves the right to alter its privacy policy. 

We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Site Content

You may access, download and print materials on this website for your personal and non-commercial use. You may not modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer, or sell any information, software, products or services obtained from this website without first obtaining written consent from ICF Bahrain Chapter.

Furthermore, you may not use the materials found on this website on any other websites or in a networked environment without first obtaining written consent from ICF Bahrain Chapter.

All materials on this site (as well as the organisation and layout of the site) are owned and copyrighted by the International Coach Federation. © Copyright International Coach Federation (ICF). All rights reserved. No reproduction, distribution, or transmission of the copyrighted materials at this site is permitted without the written permission of the ICF Bahrain Chapter.

Contacting us

If you have any comments, questions, or concerns about any of the information in this Policy, or any other issues relating to the Processing of Personal Data by ICF Bahrain Chapter, please contact:

The Secretary, ICF BAHRAIN Chapter

Manama, Kingdom of Bahrain

Email: secretary@icfbahrainchapter.com  

Defined terms

Defined Term

Meaning

Authority

An independent public authority established under the provisions of the PDPL that is legally tasked with overseeing compliance with the PDPL.

Data Processor

Any person or entity that Processes Personal Data on behalf of the Data Protection Controller (other than employees of the Data Manager or Data Protection Controller).

Device Data

includes the type of mobile device you use, a unique device identifier (e.g. your device’s IMEI number, MAC address of your Device’s wireless network interface, or the mobile number used by your Device, mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting, from the following parties: analytics providers, advertising networks, search information providers.

Location Data

includes your current location disclosed by GPS technology

Personal Data

Information that is about any individual, or from which any individual is identifiable.

Process or Processed or Processing

Anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, classification, storage, modification, alteration, retrieval, use or disclosure by transmission, publishing, transferring, dissemination or otherwise making available to third parties, merging, blocking, wiping, restriction, erasure or destruction.

Sensitive Personal Data

Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health or any other information that may be deemed to
be sensitive under applicable law.

Usage Data

includes details of your use of any of our Apps or your visits to any of Our Sites including, but not limited to, traffic data and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.