Privacy Policy

Africa Climate Insights (ACI) is committed to respecting the privacy rights of its website visitors. You can contact us at the following address:  Africa Climate Insights – [email protected]

This policy applies to visitors of our website, people who register to our community of practice, people who contact us, sign-up for our newsletter and/or attend our webinars.

I. What information do we hold about you, and why? 

We process the personal data mentioned below that we collect directly from you or through cookies (see our cookie policy). We process data either because you have consented to it or because it is in our legitimate interests. You can find these reasons and legal bases below.

Cookies – Our website uses external services, such as Google Analytics, to collect standard internet connection data and visitor behavior details. This allows us to see, for example, how many people visit different sections of our website. None of this data can be used to identify individual users. We do not seek, and do not allow Google Analytics to seek, to identify individuals who visit our website. When we wish to collect personal information via our website, we do so transparently. We will clearly indicate when we are collecting personal information and explain what we intend to do with it. This processing of data is based on your consent (section 30(1)(a) of the Kenyan Data Protection Act; Article 6(1)(a) of the GDPR). You can withdraw your consent at any time (see “Your rights” below). 

Newsletters – With your consent (Section 30(1)(a) of the Kenyan Data Protection Act and Article 6.1.a of the GDPR), we collect and process your identification data (full name and email address) for newsletter registration and delivery. We use MailChimp to deliver our newsletters. 

When your register for our newsletters, and based on our legitimate interests (Section 30(1)(b)vii of the Kenyan Data Protection Act; Article 6(1)(f) of the GDPR), we compile statistics on email openings and clicks using technologies that comply with industry standards, notably transparent GIFs. This data is treated in such a way that no individual can be identified. Our aim is not to identify visitors to our website. We retain this data insofar as you do not object to its retention.

Community of Practice – With your consent (section 30(1)(a) of the Kenyan Data Protection Act; article 6.1.a of the GDPR), we collect and process your identification data (full name and  email address), professional data (occupation and organisation) and, on a voluntary basis, your social media accounts, when you register to our community of practice. Those data are collected for the organisation of the community of practice. Even if you choose not to provide us with your social media accounts details, you can still participate in the community of practice. We keep this data as long as you do not oppose it. It enables us to share materials with you that may be relevant to you for research or career development purposes.

Email and Contact – With your consent (section 30(1)(a) of the Kenyan Data Protection Act; article 6.1.a of the GDPR), we collect and process your contact details (full name and email address), to provide you with the requested support. Those data are kept as long as you do not oppose it.

Public Data – Based on our legitimate interests (section 30(1)(b)vii) of the Kenyan Data Protection Act; article 6.1.f of the GDPR), we may collect and process data that you have made public in order to contact you when we believe it is relevant for your and our business (journalists, service providers, etc.). We keep those data as long as they are relevant.

Contact for Data Subject Rights – Based on our Legal Obligations (section 30(1)(b)ii) of the Kenyan Data Protection Act; article 6.1.c of the GDPR),  we collect and process your contact details and ID in order to respond to your request. Depending on your request, we may process other personal data that we have collected in order to respond to it. We will store those data for the duration of one year. This duration aims to have a history of the case in case you come back with further requests. All our emails are archieved for audit purposes.

Advertising – Based on our legitimate interests (section 30(1)(b)vii) of the Kenyan Data Protection Act; article 6.1.f of the GDPR) we use advertisement tools provided by social media platforms to disseminate our public interest campaign messages. These tools offer targeted advertising options, including based on interests, location, age, and gender, which may be relevant for reaching audiences that are likely to be interested. We do not collect the data used by these advertising tools when we use these tailored advertising options. These tools are not managed by us. As we have no control over the content, privacy policies, or practices of third-party sites or services, we encourage you to review the privacy policies of those websites as well.

Links to external sites – Our website includes links to other sites. By clicking on a third-party link, you will be directed to that site. We do not control these external sites and encourage you to review their privacy policies as we have no control over and bear no responsibility for the content, privacy policies, or practices of any third-party sites or services.

II. How do we secure your personal data?

We treat your personal data with the utmost confidentiality. We make every effort to take the necessary technical and organizational measures to ensure the security of your personal data.

III. Use of third-party service providers and data transfers

We use external service providers to send our newsletters. These service providers, also known as processors, are third parties who provide us with support. We have contracts in place and they can only use your personal information if we tell them to. They won’t share your personal information with any other organization. They will keep it safe and only keep it for as long as we tell them to. We don’t transfer any of your personal data to third parties for commercial purposes.

IV. Your rights

Under the Kenyan Data Protection Act, 2019, you have rights as an individual which you can exercise in relation to the information we hold about you: 

  • Right to request erasure of your data ; 
  • Right to obtain from us restriction of processing where there is contestation about the data processing for a period enabling to solve the issue.
  • Right to request access to your data and rectification of your personal data; 
  • Right to data portability. 


You have a right to object to the processing of all or parts of your personal data (section 26 of the Kenyan Data Protection Act, 2019). To exercise your rights, please send us an email to [email protected] together with a proof of your identity.

For EU residents, under the General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC) (“GDPR”), you have rights as an individual which you can exercise in relation to the information we hold about you:

  • Right to request access to your data and rectification of your personal data.
  • Right to request erasure of your data in the cases described in article 17 of the GDPR.
  • Right to obtain from us restriction of processing where there is contestation about the data processing for a period enabling to solve the issue.
  • Right to data portability.
  • Where the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. Withdrawing your consent means that we will not make use of your data any longer. However, use made of your data in the past remains valid.


You are entitled to object to the processing of your personal data which is based on our legitimate interests. To exercise your rights, please send an email to [email protected] together with a proof of your identity. You always have the right to lodge a complaint with the Data Protection Authority of the European country of your choice.