PRIVACY POLICY

1.Introduction

BAScic based in Nairobi Kenya(“BAScic“, “bioafricascience” “we“, “us“, or “our“) provides the services rendered to you through the bioafricascience website available at https://www.bioafricascience.com, and through any of its web pages and associated applications which may be available on multiple devices, including mobile applications (“Service“).

This Privacy Policy sets forth the collection and use practices of BAScic for personal data we process in the course of providing the Service.

Our mission is to connect the African scientific community and make research open to all. Connections can only be established when potential connections and commonalities are known and connecting lines can be drawn. Openness can only be achieved with comprehensive accessibility. Our Service takes your work and activities on the Service into account to help connect you with other individuals who are relevant to you and recommend relevant content. We also gather information from external sources, in order to disseminate as much relevant scientific content as possible to drive science forward. Any natural or legal person who, as a recipient of the Service, accesses or uses the Service for any purpose is a User (“User“, “you“). Our registered Users (“Members“) share their professional identities and credentials, display their academic publications, engage and collaborate with their networks, exchange knowledge and professional insights, post and view relevant content, and discover business and career opportunities. Some content is also visible to unregistered or logged-out Users (“Visitors“). A User could be a Member or a Visitor. An Author (“Author“) is a natural person who, for the purpose of our Service, is a member of the scientific community by for example being an author/editor of a publication, being an advisor or recipient of scientific funding. An Author is not necessarily a User or Member of our Service.

BAScic reserves the right to modify this Privacy Policy at any time, in particular, to reflect changes in market conditions affecting BAScic’s activities, changes in technology, changes in relevant laws and regulatory requirements, and changes in BAScic’s system capabilities. If we make material changes to this Privacy Policy, we may notify Members by email or other reasonable means, including through notifications on our Service. If you object to any new version, you should stop using our Service and/or close your account. If you continue to use our Service after having been provided with such notice you will be deemed to have acknowledged the Privacy Policy.

2.Information we process and how we process it

2.1.Basic data processed
Certain data will be processed when you access the Service, to resolve the technical request of your device, display the site and maintain the safety and security of our systems. This data is stored in so-called logs and comprise the following:

  • IP addresses and your mobile device’s Identifier for Advertising (IDFA);
  • The type of computer or mobile device you are using including operating system and version;
  • The types of browser you are using, the language, and your country;
  • Referring and exit pages and URLs;
  • Platform type;
  • The number of clicks on a page or feature, pages viewed and the order of those pages, the amount of time spent on particular pages or parts of pages;
  • Domain names and;
  • Information collected for performance purposes (e.g. average load, render time of pages, etc.).

Even though IP addresses and mobile identifiers are generally considered personal data, we can not derive any direct conclusions about your identity from such data.
The data processed is very basic data, and does not contain directly identifiable information about you. We have a legitimate interest in being able to provide a functioning, reliable and accessible website and resolve your server-request in an appropriate manner.
All of our pages are secured using SSL (Secure Socket Layer) technology, which encrypts data transmitted between our servers and your end devices. We also apply other suitable technical and organizational measures to protect your personal data.

2.2.Personal data we process

In order to provide you with functionalities, we need to process certain data and/or information relating to you:

  • Registration and maintenance of your Member account
    If you choose to create a Member account on our Service, you will be required, during the registration process, to provide your first and last name, username, an email address, and a password. You will receive a confirmation email. Your Member account will be confirmed after you have clicked on the respective link in the account activation email. You may also be invited to associate certain information we present to you with your account, such as articles, institutional affiliation, and biographical information.
  • Other personal data
    During the registration process or when updating your profile, you can choose to provide other information that can be used to identify and/or contact you, including for example, a profile picture or your city of residence. You may also be invited or required to provide information about you, including, for example, demographic information, such as occupation, and research vita, education, authorship of articles, academic or research expertise or interests, conferences you have attended, groups of which you are a member, information regarding your professional and academic career, academic degree, your previous roles and jobs.
  • Communications with us
    When you communicate with us, you may provide us with your name, contact details, and other personal data as part of your communication, as well as the content of your message itself. Similarly, when we communicate with you, we will process your personal information, such as your email address. For some of our emails, we also process information indicating whether you have opened the email.
  • Communications through the Service
    Many communications that you initiate through our Service (e.g. invitation sent to a non-Member) will list your name in the header of the message. Other communications that you initiate through the Service, like a request for a full-text, will list your name as the initiator but will not include your personal email address. Once you have mutually connected with an individual, contact information you choose to include in your researcher profile will be shared with that individual.
  • Recommendations
    In order to provide our recommendation features, we process contact and bibliographical data, information pertaining to your work, usage frequency, type of devices you use to use the Service, including browser, operating system and mobile device, research items you consulted, interaction with particular pages or parts of pages, and number of clicks on a page or feature, in order to provide the Service in a way that is tailored to your interests. Also, based on the personal data you provide, statistical evaluations, mathematical operations, and predictions may help us infer other information about you and support our recommendation features. For example, if you were to add several research items to the Service over the course of several years, we may infer that you are not a junior researcher anymore.
  • Third party providers
    When you choose to benefit from a service or offer presented by BAScic on behalf of a third party, you may share personal data with BAScic to enable us to pass it on to the third party. The nature of personal data will depend on the particular service or offer, but might include your name, email address and affiliation. We do not share any of this personal data with any third party unless you explicitly allow us to do so.
  • Payment data
    If you choose to purchase a premium product or service from BAScic that is subject to a fee, we will process the personal data that you provide in order to complete your order, such as your billing address. BAScic does not process any credit card information itself, however we do retain your name and address so we may generate and send you an invoice. Credit card information is collected and processed by a third-party provider, namely Stripe, Paypal, Flutterwave. These companies process this data as an independent controller to process the payment.
  • Security
    We process the number of profile pages users view to detect and prevent data harvesting. We also process your IP address to filter out suspicious requests. If you are a Member, we store your full IP address in connection with your account registration request and your current last login. Otherwise, your login activities are only stored in connection with your truncated IP addresses. Also, we process information about the device, its operating system and the browser you are using for your current session.
  • Statistics
    We use activity data, such as number of read publications, projects and number of citations, to generate statistics, which pertain to reading behavior or achievements. For example, we may use such activity data in order to calculate and display a read count on an individual publication page.

3.How we use data we collect about you

The following explanations will provide you with information about how we use the personal data that we collect about you, and our legal basis for doing so.

  • to provide and improve our Service;
  • to perform internal quality checks;
  • to prevent, detect, process and investigate malfunctions, incidents, fraudulent or other illegal activities, or mitigate the risk of occurrence of the aforementioned events;
  • to ensure network and information security;
  • to create statistics on access channels and the use of our Service;
  • to contact you, if requested by you or if necessary to fulfil the contract or permitted by law;
  • enforcing obligations owed to us, and contractual terms and conditions and;
  • accounting, risk management and record keeping

Also, we may use your data to comply with legal obligations, e.g. to observe retention periods required by trade or tax law or to comply with obligations to disclose data based on a legally binding court decision or official order.

More specifically, we may use your data for the following purposes.

  • BAScic account
    The personal data you provide in connection with registering for your Member account will be used to create, maintain, and secure your account. By creating a Member account, you will benefit from functionalities and services that are not available to Visitors. Any personal data you provide in addition to the required data to register for an account, will facilitate your ability to get into contact with other Members, promote yourself and your research.
  • Communications
    Depending on the way you are communicating with us, we may use your name, email address, telephone number, and the content of your previous correspondence to respond to you and provide assistance.
  • Transactional emails
    Provided you have not opted out from receiving transactional emails from us, we will use your email address to send you emails about relevant developments on the Service concerning for example, your network, new features, publications, projects, updates from the Q&A section, and emails regarding your professional career.
    You can opt out from receiving transactional emails at any time by clicking the “unsubscribe” link within an email where available.
  • Sponsored emails
    Where you have provided your prior consent to receiving sponsored emails, we will use your email address to send you such emails. Where legally allowed, we will also use your email address to send you sponsored emails without your prior consent.
    In any case, you can opt out from receiving sponsored emails at any time by clicking the “unsubscribe” link within an email.
  • Ensure the security of your personal data
    We process your personal data in order to avoid its accidental or unlawful destruction, as well as its loss, alteration, or unauthorised disclosure.
  • Generate statistics
    We use your personal data to generate statistics which pertain to reading/search behavior and achievements. We also generate statistics for internal purposes in order to constantly improve the Service and its features. We also conduct research and development to maintain quality and improve our Service and the User experience.

4.How we use relevant publicly available data

We also process personal data relating to Authors that is publicly available and relevant for our Service.

We may obtain a variety of information about Authors from publicly available sources, such as information regarding previous research published, the publication itself (including personal data too) and other functions or references of an Author related to a publication. We may also process information related to an Author, to create a record of their body of scientific contributions, or that might help understand professional connections between Authors and Members. Where an Author’s scientific work was publicly or privately funded, we may also process this publicly available information.

When we collect publicly available materials we do not have a way to ensure that personal data in such materials has been processed in accordance with the applicable laws. However, if you notify us that your personal data contained in such materials is inaccurate or has been processed in violation of applicable data protection laws, we may delete it upon verification of your identity.

The public data processed may be associated with an account when an Author chooses to become a Member.

  • The data processed is publicly available data. Also, the data processed has to be processed to provide a correct and complete scientific picture. Our legitimate interest is to provide a comprehensive and accurate repository of scientific work, contributions and success. Without processing additional public data, we could not achieve these aims. Furthermore, since we offer the possibility to connect this data with an account, we provide Members a convenient way to establish an account that is as complete as possible, without the effort of manually adding the information themselves.

5.Information we process when using technologies like cookies and pixels

We and service providers acting on our behalf store log files and use tracking technologies such as cookies, web beacons, tracking pixels, and local shared objects, also known as flash cookies, to collect information relating to you and your use of the Service.

5.1.Basics
“Cookies” are small files that enable us to store and collect specific information related to you and your use of the Service on your computer or other end devices. They help us to analyse the number of people who use the Service, usage frequency, User behaviour and advertising effectiveness, to increase security and to tailor our Service and advertisements to your needs and preferences.

  • This website uses so-called “session cookies” which after your session on the website session ends, will automatically be deleted.
  • This website also uses “persistent cookies” to record information about repeat Users of the Service. Persistent cookies are designed to help us continually improve the products and services we offer you and to ensure the quality of our services. “Persistent cookies” remain for a certain pre-defined period of time and are recognized by us when you return to the Service (or one of our partner sites).
  • You can edit the settings of your browser to prevent cookies from being stored, to limit the storage of cookies to certain websites, or such that your browser informs you every time a cookie is sent. You can also delete cookies at any time. However, please note that if cookies are deactivated you will not be able to take advantage of some of BAScic’s features. For specific help on how to delete Cookies with the help of your browser, please consult respective help sections, such as Google Chrome, Mozilla Firefox or Safari.

6.Third party services for analytics, measurement and ad delivery

6.1.Google Services
Google Analytics: We use Google Analytics to evaluate the usage behaviour on our Service. Google Analytics is a web analysis service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. For this web analysis service, Google uses cookies on our website to systematically evaluate the interactions of Users on our Service. The information generated by the cookie about the use of our Service by the user (e.g. truncated IP address, website currently visited, referrer, duration of stay, and frequency of the call of the website) is transferred to a Google server in Ireland. In addition, a transfer of the data to another Google server in the USA is possible. Google will use this information for the purpose of evaluating your use of the Service, compiling reports on website activity for us, and providing other services relating to website activity and Internet usage. The processed data can be used to create pseudonymous user profiles of Users. The data is deleted after 26 months. By activating IP anonymization on our website, your IP address is truncated before it is forwarded within the member states of the European Union or other states party to the Agreement on the European Economic Area. Only in exceptional cases will your full IP address be forwarded to a Google server in Ireland and possibly the USA and shortened there. Google will not combine your IP address collected via Google Analytics with other data that Google holds. Google has subjected itself to the US Privacy Shield.
In addition, each of the following services is provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland. You can opt out from the following Google services using this link:

  • Google Tag Manager is a solution that allows us to manage website tags through one interface. The Tag Manager itself is a cookie-less domain and does not collect personal data. The tool triggers other tags that may collect personal data. Google Tag Manager does not access this data.
  • We use Google DV 360, including the tool “Display & Video” to be able to recognize you on third-party websites. For this purpose, the Google Display & Video 360 will place cookies on your device which will enable recognition of you in the Google advertising network. We are subsequently able to present you advertisements on the basis of your surfing behaviour on third-party platforms. This service also enables us to evaluate delivered advertisements and optimize them.
  • Google Ad Manager enables the control and optimization of advertisements on our Service. It also helps to create campaign performance reports and prevents advertisements being displayed to you multiple times. Google Ad Manager also uses cookies for this purpose.

7.Recipients and safeguards

7.1.Recipients
BAScic does not sell any of your personal data. The personal data that BAScic collects from you and that you provide to BAScic is processed in Kenya and stored on servers in America. Some of your personal data is accessible to other Users of our platform who may, for example, visit your publication pages or profile. Your personal data may also be transferred to third parties as described in this Privacy Policy and where applicable to those third parties listed in our consent modal. 

These parties might be advertisers or companies that help us disseminate advertisements, measure the performance of our advertisements and/or analyse your use of the Service. These third parties will not receive data that directly personally identifies you. The data shared is limited to identifiers such as IP addresses and cookie IDs. Your name, email address, and other directly identifying data will only be shared with third parties if you explicitly allow us to share this data.

We may also disclose personal data in response to legal process or when the law requires it (for example, in response to a court order) or, to the extent permitted by applicable law, to protect the rights, property, or safety of BAScic, the Service, Users of the Service (including you), and others.

We may use third party service providers, in particular for technical and business services, tax advisors and legal counsel. These service providers receive personal data solely for the performance of their services for us on our behalf. They are contractually obliged not to use personal data for other purposes.

7.2.Safeguards
Some of the third parties with whom your personal data will be shared are located outside of the Kenya, in countries whose data protection laws may not be as extensive as those which apply to us. If we transfer your personal data to countries outside of Kenya or which do not offer adequate and similar protection, we will ensure that we do this in accordance with applicable data protection regulations. We will do this with a view to ensuring that the level of protection applied to the processing of your personal data in these countries is similar to that applied within the European Economic Area.

8.Closing your account and retention of personal data

For Members, we generally store their personal data as long as their account is active.

If you have created an account, you can close it yourself in your ‘Account Settings’. If you request that we close your account for you, we might ask for proof of identity before doing so.

We may also close inactive accounts or accounts that are used in violation of our Terms & Conditions or any applicable law.

Immediately after closing an account, it will not be accessible/visible anymore. Please note that closing an account is irreversible.

For Members, we will retain personal data from closed or inactive accounts to the extent and as long as it is necessary and relevant for our operations and/or to comply with law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, enforce our Terms & Condition and/or take other actions otherwise permitted by law.

In general, personal data from closed or inactive accounts will be deleted or anonymised from our system backups one year after the account is closed or deactivated.

We only keep personal data for the time strictly necessary in order to enable the use of our Service and/or to fulfil the purposes identified above, and/or to comply with any legal or regulatory obligations. In all other cases, we delete your personal data with the exception of such data that we are required to retain for the purpose of contractual or statutory (e.g., taxation or commercial law) retention periods. In particular, we keep payment and invoice related information or support inquiries to the extent required by trade and tax law for the statutory retention periods (ten, respectively six years).

9.Automated decision-making

We do not engage in automated individual decision-making, including profiling.

10.Data subject rights

In addition to your rights to withdraw any consent you may have granted or exercise any opt out option we provide, you may be entitled to exercise some or all of the following rights:

  • Right of access by the data subject. In particular, you can obtain information about the purposes of processing, categories of personal data, categories of recipients to whom your data has been or will be disclosed, planned storage period, and origin of your data if it was not collected directly from you.
  • Right to correct inaccurate personal data or complete incomplete data.
  • Right to obtain deletion of your personal data stored with us, subject to legal or contractual retention periods or other legal obligations or rights which must be observed.
  • Right to restrict the processing of your personal data in the event that: you contest the accuracy of the data; the processing is unlawful but you oppose its deletion; we no longer need the personal data for the purposes of the processing but you need it for your assertion; it may be relevant to the exercise or defense of legal claims; or you have lodged an objection to the processing.
  • Right to data portability, to receive the stored personal data concerning you in a structured, commonly used, and machine-readable format or request the transfer of this data to another responsible party.
  • Right to lodge a complaint with your competent supervisory authority. Your competent authority is the authority at your usual place of residence or the authority competent for us.

You have the right to object to all types of processing, based on grounds relating to your particular situation. To the extent we process your personal data pursuant for direct marketing purposes, you can object to such processing at any time without giving a particular reason.

You may (i) exercise the rights referred to above or (ii) pose any questions or (iii) make any complaints regarding data processing by contacting using the method below.

11.Contact information

If you have any questions or concerns about this Privacy Policy, please email our Data Protection Officer at info@bioafricascience.com