Scofield Associates, take your privacy seriously. As a company, our mission is to provide quality services while adhering to ethics and building lasting relationships can only be achieved through protection of the data we collect. Safeguarding confidential and personal information is core to the services offered by Scofield Associates. Scofield Associates commits to protecting confidential and personal information, including that of our clients and third parties, and to continually monitor regulatory and legal requirements to support compliance. Scofield Associates management sets guidelines, develop procedures, provide consultation and training, and assesses the effectiveness of controls relating to confidentiality and privacy. Our teams work with the Legal department, to understand, prepare for and respond to known and reasonably anticipated risks and threats facing privacy and data protection.

Scofield Associates complies with applicable privacy laws and regulations around the globe, including the European Union (EU) General Data Protection Regulation (GDPR), and specific laws in countries in the Horn of Africa. Nairobi being the headquarters, Scofield Associates understands and aligns to the requirements of the Data Protection Act of 2019. Scofield Associates regularly monitors for changes in privacy laws and regulations and adjusts policies and procedures when appropriate. Additionally, Scofield Associates has instituted an annual review process to verify compliance with our privacy policy and procedures.

Personal Information:

“Personal Information” generally means any information that can reasonably identify you as an individual, and any other information we associate with it. We collect categories of information, from different sources.

1. This information voluntarily provided to us may include:

• Contact information during data collection in the field.  Such information may include your name, street address, demographic information (such as your gender), date of birth, phone number, and email address. You may also provide us information about other people.
• Similar professional contact information if you interact with us in the scope of your employment. This may include your employer, job title, work address, phone and email, and similar such information.
• Any content or contributions and appearances in our events and meetings. This includes comments, videos, and photos that you might submit, or be taken in such events. If you contact us through a social media site, we may collect your social media identifier.
• Any information you provide in communications with us, such as via social media or e-mail.
• Any other information included in our mailing lists for communication and frequent notification.

2. We may receive information from third parties such as public databases, and social media platforms, to supplement the information we receive from the community and our partners. If we do so, this policy governs how we can use that information.
3. In addition to collecting Personal Information, we may collect information that does not identify you and is not associated with your Personal Information. We may also disidentify information, so it no longer identifies you. We can aggregate and use such information to engage in report and policy brief development and other activities in a manner that protects the community, our partners, and clients.

How We May Use Personal Information:

We may use Personal Information, as permitted by law, for the following business purposes:

• To respond to your inquiries and fulfil your requests.
• Communicate with you about and our services and share our reports and other products with you.
• Re-contact you if we have not heard from you in a while.
• Improve your experience with our services, such as by personalizing your experience with us.
• Permit you to participate in social sharing, including live social media feeds.
• Perform analytics, quality control, research, and determine the effectiveness of our websites, mobile applications, messaging campaigns, and develop new services.

Cybersecurity:

Scofield Associates executes a strategy designed to:

• Create a cohesive, Horn of Africa security program with consistent, high-quality research
• Extend security tools worldwide for advanced protection of highly distributed data.
• Implement and sustain technology safeguards to protect confidential and personal information.
• Prepare and implement plans to promptly recover from and restore any systems that may be adversely impacted by a cyber incident.
• Reduce the risk of unauthorized exposure of confidential or personal information.