ACSAIR Academy Privacy and Data Policy

Effective date: 25th February 2026

This Privacy and Data Policy explains how ACSAIR collects, uses, stores, shares and protects personal information in connection with the ACSAIR Academy website, courses, registration forms, and the Food Sustainability Challenge (TAFSC 2026).

Data Controller / Organization Information

Controller name: Afrique Center for Statistics, Artificial Intelligence & Innovation Research (ACSAIR)

Trading/Platform name: ACSAIR Academy

Contact email: academy@acsair.org

Address: Off Kyebando Road, Kamwokya II, Kampala, Uganda

Data protection contact or representative : info@acsair.org

Scope

This policy applies to personal information collected through:

  • The ACSAIR Academy website and challenge pages
  • Course registration and participation forms
  • The TAFSC 2026 test page and related assessment systems
  • Email, phone, and support communications related to the challenge or course
  • Cookies and analytics tools used on the website (see Cookie Notice section)

Personal Information We Collect

Depending on how a user interacts with the Website and the challenge, ACSAIR may collect the following categories of information:

Category

Examples

Collected for

Identity details

Full name, date of birth

Eligibility, verification

Contact details

Email address, phone number, postal/physical address, country

Registration, communication, winner contact

Professional profile

Profession, organization, role (if requested)

Challenge records, reporting, outreach

Course and challenge records

Enrollment status, module completion, test access history, one-attempt logs

Administration, integrity, support

Assessment data

Test responses, score, completion time, submission timestamp

Scoring, ranking, audit

Technical and security data

IP logs, browser/device information, session logs, error logs

Security, fraud prevention, troubleshooting

Communication records

Emails, support messages, call notes

Support, dispute resolution, compliance

Payment/payout data (winners only)

Bank or transfer details, ID verification data, tax forms (if required)

Prize payout, legal compliance

How We Collect Information

  • Directly from you (for example, when you complete forms or submit the test).
  • Automatically through website and system logs, cookies or similar technologies.
  • From service providers that support hosting, analytics, forms, communications, or payment transfer, where applicable.
  • From verification checks required to validate winners or detect fraud, where lawful and proportionate.

Purposes of Processing

  • Create and manage participant records and course enrollments.
  • Verify eligibility and identity for challenge participation.
  • Administer the TAFSC 2026 test, enforce the one-attempt rule, and maintain test integrity.
  • Score submissions, rank participants, and determine winners.
  • Communicate challenge information, support responses, updates, and results.
  • Prevent fraud, abuse, duplicate entries, and security incidents.
  • Comply with legal, tax, accounting, and audit obligations.
  • Improve website performance, user experience, and challenge administration processes.

Legal Bases for Processing

If you are subject to GDPR or similar data protection laws, ACSAIR may rely on one or more of the following legal bases, depending on context:

  • Consent – for specific processing activities where consent is requested (for example, non-essential cookies, optional publicity consent, or optional marketing communications).
  • Contract or pre-contractual steps – where processing is necessary to administer the course/challenge and provide requested services.
  • Legitimate interests – for website security, fraud prevention, challenge integrity, and service improvement, where such interests are balanced against individual rights.
  • Legal obligation – where processing is necessary for compliance with law (for example, tax, accounting, audit, or law enforcement requests).

Cookies, Analytics and Similar Technologies

ACSAIR may use cookies and similar technologies to operate the website, maintain security, remember preferences, and analyze website usage. Non-essential cookies should be used only with valid consent where required by law. See (Cookie and Tracking Notice) for details.

Data Sharing and Recipients

ACSAIR may share personal information only where necessary and lawful, including with:

  • Website hosting, cloud infrastructure, or learning platform providers
  • Form, email, or communication service providers
  • Analytics and security providers
  • Payment or remittance providers (for prize payouts to verified winners)
  • Professional advisers (legal, audit, compliance) under confidentiality obligations
  • Regulators, courts, or law enforcement where legally required

ACSAIR does not sell participants’ personal data.

International Data Transfers

If participant data is transferred across borders (for example, because a cloud service or support provider is located in another country), ACSAIR will use appropriate safeguards required by applicable law, such as contractual safeguards, adequacy decisions, or equivalent mechanisms.

Data Retention

ACSAIR retains personal information only for as long as reasonably necessary for the purposes described in this policy, including challenge administration, winner verification, security investigations, and legal or audit obligations.

  • Participant registration and challenge records: 12 months after challenge close
  • Consent logs and policy acceptance records: 12 months
  • Winner verification and payout records: 24 months after challenge close
  • Technical logs and security records: 24 moths

Data Security

ACSAIR applies reasonable technical and organizational measures to protect personal information against unauthorized access, loss, misuse, alteration, or disclosure. Measures may include access controls, least-privilege permissions, encrypted transmission (HTTPS), backups, logging, and vendor management controls.

No online system is completely risk-free. ACSAIR cannot guarantee absolute security, but will take appropriate steps in line with applicable law and available technology.

Your Privacy Rights

Depending on your jurisdiction, you may have rights regarding your personal data, including rights to access, correct, delete, restrict, object, or request portability of your information, and the right to withdraw consent where consent is used.

  • To make a rights request, contact: academy@acsair.org with sufficient information to verify your identity.
  • ACSAIR may request additional information to confirm identity before processing a request.
  • Certain rights may be limited where data is required for legal compliance, fraud prevention, or challenge integrity.

Children’s Data

If the challenge is intended only for adults, ACSAIR does not knowingly collect personal information from children for the TAFSC 2026 test. If ACSAIR becomes aware that a child has submitted personal information without valid authorization where required, ACSAIR will take steps to remove the data in accordance with applicable law.

Automated Decision-Making and Profiling

The challenge test score may be generated automatically based on responses. Final winner selection may also involve manual review for eligibility and integrity checks.

Changes to This Policy

ACSAIR may update this Privacy and Data Policy from time to time. Material changes will be posted on the Website with an updated date and, where required, communicated to users.

Complaints

Users may contact ACSAIR using the details in Section 8. Where applicable law provides a right to complain to a supervisory authority or regulator, users may also contact the relevant authority in their country.

Cookie and Tracking Notice

This Cookie and Tracking Notice explains how ACSAIR Academy uses cookies and similar technologies on its website and challenge pages.

What Cookies Are

Cookies are small text files stored on a user’s device when visiting a website. Similar technologies may include pixels, tags, local storage, and device identifiers.

Types of Cookies We May Use

  • Strictly necessary cookies – required for core website functionality, security, login sessions, and form/test operation.
  • Preference cookies – used to remember selected settings or language preferences.
  • Analytics cookies – used to understand page usage and improve website performance (subject to consent where required).
  • Marketing or third-party cookies – used for outreach or campaign measurement, if implemented (subject to consent where required).

Cookie Consent

Where required by law, ACSAIR will request clear opt-in consent before setting non-essential cookies. Users should be able to accept, reject, or manage non-essential cookies through a consent banner or preference center.

Managing Cookies

Users can also manage cookies through browser settings. Disabling some cookies may affect website functionality, including course or test features.

Test Integrity and Academic Honesty Policy

This policy supports fairness, credibility and trust in the TAFSC 2026 challenge.

Participant Responsibilities

  • Complete the test personally and independently unless collaboration is expressly allowed.
  • Do not share test links, private access credentials, or answer keys in ways that undermine fairness.
  • Do not use automation, scripts, bots, or unauthorized software during registration or testing.
  • Submit accurate registration information and maintain a single participant identity.

ACSAIR Integrity Controls

  • One-attempt enforcement using participant identifiers and technical logs.
  • Session and timing records for audit and anomaly detection.
  • Manual review of top-ranked submissions before final winner confirmation.
  • Disqualification or re-verification where suspicious activity is detected.

Suspected Misconduct

ACSAIR may pause review, request clarification, or disqualify participants if there is a reasonable concern about misconduct. ACSAIR may maintain evidence logs for audit and dispute resolution purposes, consistent with applicable privacy law.

Appeals

Written appeal within 7 days of winners announcement or notification, reviewed by an internal panel, final response within 14 days.

Prize, Winner Verification and Publicity Terms

Prize Payment Process
  • Prizes will be paid only after winner eligibility and identity verification are completed.
  • ACSAIR may request government-issued identification or equivalent proof of identity where lawful and necessary.
  • ACSAIR may require confirmation of payout details and signed receipt/acknowledgment forms.
  • If payout to a winner is restricted by law, sanctions, banking limitations, or compliance screening, ACSAIR may delay payment, request alternative lawful payout arrangements, or select another eligible winner where legally required.
Tax and Reporting

Winners are responsible for personal tax declarations unless local law requires ACSAIR to withhold or report prize amounts. ACSAIR may collect information reasonably necessary to comply with tax, accounting, audit or anti-fraud obligations.

Publicity

ACSAIR may publish winner names, countries and non-sensitive profile details to announce challenge results, subject to applicable law. For photographs, videos, interviews or testimonials, ACSAIR should obtain separate publicity/media consent where required.

Prize Disputes

Any dispute about prize eligibility or distribution will be handled under the complaints process in Section 8 and the governing law/dispute clause in the Website/Challenge Terms.

Contact, Complaints and Data Rights Requests

General support email

academy@acsair.org

Privacy / data rights email

academy@acsair.org

Legal / terms inquiries

academy@acsair.org

Response timeline

5-10 business days