Privacy Policy

 

 

 

Introduction

We, The Caribbean Agency for Justice Solutions (CAJS) functioning through our associated company, Advance Performance Exponents Inc. (APEX) (we, us, our) take privacy, and the security of personal data, very seriously, and we are committed to ensuring that we safeguard the privacy and personal data of our website visitors, those with whom we communicate through that website, whether by email or electronically, and users of all of our Online Platforms at all times and in the best way possible.

This privacy policy (together with any other documents referred to on our website or which we have sent you) tells you:

  • Who we are.
  • How we collect, use, store and share your personal data.
  • Your privacy and other related rights under the provisions of the Data Protection Act, 2019-29 (DPA) of the Laws of Barbados.

Please note that we may operate other websites which may have their own privacy notices or policies, and you should check those notices and policies in relation to your use of those websites.

Please note that this website includes links to third-party websites and applications. Clicking on those links, or enabling those connections, may allow third parties to collect or share data about you. We have no control over these third-party websites and applications and are not responsible for their privacy statements. You must therefore make sure that you understand how those websites and organisations will use your personal data and not rely on this policy.

Please read this privacy policy, and any other privacy notice or policy that we may have provided to you. We want to be sure that you are fully aware of how and why we are using your data.

Please note that this website is not intended for children, and we do not knowingly collect data relating to children.

Who are we?

We are The Caribbean Agency for Justice Solutions (CAJS) functioning through our associated company, Advance Performance Exponents Inc. (APEX). Our contact details are as follows. Registered Office: Chancery House, High Street, Bridgetown BB11128, Barbados. Email: info@caribbeanjustice.org. 

We are a Caribbean-based non-profit agency birthed from a mandate given by the Caribbean Court of Justice (CCJ) and, we function legally as a Barbados-incorporated non-profit company. That mandate is to develop and deliver technology-enabled solutions and capacity-building services to support, strengthen and improve confidence in the justice sector.

We are the ‘data controller’ for the information that we collect when you visit our website or Online Platforms. That means that we decide how to use information about you (referred to as ‘personal data’), and we are responsible for looking after your personal data in accordance with data protection legislation. We will explain below how we collect and use your personal data, and what we mean by the term ‘personal data’. Please note that when we refer to ‘processing’ your personal data, what we mean is using your personal data in connection with this website by acquiring it, using it, storing it, communicating it to other people (with your consent or as part of our service to you) or deleting it.

We have appointed our Department of Legal Services (DLS) to be able to help you if you have any questions about this privacy policy. If you do have any questions, or you would like to exercise any of your legal rights in relation to your personal data, then please contact them at: info@caribbeanjustice.org. 

Please note that we may update this privacy policy at any time. Any changes we may make to our policy in the future will be posted on this page. Please check back frequently to see any updates or changes made.

Complaints

Should you have any complaints or queries about anything relating to the privacy of your personal data, or any other data protection issues, please let us know using the contact details above and we will do our best to deal with them.

Personal data we collect about you

The term ‘personal data’ means any information about an individual from which that individual may be identified. It does not, therefore, include data where the identity has been removed (anonymised data).

We may collect, store and use some or all of the following categories of data about you.

When you use our website and/or Online Platforms, we may record:

  • technical information, including the type of device you use to access our website, the Internet Protocol (IP) address, your login data, the type and version of your browser, your time zone setting and location, browser plug-in types and versions, operating system, platform and mobile network information; and
  • your usage of our website, including the full Uniform Resource Locators (URL), the pages you viewed, the page response times, any download errors, the length of time you were on a particular page, how you interacted with the page (such as scrolling, clicks and mouse-overs), and how you browsed away from the page.

When you contact us or use any of our services including the engagement in any media or learning platforms and purchase any of our products, we may record:

  • your name and contact information, including email address and telephone number;
  • business/company details if you have contacted us on behalf of a business/company;
  • your gender information, if you choose to give this to us;
  • your personal or professional interests;
  • your professional and/or personal online presence (e.g., LinkedIn or Facebook profile);
  • information about how you use our website, IT, communication and other systems;
  • video footage such as from participation in a video conference, class session or class discussion;
  • audio recordings from our video capture and other interactions online;
  • your responses to surveys, competitions and promotions; and
  • personal information such as credit card and online payments details.

This personal data is needed so that we can provide services and supply products to you or your business or your company. If you do not provide the personal data asked for, we may be delayed or prevented from providing those products and services.

How we collect your data

We will collect most of your personal data directly from you, whether in person, by telephone, text or email and/or via our website. This might be when you:

  • create an account on our website;
  • complete an online form;
  • subscribe to one of our publications/newsletters;
  • request that information be sent to you;
  • enter a competition;
  • take part in a survey;
  • write to us with information;
  • send a postal form to us;
  • telephone, fax or text us;
  • send information to us using social media; or
  • provide feedback on products and services.

However, we may also collect information:

  • from publicly-accessible sources (for example the internet, LinkedIn or a Corporate Registry);
  • directly from a third party where the issue involves someone else (for example referees for a job);
  • from automated technologies or interactions with our website through the use of cookies and similar; and
  • via our systems (for example door entry systems and reception logs, CCTV and access control systems, communications systems, email and instant messaging).

How we use your data

We will only use your personal data when the law allows us to do so, and where we have a proper reason for doing so. Most often, we will use your personal data in the following circumstances:

  • Where you give us your consent to using your personal data; for example, when you correspond with us or request a newsletter (your consent may be withdrawn by you at any time as set out in this policy).
  • For the performance of our contract with you (where applicable), or to take steps at your request before entering into a contract.
  • Where it is necessary for our legitimate interests (or those of a third party); for example, we have a business or commercial reason for using your personal data and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

Normally, we will only use your data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related reason, and that related reason is compatible with the original purpose. If we need to use your data for an unrelated purpose, we will seek your consent to use it for that new purpose.

We have set out, in the table below, a non-exhaustive list of details of the ways that we may use your personal data, the legal bases we rely on to do so, and what our legitimate interests are, where relevant.

Note that it may be necessary for us to process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Purpose

Data type

Lawful basis/legitimate interest

Register on our website to receive a newsletter

Name

Email Address

Consent

Purchase a product or service

Name

Email Address

Account Address

Delivery Address

Payment details

Performance of a contract

Register as a conference attendee

Name

Email Address

Home Address

Experience

Education/skills

Availability (if a speaker)

Personal interests

Referee details

Consent

If you require more details about this, please contact us.

Sharing your data

We may need to share your data with third parties where they provide services on our behalf (for example delivery companies or those who help us to operate the website). We require that all our third-party service providers take necessary security measures to protect your personal data. We do not permit your personal data to be used by those third parties for their own purposes, and they may only process your data for specified purposes, and in accordance with our instructions.

We may share your personal data with third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, to enforce or apply our site terms of use, or to protect the rights, property or safety of our site, our users and others. We will, however, ensure that sharing of your data is kept to a minimum.

We may need to share your data with third parties to whom we may choose to sell, transfer or merge parts of our organisation. If this occurs, the new owners may use your personal data in the same way as set out in this privacy and cookie policy.

If you have given your consent to being sent information or marketing materials you may at any time, ask us to stop sending these to you simply by contacting us; or, where provided, by logging into the website and checking or unchecking relevant boxes to adjust your preferences; or by following the opt-out links on any communication or marketing message sent to you.

We use Google Analytics to collect information as to those who use our website, including IP addresses, unique identifiers, device and software details, mobile phone carrier and geo location data. This helps us to understand the use that is made of our website. Google is prohibited from using our data for any other purposes. Go to www.marketingplatform.google.com/about/analytics/terms/us/ to read the Google Analytics Privacy Policy.

We may be required to disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

Storing and retaining your data

Personal data is stored on our secure servers, secure servers that we lease from third party vendors and/or at our premises. Special rules will apply to the protection of your data if it is stored outside Barbados. Special rules will also apply where, for example, we need to contact third parties on your behalf who have offices outside Barbados, where electronic services and resources are based outside Barbados, or where there is an international element to your matter.

We may also need to transfer your personal data to countries that have not been assessed by the Secretary of State as providing adequate protection. In such cases we will always take steps to ensure that, wherever possible, the transfer complies with data protection law, and that your personal data will be secure. We use standard data protection contract clauses in such circumstances.

For further information please contact the DLS at info@caribbeanjustice.org.

We will keep your personal data only for as long as is necessary. In working out how long we need to keep your personal data we consider the amount, nature and sensitivity of the personal data, the potential for harm to arise from its unauthorised use or disclosure, the purposes for which we process it, and as to whether those purposes may be achieved by other means, and the applicable legal requirements. Since retention periods will differ for different types of personal data, please contact us for further details.

In order to ensure that your personal data is kept secure, and to prevent there being any breach of confidentiality or unauthorised use, we have put in place security measures which are intended to prevent your personal data from being accidentally lost or used or accessed unlawfully. Access to your personal data is restricted to those with a need to access it, and regard will be had to the need for confidentiality when that personal data is processed.

If there is a suspected data security breach you will be notified. Where relevant we will also inform the appropriate regulator of a suspected data security breach where we are legally required to do so.

Please bear in mind that the transmission of information via the internet is not completely secure, and whilst we will do our best to protect your personal data, we cannot guarantee the security of data transmitted via our website, or by email, and any such transmission is at your own risk.

Your legal rights

Under the DPA you have certain legal rights which apply in certain circumstances. These include the right to:

  • Right of access: this allows you to receive, from us, confirmation as to whether or not your personal data is being processed, and if so to gain access to that personal data and various other information about it, including the purpose for the processing, with whom the data is shared, how long the data will be retained, and the existence of various other rights.
  • Right to rectification: this is a right to obtain from us, without undue delay, the putting right of inaccurate personal data concerning you.
  • Right to erasure: this is the right for you to request that, in certain circumstances, we delete data relating to you.
  • Right to restriction of processing: the right to request that, in certain circumstances, we restrict the processing of your data.
  • Right to prevent processing likely to cause damage or distress: this is a right, in certain circumstances, to object to personal data being processed by us where it is likely to cause substantial damage or distress or, the damage or distress is or would be unwarranted.
  • Right to prevent processing for purposes of direct marketing: this is, a right, in certain circumstances, to object to personal data being processed by us where it is in relation to direct marketing, or in relation to processing supported by the argument of legitimate interest.
  • Right to data portability: the right, in certain circumstances, to receive that personal data which you have provided to us, in a structured, commonly used and machine-readable format, and the right to have that personal data transmitted to another controller.
  • A right not to be subject to automated decision making: that is to say, a right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you.

In some circumstances we may not be able to do what you have asked; for example, where there is a statutory or contractual requirement for us to process your data and it would not be possible to fulfil our legal obligations if we were to stop.