Privacy Policy
Last updated: 25 November 2025
The Organisation of African, Caribbean and Pacific States (OACPS) is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website, www.oacps.org, or interact with our online services.
This policy is prepared in accordance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and applies to all visitors, partners, stakeholders, and individuals who engage with our digital platforms.
1. Who We Are
Organisation of African, Caribbean and Pacific States (OACPS)
Avenue Georges Henri 451,
1200 Brussels, Belgium
Website: www.oacps.org
Email: registry@acp.int
Data Protection inquiries: ict@acp.int
2. Personal Data We Collect
We collect and process personal data via the website in the following situations:
A. Data You Provide Directly
- Contact form submissions
- Event registrations and workshop sign-ups
- Newsletter subscriptions
- Applications or expression-of-interest submissions
- Email communications sent to OACPS
Categories of data may include:
- Full name
- Email address
- Phone number
- Organisation/affiliation
- Country
- Any information voluntarily provided in messages and forms
B. Data Collected Automatically
Via cookies, analytics, and server logs:
- IP address
- Browser type and version
- Device type
- Operating system
- Pages visited
- Time and date of access
- Referral sources
See our Cookie Policy for more details.
C. Data from Third Parties
OACPS may receive data from:
- Event platforms
- Partner institutions
- Application portals
- Social media platforms
- Embedded services (e.g., YouTube, Google Maps)
3. Legal Basis for Processing (GDPR Articles 6 & 9)
We process personal data under the following lawful bases:
A. Consent (Art. 6(1)(a))
When you explicitly agree, such as:
- Accepting non-essential cookies
- Subscribing to newsletters
- Registering for certain events
B. Performance of a task carried out in the public interest (Art. 6(1)(e))
OACPS performs institutional and public-interest functions under international agreements.
C. Contractual necessity (Art. 6(1)(b))
For example:
- Providing requested documents
- Registering participants for events or programmes
D. Legitimate interests (Art. 6(1)(f))
Includes:
- Website security
- Preventing misuse or cyber threats
- Improving website performance and user experience
E. Compliance with legal obligations (Art. 6(1)(c))
Where EU or Belgian law requires it.
OACPS does not collect sensitive personal data unless absolutely necessary and with explicit consent.
4. How We Use Personal Data
We use personal data to:
- Respond to inquiries
- Manage event registrations and send confirmations
- Provide updates, newsletters, and official communications
- Improve website functionality, analytics, and security
- Maintain mailing lists and stakeholder directories
- Process online applications or submissions
- Ensure compliance with data protection laws
We do not sell or rent personal data to third parties.
5. Cookies and Tracking Technologies
Cookies may be used to:
- Enable core site functionality
- Provide analytics
- Remember language preferences
- Display embedded content
Full details are provided in our Cookie Policy.
6. How We Share Personal Data
We may share data with:
- Trusted third-party service providers
- Analytics tools (e.g., Matomo, Google Analytics if enabled)
- Event management platforms
- Email communication tools (e.g., Mailchimp or similar)
- ICT and hosting providers
- Partner institutions involved in OACPS programmes
All processors operate under strict contractual agreements compliant with GDPR.
We do not share personal data for commercial advertising.
7. International Data Transfers
Given OACPS’s global mandate, some data may be transferred outside the EU.
Transfers only occur when:
- Necessary for OACPS operations
- Adequate safeguards apply (e.g., Standard Contractual Clauses, secure encrypted channels)
- The destination country ensures an adequate level of data protection
8. Data Retention
We retain personal data only for as long as necessary for the purposes described in this policy.
Typical retention periods:
- Contact form messages: 6–24 months
- Event registrations: up to 5 years
- Mailing list subscriptions: until you unsubscribe
- Analytics data: 12–26 months
- Technical logs: up to 12 months
Documents required for legal or institutional archiving may be retained for longer.
9. Your Data Protection Rights
Under GDPR, you have the right to:
✔ Access your personal data
✔ Rectify inaccurate or incomplete data
✔ Erase your data (right to be forgotten)
✔ Restrict processing
✔ Object to certain processing
✔ Data portability (where applicable)
✔ Withdraw consent at any time
✔ Lodge a complaint with an EU supervisory authority
To exercise your rights, contact:
registry@acp.int
10. Data Security
We implement technical and organisational measures to protect personal data, including:
- HTTPS encryption
- Secure hosting environments
- Access controls and role-based permissions
- Regular system updates and security patches
- Encrypted data transfers
- Malware and firewall protection
Despite these measures, no system is 100% secure.
11. Links to External Sites
OACPS.org contains links to third-party websites.
We are not responsible for their privacy practices and encourage you to review their policies.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect operational changes or legal requirements.
The most recent version will always be available on (www.oacps.org/privacy-policy.)
13. Contact Information
For questions about this Privacy Policy or to exercise your GDPR rights:
Data Protection
Email: ict@acp.int
General Inquiries
Email: registry@acp.int
Address:
OACPS Secretariat
Avenue des Communautés 110,
1200 Woluwe-Saint-Lambert (Woluwe Heights),
Brussels,
Belgium
