Privacy Policy
1. Introduction
The East Africa Communications Organisation "EACO", "we", "our" or "us" is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website at eaco.int, register for events, submit enquiries, or otherwise interact with us.
By accessing or using our website and services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms described herein, please discontinue use of our services.
EACO is an inter-governmental organisation established by the East African Community member states. Our secretariat is based in Kampala, Uganda. This Policy applies to all individuals whose personal data we process, including delegates, member representatives, website visitors, and other stakeholders.
2. Information We Collect
We collect personal information in the following categories:
- Identity data — full name, job title, designation
- Contact data — email address, phone number, postal address
- Organisational data — employer name, institution, government ministry or agency
- Event registration data — dietary requirements, accommodation preferences, travel details, special needs
- Communication data — messages, enquiries, and correspondence you send to us
- Payment data — where applicable, billing information processed through secure third-party payment processors
- Technical data — IP address, browser type and version, operating system, device identifiers
- Usage data — pages visited, time spent on pages, links clicked, referring URLs
- Cookie data — session and preference cookies as described in our Cookie Policy
- Member state organisations and partner institutions may share delegate information for event coordination purposes
- Publicly available information such as professional profiles relevant to EACO's mandate
3. How We Use Your Information
We use personal information collected only for legitimate purposes and in accordance with applicable data protection laws. Our lawful bases for processing include consent, performance of a contract, compliance with a legal obligation, and our legitimate interests in operating as an inter-governmental organisation.
- To register and administer your participation in EACO conferences, workshops, board meetings and assemblies
- To communicate with you about events, publications, decisions and regulatory developments relevant to EACO's mandate
- To respond to your enquiries, requests, or complaints
- To produce official conference reports, communiqués and documentation (which may include your name and title as a participant)
- To maintain membership records and track member state obligations
- To improve our website, services and communications based on usage analytics
- To comply with legal obligations under applicable inter-governmental frameworks and national laws of member states
- To detect and prevent fraud, security incidents, and misuse of our services
We do not use your personal information for automated decision-making or profiling that produces legal or similarly significant effects.
4. Sharing of Information
EACO does not sell, rent, or trade your personal information to third parties for commercial purposes. We may share information in the following limited circumstances:
Participant lists and attendance records may be shared with member state regulatory authorities and ministries for inter-governmental coordination and record-keeping.
We engage trusted third-party service providers for website hosting, event management platforms, email delivery, and payment processing. These providers are contractually bound to process data only on our instructions and maintain appropriate security measures.
Where events are co-hosted with international organisations such as ITU, African Union bodies, or development partners, relevant participant information may be shared with co-organising parties solely for event administration purposes.
We may disclose information where required by applicable law, court order, or governmental authority, or where necessary to protect the rights, property or safety of EACO, its staff, members, or the public.
Conference reports, communiqués and official EACO publications may include names, titles and institutional affiliations of participating delegates. Such publications are considered part of EACO's public record and inter-governmental documentation.
5. Data Retention
We retain personal information for as long as necessary to fulfil the purposes for which it was collected, or as required by law or our inter-governmental obligations. Our general retention periods are as follows:
| Data Category | Retention Period |
|---|---|
| Event registration records | 5 years from the date of the event |
| Official correspondence and communications | 7 years |
| Conference reports and official publications | Permanently, as part of EACO's institutional record |
| Website usage and analytics data | 13 months from collection |
| Cookie data | As specified in our Cookie Policy (typically up to 12 months) |
| Payment records | 7 years in accordance with financial regulations |
When personal data is no longer required, we securely delete or anonymise it in accordance with our data management procedures.
6. Your Rights
Subject to applicable law and our inter-governmental obligations, you may have the following rights in relation to your personal information:
To exercise any of these rights, please contact us using the details in the Contact section below. We will respond within 30 days. Note that certain rights may be limited where processing is required to fulfil our inter-governmental obligations or comply with applicable legal requirements.
7. Security
EACO implements appropriate technical and organisational measures to protect your personal information against accidental loss, unauthorised access, disclosure, alteration, or destruction. These measures include:
- Encryption of data in transit using TLS/SSL protocols
- Access controls limiting data access to authorised personnel only
- Regular security assessments of our systems and service providers
- Staff training on data protection obligations and information security
- Incident response procedures to address potential data breaches
While we take reasonable precautions, no method of internet transmission or electronic storage is completely secure. We cannot guarantee absolute security of information transmitted to or from our website.
8. Cookies
Our website uses cookies and similar technologies to enhance functionality, analyse traffic, and remember your preferences. We use the following categories of cookies:
Essential for the website to function. These cannot be disabled as they enable core features such as security and accessibility.
Help us understand how visitors interact with our website by collecting anonymised usage data. We use this information to improve our content and services.
Remember your settings such as language preferences and region to personalise your experience.
You can control cookie settings through your browser preferences. Disabling certain cookies may affect the functionality of our website.
9. Third-Party Links
Our website may contain links to external websites operated by member state organisations, partner institutions, international bodies and other third parties. This Privacy Policy does not apply to those external sites. We encourage you to review the privacy policies of any third-party websites you visit.
EACO is not responsible for the privacy practices or content of external websites, even where we have provided a link to them.
10. International Transfers
As an inter-governmental organisation serving all seven East African Community member states — Burundi, Democratic Republic of Congo, Kenya, Rwanda, South Sudan, Tanzania, and Uganda — personal information may be transferred between member states and our secretariat in Uganda for legitimate EACO purposes.
Where information is transferred to international partners or service providers outside East Africa, we take appropriate steps to ensure adequate protection through contractual safeguards or other lawful transfer mechanisms.
11. Children's Privacy
Our website and services are not directed at or intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, please contact us immediately and we will take steps to delete it.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, applicable laws, or regulatory requirements. The revised Policy will be posted on this page with an updated effective date. Where changes are material, we will provide prominent notice on our website.
We encourage you to review this Policy periodically. Your continued use of our website and services after the posting of changes constitutes acceptance of the revised Policy.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please contact the EACO Secretariat: