Privacy Policy

Institute for Church Integrity & Governance (ICIG) ("ICIG", "we", "our", or "us") is committed to protecting the privacy of individuals who interact with our website and services. This Privacy Policy explains what personal information we collect, how we use it, with whom we share it, and what rights you have in relation to it.

This policy applies to personal information collected through our website at icig.ngo and through any consultation request forms or direct correspondence with our team.

We collect personal information in the following ways:

• Consultation Request Form: When you submit a consultation request, we collect your full name, organization name, role, email address, country, and the message you provide.
• Direct Email Correspondence: If you contact us directly by email, we retain the content of that correspondence and your contact details.
• Website Analytics: We may collect anonymized usage data (such as page views and session duration) through privacy-respecting analytics tools. This data does not identify you personally.

We use the personal information you provide to:

• Respond to your consultation request and communicate with you about our services
• Assess your governance and training needs
• Send you relevant information about ICIG programmes and resources, where you have consented
• Comply with our legal obligations

We do not use your personal information for automated decision-making or profiling.

Where applicable under the General Data Protection Regulation (GDPR) or the Protection of Personal Information Act (POPIA), our legal bases for processing your personal information are:

• Legitimate interests: Processing your consultation request and responding to enquiries is necessary for our legitimate interests in providing advisory and training services.
• Consent: Where we send you information about our programmes beyond your initial enquiry, we rely on your consent, which you may withdraw at any time.
• Legal obligation: Where required by applicable law.

We do not sell, rent, or trade your personal information. We may share it with:

• Service providers: We use Resend (resend.com) to deliver email notifications of consultation requests. Resend processes your data on our behalf and is bound by appropriate data processing agreements.
• Legal authorities: Where required by law or to protect the rights, property, or safety of ICIG, our clients, or others.

We retain personal information collected through consultation requests for as long as necessary to fulfil the purposes described in this policy, or as required by applicable law. Enquiries that do not result in an engagement are typically retained for no longer than 24 months. You may request deletion of your data at any time (see Section 8).

We take reasonable technical and organisational measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. Our website uses HTTPS encryption for all data in transit. Access to personal information is restricted to authorised ICIG personnel who need it to perform their duties.

Depending on your jurisdiction, you may have the following rights in relation to your personal information:

• Access: Request a copy of the personal information we hold about you
• Rectification: Request correction of inaccurate or incomplete information
• Erasure: Request deletion of your personal information
• Restriction: Request that we restrict processing of your information
• Portability: Receive your information in a structured, machine-readable format
• Objection: Object to processing based on legitimate interests

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

Our website may use essential cookies required for the site to function correctly (such as session management). We do not use tracking or advertising cookies. Analytics data, where collected, is anonymised and does not use cookies that identify you personally.

ICIG operates internationally. If you are located in the European Economic Area (EEA) or South Africa, your personal information may be transferred to and processed in countries outside your jurisdiction. Where such transfers occur, we ensure appropriate safeguards are in place in accordance with applicable law.

We may update this Privacy Policy from time to time. The date at the top of this page reflects when it was last revised. We encourage you to review this policy periodically. Continued use of our website after changes are posted constitutes your acceptance of the revised policy.

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: