Privacy Policy - ZimNGOs.Org

Privacy Policy

Last Updated: November 15, 2025
Quick links Introduction 1. Information We Collect 2. How We Use Your Information 3. Sharing Your Information 4. Cookies & Tracking 5. Data Security 6. Your Rights 7. Third-Party Links 8. International Transfers 9. Retention 10. Changes & Contact

ZimNGOs.Org ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website zimngos.org (the "Site"), use our services (the "Services"), or interact with us in other ways. By using the Site or Services, you consent to the practices described in this policy.

This Policy complies with the Data Protection Act [Chapter 12:28] of 2021 ("DPA") of Zimbabwe and aligns with international standards where applicable (e.g., GDPR for cross-border flows).

Note: We may update this Privacy Policy. We will post the revised date on this page and notify registered users where appropriate. Continued use after updates means you accept the changes.

1. Information We Collect

Personal Data

  • Personally Identifiable Information: name, email, phone, mailing address, national ID number and other data you provide (e.g., when applying for jobs or registering).
  • Job-Related Data: CVs, cover letters, work history, education, skills, references.
  • Payment Information: billing details for premium services (processed securely via third-party gateways such as Stripe or PayPal).

Demographic & Usage Data

  • Automatically Collected: IP address, browser type, device info, referring URLs, pages viewed and timestamps (using cookies and analytics).
  • User-Generated Content: comments, reviews, messages or other content you submit.

We do not knowingly collect personal information from children under 18. If discovered, such data will be deleted promptly.

2. How We Use Your Information

We process your information under lawful bases such as consent, contract performance, or legal obligation. Use cases include:

  • Facilitating job searches, applications and employer–candidate matching.
  • Personalising recommendations and job alerts.
  • Sending newsletters and promotional emails (with opt-out).
  • Processing payments and managing subscriptions.
  • Analysing site usage to improve functionality and security.
  • Meeting legal obligations (taxes, anti-money-laundering, etc.).

Automated decisions (e.g., job matching) will include human oversight where required by law.

3. Sharing Your Information

We do not sell your personal data. We may share information only in limited, controlled circumstances:

  • Service Providers: trusted third parties (email providers, payment processors, hosting) under data processing agreements.
  • Employers/Recruiters: when you apply for a job (with your consent).
  • Business Transfers: merger or sale events, subject to legal safeguards.
  • Legal Requirements: to comply with court orders or law enforcement requests.
  • Aggregated Data: anonymized analytics used for research or product improvements.

4. Cookies and Tracking Technologies

We use cookies, web beacons and similar technologies to:

  • Remember preferences and login status;
  • Analyze traffic (e.g., Google Analytics with IP anonymisation);
  • Serve targeted ads (with opt-out options).

You can manage cookies through your browser settings. A cookie consent banner appears on first visit. Disabling cookies may limit some site features.

5. Data Security

We implement reasonable safeguards (administrative, technical and physical) in line with the DPA — such as encryption (AES-256 where appropriate), secure servers, firewalls and regular security audits. We perform Data Protection Impact Assessments for high-risk processing.

In the event of a breach, affected users and the Information and Data Protection Commission (IDPC) will be notified within 72 hours where required.

6. Your Data Protection Rights

Under the DPA (and GDPR where applicable), you have rights including:

  • Access — request a copy of your data;
  • Rectification — correct inaccurate data;
  • Erasure — request deletion when lawful;
  • Restriction — limit processing in certain cases;
  • Portability — receive data in a machine-readable format;
  • Objection — oppose direct marketing processing;
  • Withdraw Consent — at any time.

To exercise these rights, contact: privacy@zimngos.org. We will respond within 30 days where possible.

7. Third-Party Links

Our Site may link to third-party websites. We are not responsible for their privacy practices. Review their policies before sharing personal information.

8. International Data Transfers

Data is processed primarily in Zimbabwe. Where transfers outside Zimbabwe occur (e.g., cloud services), we apply safeguards such as Standard Contractual Clauses, binding corporate rules or other legal mechanisms in accordance with the DPA.

9. Retention of Information

We retain personal data only as long as necessary for the purpose collected or as required by law. Examples:

  • Inactive jobseeker profiles: retained for 2 years (unless you request deletion).

When retention periods expire, data will be securely deleted or anonymized.

10. Changes to This Privacy Policy & Contact

We may update this Policy. We will notify users of material changes and update the “Last Updated” date. Continued use after updates indicates acceptance.

This policy is provided for informational purposes and does not constitute legal advice. For legal guidance specific to your organisation, consult a qualified attorney or data protection professional.

Contact us