Data Protection and Privacy Policy

BACCHHO–PALIVI Club Data Protection and Privacy Policy

This policy explains how BACCHHO and PALIVI Club collect, use, store, protect, share, publish, retain, and dispose of personal data. It protects learners, parents, guardians, schools, teachers, coordinators, sponsors, ambassadors, volunteers, custodians, partners, and community participants. It ensures that personal data is handled lawfully, responsibly, transparently, securely, and only for approved programme purposes.

BACCHHO is a learning and stewardship pathway. PALIVI Club is a long-term membership community of stewards and custodians. The programme may collect personal data for registration, participation, consent, safeguarding, digital access, evidence submission, registry management, verification, recognition, reporting, sponsor accountability, programme improvement, and lawful administration. All personal data must be handled with care. Children’s data must receive higher protection. Public recognition must not expose unnecessary personal information. No data may be collected, shared, sold, published, transferred, or used outside approved programme purposes.

This policy applies to: Learners. Parents and guardians. Schools. Headteachers. Teacher patrons. Programme coordinators. Reading Cell leaders. School chapters. Community chapters. PALIVI Club members. Sponsors. Alumni supporters. Ambassadors. Volunteers. Custodians and stewards. Trainers and facilitators. Institutional partners. Programme staff and administrators. Digital platform users. Any person whose data is collected, stored, processed, reported, or published by the programme.

Personal data means any information that can identify a person directly or indirectly. Personal data may include: Full name. Date of birth. Age. Gender where required. School or institution. Class or level of study. Parent or guardian details. Phone number. Email address. Home district or community. Identification number where lawfully required. Participant identification number. Registration records. Attendance records. Reading Cell records. Assessment records. Certificates and badges. Honour, Legacy, and Impact Points. Photographs. Videos. Audio recordings. Testimonies. Signature. Payment or contribution reference. Sponsor records. Symbolic stewardship asset records. GPS or location records where applicable. Health or emergency information where required for safeguarding. Complaint or incident records. Digital platform login or usage records.

Sensitive data means personal data that requires higher protection because misuse may expose a person to harm, discrimination, embarrassment, exploitation, or risk. Sensitive data may include: Child data. Health information. Disability information. Safeguarding reports. Incident reports. Complaint records. Family hardship information. Financial vulnerability information. Identification documents. Precise home location. Private family circumstances. Disciplinary records. Images or videos of children. Data relating to abuse, harm, or exploitation. Sensitive data shall be collected only where necessary and must be strictly protected.

BACCHHO and PALIVI Club shall follow these principles: Lawful purpose Data shall be collected and used only for legitimate programme purposes. Transparency Participants, parents, schools, sponsors, and partners shall be informed why data is collected and how it will be used. Data minimisation Only necessary data shall be collected. Accuracy Data shall be kept accurate and updated where required. Security Data shall be protected against unauthorised access, loss, misuse, alteration, disclosure, or destruction. Limited access Personal data shall be accessed only by authorised persons. Limited use Data shall not be used for unrelated purposes without proper authority and consent where required. Privacy by default Public reports and verification systems shall use the minimum personal information necessary. Child protection Children’s data shall be treated with special care. Accountability Data handling decisions shall be documented and reviewable.

The programme may collect the following categories of data: 8.1 Registration Data This may include participant name, school, class, age, parent or guardian details, contact information, Reading Cell, chapter, and registration date. 8.2 Consent Data This may include parent or guardian consent, learner assent where applicable, media consent, travel consent, practical activity consent, and data use consent. 8.3 Participation Data This may include attendance, reading records, discussion records, reflection notes, translation outputs, role-play records, planning submissions, and evidence submissions. 8.4 Recognition Data This may include certificates, badges, Honour Points, Legacy Points, Impact Points, awards, symbolic stewardship asset records, and registry status. 8.5 Digital Access Data This may include login details, access records, digital downloads, platform usage, learner IDs, and digital evidence submissions. 8.6 Payment and Contribution Data This may include contribution amount, payment date, purpose of payment, transaction reference, sponsor details, school supported, learner supported, and receipt records. 8.7 Sponsor Data This may include sponsor name, contact information, contribution records, sponsored participant or chapter, sponsor reporting preferences, and recognition records. 8.8 Safeguarding Data This may include incident reports, complaint records, risk reports, action taken, escalation records, and child protection records. 8.9 Media Data This may include photographs, videos, audio recordings, interviews, quotes, testimonies, event records, and publication approvals. 8.10 Asset Registration Data This may include symbolic plant records, stewardship asset records, location records, photos, registry numbers, responsible custodian, and maintenance records.

Personal data may be collected and used for: Registering participants. Registering schools. Registering Reading Cells. Registering chapters. Registering PALIVI Club members. Confirming parent or guardian consent. Providing digital reading access. Managing approved learning materials. Supporting Reading Cell participation. Recording attendance. Receiving evidence submissions. Reviewing participation. Verifying activity. Issuing certificates. Issuing digital badges. Recording Honour, Legacy, and Impact Points. Registering symbolic stewardship assets. Preparing sponsor reports. Supporting school reports. Managing participation contributions. Safeguarding children and vulnerable persons. Handling complaints and incidents. Communicating with participants, parents, schools, and partners. Monitoring programme performance. Improving programme delivery. Protecting intellectual property. Preventing fraud and misrepresentation. Supporting lawful institutional reporting. Supporting research or validation where approved and safeguarded. Meeting legal, regulatory, or institutional obligations.

The programme shall avoid collecting unnecessary personal data. The following data should not be collected unless clearly required, justified, authorised, and protected: National identification documents. Detailed home addresses. Precise GPS location of a child’s home. Health information. Disability information. Family income information. Religious affiliation. Political affiliation. Ethnic identity. Biometric information. Private family circumstances. Sensitive disciplinary records. Personal social media passwords. Bank details of minors. Any data unrelated to programme purposes.

Personal data shall be collected on a lawful and legitimate basis. Where consent is required, consent must be: Informed. Specific. Freely given. Recorded. Capable of being withdrawn where applicable. For children, parent or guardian consent is required for: Participation. Collection of personal data. Media use. Public recognition involving personal information. Symbolic asset registration involving identifiable child data. Practical learning activities where required. Travel or benchmarking. Publication of learner work with personal identification. Sponsor reports containing identifiable child information. Consent does not remove the programme’s duty to protect the child.

Children’s data shall be protected with special care. The programme shall ensure that: Children’s personal data is collected only where necessary. Parent or guardian consent is obtained where required. Public records avoid unnecessary child identification. Children’s photos and videos are not published without consent. Sponsor reports do not expose children to risk. Exact home locations are not published. Children are not directly contacted by unauthorised adults. Children’s data is not used for political, commercial, or exploitative purposes. Digital platforms used by children are supervised and secure. Safeguarding records involving children are treated as strictly confidential.

Data may be collected through: Registration forms. Consent forms. School records. Reading Cell forms. Digital registration portals. Website forms. Parent or guardian forms. Sponsor forms. Evidence submission forms. Attendance logs. Assessment forms. Media consent forms. Symbolic asset registration forms. Payment records. Email communication. Approved messaging channels. School reports. Community chapter reports. Complaints and incident reports. Approved partner reporting tools. Data shall be collected through approved channels only.

The programme shall take reasonable steps to ensure that personal data is accurate and up to date. Participants, parents, schools, sponsors, and partners should notify the programme of changes to relevant information, including: Contact details. School or institution. Parent or guardian details. Consent status. Participation status. Sponsor support records. Recognition records. Chapter membership. Safeguarding-relevant information. Incorrect data shall be corrected when identified.

Personal data may be stored in: Secure digital databases. Password-protected files. Approved cloud storage. Programme registry systems. School-controlled records. Secure physical files. Approved evidence folders. Approved digital platforms. Backup systems. Restricted-access administrative records. Physical records must be stored in secure locations. Digital records must be protected by appropriate access controls.

The programme shall apply appropriate security measures, including: Password protection. Access restrictions. Secure storage. Staff and coordinator confidentiality obligations. Restricted access to child data. Restricted access to safeguarding records. Secure backup where appropriate. Use of approved communication channels. Avoidance of unnecessary data duplication. Protection against unauthorised downloads. Secure disposal of obsolete records. Review of data access permissions. Incident response for data breaches.

Personal data shall be accessed only by authorised persons who need the data for approved programme purposes. Authorised persons may include: Programme administrators. School coordinators. Teacher patrons. Headteachers. Safeguarding focal persons. Registry administrators. Verification officers. Approved partner administrators. Sponsor reporting officers. Technical support personnel where necessary. Access shall be limited according to role. No person shall access personal data out of curiosity, personal interest, private advantage, political interest, commercial interest, or unauthorised purpose.

All persons handling programme data must maintain confidentiality. Confidentiality applies to: Child data. Parent and guardian records. Payment records. Sponsor records. School reports. Assessment records. Safeguarding reports. Complaint records. Incident records. Unpublished evidence records. Private correspondence. Internal programme decisions. Confidential information shall not be disclosed to unauthorised persons.

Personal data may be shared only where lawful, necessary, authorised, and consistent with this policy. Data may be shared with: Participating schools for programme administration. Parents or guardians for child participation. Programme administrators for registration and verification. Safeguarding authorities where required. Institutional partners where approved and necessary. Sponsors in limited, privacy-protected reports. Technical service providers supporting approved systems. Government or regulatory bodies where lawfully required. Research or validation partners where approved and safeguarded. Data sharing must be limited to the minimum necessary information.

The following data must not be shared publicly: Child home addresses. Child phone numbers. Parent or guardian private contacts. Identification documents. Health details. Disability details unless consented and necessary. Safeguarding reports. Complaint records. Incident reports. Financial vulnerability information. Private family circumstances. Passwords or login details. Detailed payment records. Sensitive school records. Any data that could expose a child or vulnerable person to harm.

Sponsors may receive reports on supported activities. Sponsor reports may include: Number of learners supported. Number of Reading Cells supported. School or chapter supported. Materials provided. Digital access enabled. Activities completed. Recognition issued. Photos where consent is granted. General progress summaries. Non-sensitive evidence outputs. Symbolic asset records where approved. Sponsor reports must not expose children to risk. Sponsors shall not receive private child contact details, home addresses, private family information, safeguarding records, or sensitive personal data.

The programme may maintain a public or semi-public verification system for certificates, badges, recognition records, participation status, symbolic stewardship assets, and chapter records. Public verification shall use minimal information. A public record may include: Participant ID. First name or initials where appropriate. School or chapter name where appropriate. Recognition type. Certificate number. Badge status. Participation category. Symbolic asset reference where approved. Verification status. Date of recognition. Public records for children must avoid unnecessary full names, personal contact details, home locations, and sensitive information.

Photographs, videos, audio recordings, interviews, quotes, and testimonies are personal data where a person can be identified. Media data shall be collected and used only with appropriate consent. Media use must state: Who is being recorded. Purpose of recording. Where the media may be used. Duration of use where applicable. Whether names will be shown. Whether school or chapter will be identified. Whether sponsors or partners may receive the media. How consent may be withdrawn where applicable. Media involving children must comply with the Child Safeguarding Policy.

Photographs and videos may be used for: Evidence of participation. Recognition. Sponsor reporting. School reporting. Community knowledge transfer. Programme documentation. Approved publicity. Training materials. Digital learning assets. Institutional reporting. Photos and videos shall not be used for: Political promotion. Exploitative fundraising. Public embarrassment. Misleading claims. Commercial use outside approved terms. Unauthorised sponsor marketing. Any use that exposes children or vulnerable persons to risk.

The programme may operate websites, portals, dashboards, registries, learning platforms, or digital communication channels. Digital platform data may include: User registration. Login information. Access records. Download records. Evidence submissions. Certificate records. Badge records. Payment references. Communication records. Technical logs. Digital platforms must be managed securely and accessed only by authorised users. Users must not share passwords or access credentials.

The programme may communicate through email, phone, approved messaging platforms, school notices, digital portals, or official letters. Communication records may be retained for: Programme administration. Consent confirmation. Evidence follow-up. Safeguarding. Sponsor reporting. Dispute resolution. Institutional accountability. Audit and verification. Private communication involving children must be supervised and consistent with safeguarding rules.

Data may be used for research, academic validation, programme review, monitoring, or institutional reporting only where approved and safeguarded. Research use shall require: Clear purpose. Institutional approval where required. Ethical review where required. Parent or guardian consent where children are involved and required. Data minimisation. Anonymisation or pseudonymisation where possible. Secure storage. Restricted access. No unnecessary publication of identifiable data. Compliance with applicable law and institutional requirements. No participant shall be exposed to harm through research or validation activities.

Personal data shall be retained only for as long as necessary for approved programme purposes. Retention periods may depend on: Registration requirements. Participation history. Certificate verification. Badge verification. Recognition records. Sponsor reporting. Safeguarding obligations. Legal obligations. Financial record requirements. Research or validation requirements. Institutional reporting. Programme continuity. Data that is no longer needed shall be securely deleted, anonymised, archived, or destroyed according to approved procedures.

Data disposal shall be secure. Digital records may be deleted, anonymised, or archived. Physical records may be shredded, securely destroyed, or archived. Obsolete records shall not be left in open files, personal phones, public computers, unsecured drives, or uncontrolled storage. Safeguarding records shall be disposed of only under authorised procedures.

A person whose data is held by the programme may request, subject to lawful limits: Confirmation that their data is held. Access to their personal data. Correction of inaccurate data. Withdrawal of consent where applicable. Restriction of unnecessary processing. Deletion of data where lawful and appropriate. Information about how their data is used. Information about who has access to their data. Review of public recognition records. Removal of unauthorised media where applicable. Requests involving children should be handled through parents, guardians, schools, and safeguarding channels where appropriate.

Consent may be withdrawn where processing depends on consent. Withdrawal of consent may affect: Media publication. Public recognition. Sponsor reports containing identifiable information. Participation in certain activities. Travel. Symbolic asset registration involving identifiable data. Publication of learner outputs. Withdrawal of consent does not automatically erase lawful records already required for administration, safeguarding, verification, legal compliance, or financial accountability.

A data breach occurs when personal data is lost, accessed, disclosed, altered, copied, destroyed, published, or used without authorisation. A data breach may include: Lost registration forms. Stolen devices. Unauthorised access to digital records. Sharing learner data with unauthorised persons. Publishing photos without consent. Sending records to the wrong recipient. Hacked platform accounts. Exposed passwords. Unauthorised sponsor access. Public posting of sensitive records.

Where a data breach is suspected or confirmed, the responsible person shall: Record the breach. Secure the affected data. Stop further unauthorised access. Notify programme leadership. Notify the school where relevant. Notify the parent or guardian where a child is affected and required. Assess risk of harm. Recover or remove exposed data where possible. Change passwords or access controls where needed. Report to relevant authorities where required by law. Review and correct the weakness that caused the breach. Keep a record of action taken.

Personal phones, laptops, cameras, or storage devices may create data protection risk. Any person using a personal device for programme activity shall: Protect the device with a password. Avoid storing unnecessary child data. Avoid forwarding records to unauthorised persons. Delete unauthorised copies when no longer needed. Avoid uploading learner data to personal social media. Avoid storing safeguarding records on personal devices unless authorised. Report loss or theft of the device where programme data is involved. Transfer official records to approved programme storage where required.

Messaging groups may be used for coordination only where properly managed. Messaging groups involving learners must: Be approved by the school or programme. Include responsible adult supervision. Avoid sharing sensitive child data. Avoid public posting of payment details. Avoid unauthorised media sharing. Avoid political, abusive, sexual, discriminatory, or unsafe content. Avoid private adult-child messaging outside approved channels. Be moderated by responsible adults. Respect school rules and safeguarding requirements.

The programme may use third-party service providers for digital platforms, hosting, payment processing, communication, printing, certificate systems, or data storage. Service providers shall be selected with attention to data security, confidentiality, lawful use, reliability, and access control. Where appropriate, service providers must agree to: Use data only for approved purposes. Protect personal data. Restrict unauthorised access. Avoid selling or misusing data. Report security incidents. Delete or return data when no longer required. Comply with applicable data protection obligations.

Where data is shared across countries for programme coordination, institutional collaboration, sponsor reporting, benchmarking, digital hosting, or research, the programme shall apply appropriate safeguards. Cross-border sharing shall require: Clear purpose. Minimum necessary data. Consent where required. Protection of child data. Secure transfer method. Restricted recipient access. Compliance with applicable law. No unnecessary publication of identifiable personal data.

The programme may designate responsible persons for data protection. These may include: Programme data protection lead. School data contact person. Registry administrator. Safeguarding data officer. Sponsor reporting officer. Digital platform administrator. Records officer. Partner data liaison. Each role shall access only the data necessary for assigned duties.

Programme leadership shall: Enforce this policy. Approve data collection tools. Maintain secure data systems. Define access controls. Train coordinators and administrators. Protect child data. Respond to data breaches. Review data-sharing arrangements. Approve public registry rules. Ensure data protection is built into programme design. Review complaints relating to privacy. Ensure alignment with safeguarding requirements.

Participating schools shall: Collect only necessary data. Secure learner records. Obtain parent or guardian consent where required. Protect media records. Restrict access to learner data. Submit data through approved channels. Avoid public sharing of sensitive data. Report data breaches. Maintain accurate participation records. Follow school data protection rules. Protect records held by coordinators and teacher patrons. Ensure sponsor reporting respects learner privacy.

Parents and guardians shall: Provide accurate information. Review consent forms carefully. Update relevant contact or consent information. Report concerns about data misuse. Protect children’s privacy. Avoid unnecessary sharing of children’s private records. Guide children on safe digital behaviour. Understand how learner data may be used for participation, evidence, recognition, and safeguarding.

Participants shall: Provide accurate registration information. Use digital systems responsibly. Protect login details. Respect other participants’ privacy. Avoid sharing photos or videos without permission. Avoid posting private programme records publicly. Report data errors or misuse. Submit evidence honestly. Avoid using another participant’s identity or records. Follow digital conduct and safeguarding rules.

Sponsors shall: Respect participant privacy. Accept privacy-protected reports. Avoid requesting unnecessary personal data. Avoid direct unsupervised contact with children. Avoid publishing participant information without approval. Protect any reports received. Avoid using programme data for unrelated marketing, political, or commercial purposes. Report any accidental disclosure of programme data.

Coordinators and custodians shall: Keep records securely. Submit data through approved channels. Protect learner information. Verify data before submission. Avoid unauthorised data sharing. Use media only with consent. Maintain confidentiality. Report breaches. Correct inaccurate records. Follow safeguarding rules. Protect registry and evidence records. Avoid storing unnecessary data on personal devices.

The following practices are prohibited: Selling personal data. Sharing child data with unauthorised persons. Publishing learner records without consent. Publishing photos or videos without consent. Collecting unnecessary sensitive data. Using learner data for political promotion. Using sponsor data for unrelated marketing without permission. Sharing payment records publicly. Sending records through insecure channels where avoidable. Storing data in uncontrolled personal devices without protection. Allowing sponsors direct access to children’s private data. Publishing exact home locations of children. Uploading full participant lists publicly without approval. Using data to harass, discriminate, pressure, or exploit participants. Keeping data longer than necessary without justification.

A person may submit a complaint or request where they believe: Their data is inaccurate. Their data was collected without proper authority. Their data was shared improperly. Their photo or video was used without consent. Their child’s data was exposed. They are receiving unwanted communication. Sponsor reports exposed private information. Public registry information is excessive or incorrect. A data breach occurred. Their data should be corrected, restricted, or removed where lawful. Complaints and requests shall be recorded, reviewed, and resolved within a reasonable period.

Data shall not be used to create false financial expectations. Personal data, certificates, badges, points, symbolic asset records, participation records, sponsor records, or registry entries must not be used to suggest that a participant has guaranteed rights to jobs, scholarships, assets, profits, dividends, land, markets, loans, grants, travel, or investment returns. Public records must remain consistent with the Non-Investment Safeguard Statement.

Recognition records must protect privacy. Recognition may include certificates, badges, points, public appreciation, awards, symbolic asset registration, or registry verification. Where recognition involves children, the programme shall: Obtain consent where required. Avoid publishing unnecessary full personal details. Avoid exposing private family information. Avoid public ranking that humiliates children. Avoid sponsor-controlled publicity. Avoid publishing exact home locations. Use participant IDs where appropriate. Remove or restrict recognition data where justified.

Symbolic stewardship asset registration may involve personal data, location data, photos, and recognition records. The programme shall ensure that: Personal data is limited. Consent is obtained where required. Child data is protected. Location data is not excessive. Public records avoid unnecessary personal details. Asset records are not presented as financial ownership records unless lawful written terms expressly provide otherwise. Sponsor reports do not expose private information. Registry access is controlled.

Practical learning records may include attendance, photos, site records, activity reports, participant outputs, and safety records. Such data shall be collected only for: Evidence. Safety. Recognition. Reporting. Verification. Programme improvement. Sponsor accountability where applicable. Institutional review where approved. Practical learning data shall not expose participants to unsafe publicity, land disputes, sponsor pressure, or false ownership claims.

Persons handling data shall receive basic data protection orientation. Training may cover: Meaning of personal data. Child data protection. Consent. Safe storage. Secure sharing. Media rules. Sponsor reporting limits. Registry privacy. Breach reporting. Confidentiality. Use of personal devices. Safeguarding links. Non-investment communication.

The programme shall periodically review data protection practices. Review may consider: Data collected. Data storage systems. Access permissions. Data breaches. Consent forms. Sponsor reports. Public registry records. Media use. School data practices. Digital platform security. Safeguarding records. Legal compliance. Complaints received. Corrective actions taken.

A breach of this policy may result in: Warning. Correction notice. Restricted access to data. Removal from data-handling duties. Suspension of programme role. Suspension of school or chapter participation. Withdrawal of sponsor or ambassador privileges. Deletion or correction of improperly published data. Reporting to school or institutional authorities. Reporting to regulatory or legal authorities where required. Legal action where necessary.

The following statement shall be included in relevant registration, consent, contribution, sponsor, and evidence forms: BACCHHO and PALIVI Club collect personal data only for approved programme purposes, including registration, participation, consent, safeguarding, evidence, verification, recognition, reporting, digital access, and programme administration. Personal data will be protected and will not be sold or used for unauthorised purposes. Children’s data will receive special protection. Public verification and recognition will use limited information. Participation records do not create automatic rights to jobs, scholarships, assets, profits, dividends, ownership, markets, travel, loans, grants, or investment returns.

The following short statement shall be included on relevant website pages: We collect only the data needed to register, support, verify, recognise, safeguard, and administer BACCHHO and PALIVI Club participation. We protect personal data, limit public disclosure, and give special protection to children’s data. We do not sell participant data.

All BACCHHO and PALIVI Club participants, schools, coordinators, sponsors, ambassadors, custodians, partners, administrators, and service providers must comply with this Data Protection and Privacy Policy. Where any verbal statement, form, school practice, sponsor request, digital process, media activity, registry entry, report, or local arrangement conflicts with this policy, this policy shall prevail unless formally amended by authorised programme leadership following data protection and safeguarding review.

BACCHHO and PALIVI Club require data to organise learning, evidence, recognition, safeguarding, registry verification, sponsor accountability, and programme continuity. Data must be handled with discipline, care, privacy, security, and lawful purpose. The programme shall protect personal data, give special protection to children, limit public disclosure, prevent misuse, and maintain trust among learners, parents, schools, sponsors, partners, and communities.