Yes! Invest in Africa (“we,” “our,” or “us”) is committed to protecting personal data and ensuring swift, transparent, and compliant responses in the event of a data breach. This policy outlines the procedures we follow to detect, report, and remediate breaches in accordance with GDPR, CCPA, and international standards.
Definition of Data Breach
A data breach is any incident leading to unauthorized access, disclosure, alteration, or destruction of personal data, whether accidental or deliberate.
Detection & Identification
- Continuous monitoring systems are in place to detect unusual activity.
- Employees and partners are required to report suspected breaches immediately to the Data Protection Officer (DPO).
Containment & Assessment
- Immediate steps are taken to contain the breach and prevent further unauthorized access.
- An internal investigation is conducted to assess scope, impact, and affected data categories.
Notification Obligations
- GDPR: Supervisory authorities will be notified within 72 hours of discovery, where required.
- CCPA: California residents will be notified promptly if their personal data is compromised.
- Users: Individuals affected will be informed of the breach, its nature, and recommended protective measures.
Remediation Measures
- Compromised systems are secured and vulnerabilities addressed.
- Technical and organizational safeguards are reviewed and strengthened.
- Training and awareness programs are reinforced to prevent recurrence.
Documentation
All breaches are documented, including facts, effects, and remedial actions, to ensure accountability and compliance.
Review & Updates
This policy will be reviewed regularly and updated to reflect evolving legal requirements and best practices.
Contact Us
For questions regarding this Data Breach Response Policy, please contact us via our website or official communication channels.
