Privacy Policy

1. Introduction

BongoHive Consult ("Company", "we", "us", or "our") operates the IdeaSpring platform ("Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Personal Information

We collect personal information that you voluntarily provide when you:

• Register for an account
• Submit applications to programs
• Create or manage innovation programs
• Contact us for support

This may include:

• Identity Data: Name, username, profile picture
• Contact Data: Email address, phone number
• Professional Data: Job title, organization name, professional background
• Account Data: Password (encrypted), account preferences

2.2 Application and Submission Data

When you submit applications to innovation programs, we collect:

• Application content and attachments
• Form responses and supporting documents
• Evaluation scores and feedback (if you are an evaluator)
• Comments and discussions

2.3 Usage Data

We automatically collect certain information when you access the Service:

• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, pages viewed, referring URLs
• Analytics Data: Feature usage, interaction patterns, session duration

2.4 Information from Third Parties

We may receive information from third-party services you connect to your account:

• Google OAuth: Name, email address, profile picture (with your consent)
• Organization Administrators: Your organization may provide information when adding you to their tenant

3. How We Use Your Information

3.1 Provide and Maintain the Service

• Create and manage your account
• Process applications and submissions
• Enable program management and evaluation workflows
• Facilitate collaboration between users

3.2 Improve and Personalize the Service

• Analyze usage patterns to improve features
• Customize your experience based on preferences
• Develop new features and functionality

3.3 Communicate With You

• Send account-related notifications
• Provide program updates and deadline reminders
• Respond to support requests
• Send promotional communications (with your consent)

3.4 Ensure Security and Compliance

• Detect and prevent fraud or abuse
• Enforce our Terms of Service
• Comply with legal obligations

4. Multi-Tenant Data Handling

4.1 Tenant Isolation

IdeaSpring is a multi-tenant platform. Each organization (tenant) has logically isolated data:

• Your organization's data is separated from other organizations
• Only authorized users within your organization can access your tenant's data
• Platform administrators do not access tenant data except for support or legal compliance

4.2 Cross-Tenant Data

Some data may be visible across tenants:

• Public Programs: Program details, descriptions, and application forms
• Public Profiles: Basic profile information for public program participants
• Aggregated Statistics: Anonymous platform-wide metrics

4.3 Data Portability

Organization administrators can request export of their tenant's data. Individual users can request export of their personal data.

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

5.1 With Your Organization

If you are part of an organization's tenant, administrators may access:

• Your profile information
• Your activity within the organization's programs
• Applications and submissions to organization programs

5.2 With Program Organizers

When you submit to a program, the organizing entity receives:

• Your application content
• Profile information you provide
• Any additional information required by the application form

5.3 With Service Providers

We share information with third-party vendors who assist in operating the Service:

• Cloud hosting providers
• Email delivery services
• Analytics providers
• Payment processors

These providers are contractually obligated to protect your information.

5.4 For Legal Reasons

We may disclose information if required by law or if we believe disclosure is necessary to:

• Comply with legal process
• Protect our rights or property
• Ensure user safety
• Investigate potential violations

5.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

6. Data Retention

We retain your information for as long as:

• Your account is active
• Needed to provide the Service
• Required by law or legitimate business purposes

When you delete your account:

• Personal profile data is deleted within 30 days
• Application submissions may be retained if required by program organizers
• Aggregated, anonymized data may be retained indefinitely

7. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication mechanisms
• Regular security assessments and monitoring
• Access controls and audit logging
• Employee training on data protection

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

8. Your Rights and Choices

8.1 Access and Correction

You can access and update your personal information through your account settings. You may request a copy of all personal data we hold about you.

8.2 Deletion

You can request deletion of your account and personal data. Some information may be retained as required by law or legitimate business purposes.

8.3 Opt-Out

You can opt out of:

• Marketing communications (via unsubscribe link or account settings)
• Non-essential cookies (via cookie preferences)
• Third-party analytics (via browser settings)

8.4 Data Portability

You can request a machine-readable copy of your personal data.

8.5 Exercising Your Rights

To exercise any of these rights, contact us at consult@bongohive.co.zm. We will respond within 30 days.

9. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Keep you logged in
• Remember your preferences
• Understand how you use the Service
• Improve performance

Types of Cookies We Use

You can manage cookie preferences through your browser settings or our cookie preference center.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including:

• Standard contractual clauses
• Data processing agreements
• Compliance with applicable data protection laws

11. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last updated" date
• Sending an email notification (for material changes)

Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

For data protection complaints, you may also contact your local data protection authority.