Skip to main content

Legal

Privacy Policy

Last updated: March 2026

Data, privacy, and community-safeguarding commitments.

1. Who this policy covers

This policy describes how DiTi Foundation ("we", "us", "the Foundation") collects and uses personal information from visitors to ditifoundation.org, donors, partners, volunteers, program participants, and people who contact us. It also covers our community-safeguarding commitments where programs involve direct beneficiary engagement.

2. Information we collect

We only collect what we need to operate programs, communicate, and report responsibly. This includes contact information you provide via forms, technical information collected automatically (browser type, pages visited), and program participation data collected with consent.

3. How we use information

We use the information we collect to operate and improve our programs, communicate with donors and partners, publish aggregate impact reports, and respond to inquiries. We do not sell or rent personal information.

4. Cookies & tracking

This site uses a minimal set of first-party cookies for essential function (session, preferences). We do not use advertising or cross-site tracking cookies. If we add aggregate analytics, it will be a privacy-preserving setup that does not identify individuals, and we will document it here.

5. Sharing & disclosure

We share personal information only with service providers acting on our behalf (hosting, payment processing, email delivery) under confidentiality agreements, and when required by law. We do not share donor or inquiry information with marketing or fundraising third parties.

6. Data security

We use industry-standard safeguards including encrypted transport, access controls, and regular security reviews. No internet system is perfectly secure; we work to reduce risk and respond quickly when issues arise. If a breach affecting personal information occurs, we will notify affected users in line with applicable law.

7. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or restrict processing of your personal data, as well as the right to data portability. To exercise these rights, email info@ditifoundation.org with "Data request" in the subject. We respond within 30 days.

8. Data retention

We keep personal information only as long as it serves the purpose it was collected for, or as required by law (e.g. tax records for donations). Newsletter subscriptions are kept until you unsubscribe.

9. International transfers

DiTi Foundation is headquartered in the United States with regional presence in Kenya. Where personal information moves between countries, we apply appropriate safeguards (e.g. standard contractual clauses) and limit transfers to what is necessary for program delivery and operations.

10. Children's privacy

Programs that involve minors operate under written safeguarding policies and partner-led consent processes. The public website is not directed at children under 13. If we discover we have collected personal information from a child without verified parental consent, we delete it.

11. Changes to this policy

We may update this policy as our practices evolve. Material changes will be flagged at the top of the page with a new "Last updated" date and a brief change summary.

Questions about this policy? info@ditifoundation.org with "Privacy" in the subject line.