Privacy Policy

Africa Science (AfricaScience.org)
Effective Date: 1 July 2026 Last Updated: 29 June 2026

1. Introduction

Africa Science (“we”, “us”, “our”), accessible at https://www.africascience.org, is committed to protecting your personal information in accordance with the Protection of Personal Information Act 4 of 2013 (“POPIA”) and all applicable South African data protection legislation.

This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you visit our website, subscribe to our newsletter, or otherwise interact with our services.

By accessing or using our website, you acknowledge that you have read and understood this Privacy Policy. Where we rely on your consent to process personal information, you may withdraw that consent at any time.

2. Information Officer

In terms of Section 55 of POPIA, our designated Information Officer is:

  • Name: The Editor-in-Chief, Africa Science
  • Email: privacy@africascience.org
  • Postal Address: Africa Science, Cape Town, South Africa
  • Website: https://www.africascience.org

You may contact our Information Officer with any queries or complaints regarding the processing of your personal information.

3. Personal Information We Collect

We collect personal information through the following means:

3.1 Newsletter Subscriptions

When you subscribe to the Africa Science newsletter, we collect:

  • Your email address
  • Your first name (optional)
  • Your last name (optional)
  • Subscription preferences and interests (optional)
  • Date and time of subscription
  • IP address at the time of subscription (for consent verification)

Newsletter subscriptions are managed through Mailchimp (The Rocket Science Group LLC), a third-party email marketing platform.

3.2 Website Analytics

We use Google Analytics 4 (GA4) to collect anonymised and aggregated data about how visitors use our website. This includes:

  • Pages visited, time spent on pages, and navigation paths
  • Referring websites and search terms
  • Browser type, operating system, and device category
  • Approximate geographic location (city/country level, derived from IP address)
  • Screen resolution and language preferences

Google Analytics 4 does not collect personally identifiable information by default. IP addresses are anonymised before storage. We do not enable any Google Analytics advertising features or User-ID tracking.

3.3 Cookies and Similar Technologies

Our website uses cookies and similar technologies for the following purposes:

Cookie TypePurposeDurationLegal Basis
Strictly NecessaryEssential website functionality (e.g., security, session management)Session / up to 12 monthsLegitimate interest
AnalyticsUnderstanding website usage patterns via GA4Up to 14 monthsConsent
PreferencesRemembering user settings (e.g., dark mode, font size)Up to 12 monthsConsent

You can manage your cookie preferences at any time through your browser settings or our cookie consent mechanism. Disabling cookies may affect certain website features.

3.4 Contributor and Editor Information

If you contribute articles or serve as an editor, we may collect:

  • Your full name and biographical details for author profiles
  • Your email address and contact information
  • Your WordPress login credentials (username and hashed password)
  • Content you create or edit on the platform

3.5 Information Collected Automatically

When you visit our website, our web servers automatically log:

  • Your IP address
  • Date and time of access
  • Pages requested
  • HTTP referrer
  • User-agent string (browser and device information)

Server logs are retained for security and operational purposes and are deleted after 90 days.

4. Purpose of Processing Personal Information

We process your personal information for the following purposes, each supported by a lawful basis under POPIA:

PurposeLawful Basis (POPIA Section 11)
Delivering newsletter content you subscribed toConsent
Analysing website traffic to improve content and user experienceLegitimate interest
Ensuring website security and preventing abuseLegitimate interest
Publishing author profiles alongside contributed articlesContract / Consent
Responding to enquiries and correspondenceLegitimate interest
Complying with legal obligationsLegal obligation
Managing contributor/editor access to our CMSContract

We will not process your personal information for purposes incompatible with those listed above without first notifying you and, where required, obtaining your consent.

5. Sharing of Personal Information

We do not sell, rent, or trade your personal information. We may share your information with the following categories of recipients:

5.1 Third-Party Service Providers

Service ProviderPurposeData SharedLocation
Mailchimp (Intuit Inc.)Email newsletter delivery and managementEmail address, name, subscription preferencesUnited States
Google Analytics (Google LLC)Website analytics and reportingAnonymised usage data, cookie identifiersUnited States
Hosting ProviderWebsite hosting and server infrastructureServer logs, website dataAs per hosting agreement

5.2 Legal and Regulatory Disclosures

We may disclose your personal information where required by law, regulation, legal process, or enforceable governmental request, including in response to requests from the Information Regulator of South Africa.

5.3 Professional Advisors

We may share personal information with our legal, accounting, or other professional advisors in connection with the advice they provide to us, subject to appropriate confidentiality obligations.

6. Transborder Information Flows

Certain third-party service providers (Mailchimp and Google) are based in the United States. In terms of Section 72 of POPIA, we transfer personal information outside of South Africa only where:

  • The recipient is subject to laws, binding corporate rules, or binding agreements that provide an adequate level of protection substantially similar to POPIA;
  • You have provided your consent to the transfer;
  • The transfer is necessary for the performance of a contract between you and us; or
  • The transfer is for your benefit and it is not reasonably practicable to obtain your consent.

Both Mailchimp and Google maintain compliance frameworks (including adherence to recognised international data protection frameworks) that provide an adequate level of protection for personal information transferred from South Africa.

7. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:

Data CategoryRetention Period
Newsletter subscriber dataUntil you unsubscribe, plus 30 days for processing
Website analytics data14 months (GA4 default retention)
Server logs90 days
Contributor/editor profilesDuration of the contributor relationship, plus 12 months
Correspondence and enquiries24 months from last communication

After the applicable retention period, personal information is securely deleted or irreversibly anonymised.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption: SSL/TLS encryption for all data transmitted between your browser and our website (HTTPS)
  • Access Controls: Role-based access controls for contributor and editor accounts; strong password requirements
  • Platform Security: Regular software updates and security patches for our content management system (WordPress)
  • Third-Party Security: Selection of service providers (Mailchimp, Google) that maintain robust security certifications and practices
  • Data Minimisation: We collect only the personal information that is necessary for the stated purposes
  • Monitoring: Regular review of access logs and security configurations

While we take reasonable steps to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Your Rights Under POPIA

As a data subject, you have the following rights under POPIA:

9.1 Right of Access (Section 23)

You have the right to request confirmation of whether we hold personal information about you and to request access to that information.

9.2 Right to Correction (Section 24)

You have the right to request that we correct or delete personal information about you that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or obtained unlawfully.

9.3 Right to Deletion (Section 24)

You have the right to request the destruction or deletion of your personal information where we are no longer authorised to retain it.

9.4 Right to Object (Section 11(3))

You have the right to object to the processing of your personal information on reasonable grounds relating to your particular situation, unless legislation provides for such processing.

9.5 Right to Withdraw Consent

Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

9.6 Right to Lodge a Complaint

You have the right to lodge a complaint with the Information Regulator of South Africa if you believe your personal information has been processed in violation of POPIA:

Information Regulator (South Africa) – Email: enquiries@inforegulator.org.za – Website: https://inforegulator.org.za – Postal Address: P.O. Box 31533, Braamfontein, Johannesburg, 2017

9.7 How to Exercise Your Rights

To exercise any of the above rights, please submit a written request to our Information Officer at privacy@africascience.org. We will respond to your request within 30 days of receipt, as required by POPIA. We may require you to verify your identity before processing your request.

10. Children’s Privacy

Our website is not directed at children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without verifiable parental or guardian consent, we will take steps to delete that information promptly. If you believe we have inadvertently collected such information, please contact our Information Officer.

11. Third-Party Links

Our website may contain links to third-party websites, services, or resources. We are not responsible for the privacy practices or content of those third parties. We encourage you to review the privacy policies of any third-party websites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the “Last Updated” date at the top of this policy
  • Post the revised policy on our website
  • Where appropriate, notify newsletter subscribers by email

Your continued use of our website after the publication of changes constitutes your acceptance of the revised Privacy Policy.

13. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the Republic of South Africa, including but not limited to:

  • The Protection of Personal Information Act 4 of 2013 (POPIA)
  • The Electronic Communications and Transactions Act 25 of 2002 (ECTA)
  • The Consumer Protection Act 68 of 2008 (CPA)

14. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or our data processing practices, please contact us:

  • Information Officer Email: privacy@africascience.org
  • General Enquiries: info@africascience.org
  • Website: https://www.africascience.org
  • Postal Address: Africa Science, Cape Town, South Africa

This Privacy Policy was last reviewed and updated on 29 June 2026.