Basic statement
Caritas Somalia is committed to respecting human dignity, privacy, and fundamental rights in the processing of personal data.
In accordance with the Somali Data Protection Act (Law No. 005 of 2023) and the African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention), Caritas Somalia has adopted a Data Protection Policy to ensure that personal data are processed lawfully, fairly, transparently, and securely.
Full details are available in the Caritas Somalia Data Protection Policy (2026) and the Data Protection Guidelines.
Caritas Somalia processes personal data only for specified, explicit, and legitimate purposes, including:
- Implementation and management of humanitarian and development programmes
- Management of beneficiaries, staff, partners, donors, and suppliers
- Fulfilment of legal, contractual, and donor obligations
- Financial management, accountability, and reporting
- Protection of the safety and vital interests of beneficiaries, staff, and visitors
Providing personal data is voluntary; however, failure to provide required information may prevent Caritas Somalia from delivering services or responding to requests.
Caritas Somalia processes personal data only for specified, explicit, and legitimate purposes, inclPersonal data are collected directly from data subjects wherever possible and are limited to what is strictly necessary for the intended purpose (data minimisation).
Where required by law, personal data are processed on the basis of informed and valid consent.
Caritas Somalia may collect limited technical information through its website (such as general usage statistics) solely for security, system administration, and statistical purposes.
The GEDSI Policy applies to: Access to personal data is restricted to authorised personnel on a need-to-know basis only.
Personal data may be shared exclusively with:
- Staff, agents, contractors, or service providers acting on behalf of Caritas Somalia and bound by confidentiality obligations
- Public authorities or other parties where required by law
- Third parties where the data subject has given explicit consent
Caritas Somalia does not sell, rent, or trade personal data to third parties.
Data subjects have the right to:
- Access their personal data
- Request correction, update, or deletion of inaccurate or unlawfully processed data
- Withdraw consent at any time, where processing is based on consent
- Object to certain types of processing
Requests may be submitted in writing or electronically in accordance with the procedures set out in the Data Protection Policy.
Caritas Somalia implements appropriate technical and organisational measures to protect personal data against loss, unauthorised access, or disclosure.
Any actual or suspected personal data breach must be reported without delay through internal reporting channels. Where required, Caritas Somalia will notify the competent authority within 72 hours, in line with Somali law.
Data Protection Policy – Caritas Somalia (2026)
Data Protection Guidelines (Everyday Do’s and Don’ts)
Changes to this notice
This privacy notice may be updated from time to time to reflect legal, organisational, or operational changes. Any updates will be published on this page.