Data Privacy Policy

1. Who we are

ZAFY TODY SARLU (“ZAFY TODY”, “we”, “our”, or “us”) operates the website and related digital services covered by this Policy. We act as the data controller for the personal data collected through the website, unless another notice states otherwise.

2. Scope of this Policy

This Policy applies to personal data collected through the ZAFY TODY website, online forms linked from the website, email exchanges initiated through the website, program application forms, and other digital interactions clearly connected to this Policy.

3. Personal data we may collect

Depending on your interaction with us, we may collect: identity and contact data (such as your name, email address, phone number, organization, or startup name); professional or project information you submit; messages and documents you send to us; technical and usage data (such as IP address, browser type, device information, pages viewed, date/time, and logs); and cookie or similar technology data where used.

4. How we collect data

We collect data directly from you when you contact us, complete a form, apply to a program, subscribe to updates, or otherwise communicate with us. We may also collect certain technical data automatically through the website and through service providers that help us operate, secure, and improve the website.

5. Why we use your data

We use personal data only for legitimate, specific purposes, including: responding to your requests; managing applications, partnerships, events, and programs; communicating with you; improving website performance and user experience; maintaining website security; complying with legal obligations; and protecting our rights in case of disputes or misuse.

6. Legal bases for processing

Depending on the situation, we process personal data on one or more of the following bases: your consent; the need to take steps at your request or perform a contract; our legitimate interests in operating and securing our activities; and compliance with legal or regulatory obligations.

7. Who may receive your data

Your data may be accessed only by authorized ZAFY TODY personnel and, where necessary, by carefully selected service providers acting on our behalf, such as hosting providers, website maintenance providers, form or cloud service providers, email providers, analytics providers, or professional advisers. We may also disclose data to competent authorities when required by law or to protect legal rights.

8. International transfers

Some of our service providers may store or process data outside Madagascar. When a transfer takes place, we seek to ensure that appropriate safeguards are in place and that the transfer is justified under applicable law. When required, we rely on contractual safeguards, security measures, or the data subject’s informed consent.

9. Data retention

We keep personal data only for as long as necessary for the purpose for which it was collected, and for any additional period required by law, accounting rules, audit needs, or the management of legal claims. When data is no longer needed, we delete, anonymize, or securely archive it, as appropriate.

10. Security

We implement reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or unlawful disclosure. These measures may include secure hosting, HTTPS encryption, access controls, backups, and restricted access based on operational need.

11. Your rights

Subject to applicable law and verification of identity, you may request access to your personal data, correction of inaccurate data, updating, deletion where appropriate, restriction or objection in certain cases, and withdrawal of consent when processing is based on consent. You may also ask how your data is used and, where applicable, how transfers are protected.

12. Cookies and similar technologies

The website may use cookies or similar technologies that are necessary for website operation, audience measurement, security, user preferences, or improvement of services. Where required, you will be informed of their purpose and the means available to accept, refuse, or manage them.

13. Third-party services and links

Our website may contain links to third-party websites, platforms, or forms. When you use those services, their own privacy terms apply. ZAFY TODY is not responsible for the privacy practices of external services that it does not control.

14. Children and minors

Our website and programs are generally intended for entrepreneurs, project holders, partners, and adults. If a minor submits personal data through the website where parental or guardian authorization is required under applicable law, such authorization must be obtained.

15. Changes to this Policy

We may update this Policy from time to time to reflect legal, operational, or technical changes. The updated version will be posted on this page with a revised “Last updated” date.

16. Contact us

For any privacy request or question about this Policy or our handling of personal data, please contact:

ZAFY TODY SARLU
Cité Ampefiloha, logement 37
101 Antananarivo, Madagascar
Email: contact@zafytody.mg
Phone: +261 20 76 788 27

If you believe your rights have been violated, you may also contact the competent Malagasy data protection authority when available and applicable.