CIFOR privacy policy

We take your data privacy seriously. This Privacy Policy explains how we use the personal information that we collect from you when you use our website.

CIFOR is the administrator of various websites, which collect information in order to provide better services to all of our users. This may include some information that can identify you. This policy aims to help you understand the terms and conditions that govern the collection and use of such information.

In collecting your personal information, we are acting as a data controller and processor and, by law, are required to provide you with information about us, why and how we use your data, and the rights that you have over your data.

For the purpose of this Privacy Policy, “personal information” means any information that identifies you personally, either alone or in combination with other information available to us. Personal information does not include technical, device or usage information that cannot be used to identify you personally, nor does it include “aggregate” information, which is data collected on the use of the website or about a group or category of websites or users, from which individual identities or other personal information have been removed. This Privacy Policy does not restrict or limits our collection and use of aggregate and non-personal information, and we may share such information with third parties for various purposes.

Please read this Privacy Policy carefully. By accessing or using the website, you agree to be bound by the terms and conditions described herein and all terms and conditions incorporated by reference. If you do not agree to all of the terms and conditions set forth below, you may not use the website.

This policy applies to:, and,, and all related sub-domains collectively referred to as “the Site”.

1. What and how do we collect your information?

  • When you subscribe to receive our news updates, event invitations, and other emails, you will be asked for basic personal information that helps to identify you such as your name, email address, organizational affiliation and country of residence. At any time, you can opt out of receiving emails from us clicking the ‘Unsubscribe’ link at the bottom of all our emails, or by contacting us at You can also request to have your personal data modified or deleted (see your data protection rights below section 5).
  • If you apply for a job at CIFOR, you will be asked to provide information typically found in a curriculum vitae such as name, email address, home address, phone number, date of birth etc. We collect only the personal data from you in order to provide you with the service you requested.
  • When you access the Site for general browsing, we collect Internet Protocol (IP) address, browser type, operating system, the files you download, the pages you visit, and the dates/times of those visits. The information is used only for website traffic analysis in order to improve our websites, and we treat it confidentially.
  • CIFOR also records your IP address, which is the Internet address of your computer, and information such as your browser type and operating system. This information helps us learn about the geographical distribution of our website visitors and the technology they use to access the Site. For example, our photo and video competitions allow a specific IP address to vote only once. This helps us ensure that our competitions are fair and that every competitor gets an equal chance. Another example is the publication download paywall, which uses your IP address to track our publication dissemination.
  • Cookies.
    When you visit our website, we use cookies to collect information about how you use CIFOR websites and how we provide features to you. A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. In general, cookies have two main purposes: to improve your browsing experience by remembering your actions and preferences, and to help us analyze our website traffic.

    CIFOR uses cookies to help us analyze traffic to the Site, to help us improve website performance and usability, and to make the Site more secure. Third-party cookies help us use Google Analytics to count, track and analyze visits to the Site. This helps us understand how people are using our websites and where we need to make improvements.

    You are always free to delete cookies that are already on your computer through your browser settings, and you can set most browsers to prevent them from being added to your computer. However, this may prevent you from using certain features on the Site.
  • To deliver our internal and external newsletters and other bulk email messages we use a third-party provider (MailChimp). We gather statistics around email opening and clicks using industry standard technologies to help us monitor and guide the performance related improvements.
  • When you use a mobile device like a tablet or phone to access our website, we may access, collect, monitor, store on your device, and/or remotely store one or more “device identifiers”. Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify the device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software or data sent to the device by CIFOR.
  • Event and youth registration.
    We currently use “Expressions of Interest” Google forms and Eventbrite for event registrations to capture email IDs and bank information. If you do not consent to our use of this information, you will not be able to participate in our events /youth activities. 
  • Social media.
    If you share our content on Facebook, Twitter or other social media accounts, we may track what content you share. This helps us improve our social media outreach.

2. How will we use your information?

The personal information we collect will be used for the following purposes:

  • Giving you the information, updates or services, you have requested
  • Communicating with you about an event or conference
  • Evaluating your job application
  • Complying with regulations and laws
  • Remember information so you will not have to re-enter it during your visit or the next time you visit the website
  • Provide personalized content and information to you and others
  • Provide, improve, test and monitor the effectiveness of our website
  • Develop and test new products and features
  • Monitor metrics such as total number of visitors, traffic and demographic patterns
  • Diagnose or fix technology problems
  • Automatically update the application on your device
  • Provide you with customer support
  • Perform research and analysis about your use of, or interest in, our products, website or content
  • Communicate with you by email, postal mail, telephone and/or mobile devices (including through in-application advertising) about websites that may be of interest to you, either from us, our parent or subsidiary companies or other third parties
  • Enforce our terms, conditions and policies and to communicate with you
  • Manage and improve the website
  • We may process your information using third-party service providers or agents, who may be located outside your home country. However, your information will only be used for the purposes you requested or agreed to, or as required by law.
  • to facilitate analysis of website traffic to improve the performance and usability of the Site and to better provide security
  • For complaints: when we receive a complaint from a person, we create a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint
  • We will only use the personal information we collect to process the complaint. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
  • We usually have to disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
  • We will keep personal information contained in the complaint files in line with our Retention Policy. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need-to-know’ principle.
  • Similarly, where enquiries are submitted to us, we will only use the information supplied to us to deal with the enquiry and any subsequent issues.

3. Who has access to your information?

  • We will not rent or sell your personal information to third parties outside CIFOR without your consent, except as noted in this Policy.
  • We may share your information as well as information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that help us provide the website to you (“Service Providers”). Our Service Providers will be given access to your information as is reasonably necessary under confidentiality terms. 
  • We will remove parts of data that could be used to identify you and share anonymized data with other parties. We may also combine your information with other information in a way that it is no longer associated with you and share that aggregated information.
  • If you delete information that you posted to the website, copies may remain viewable in cached and archived pages of the website, or if other users or third parties have copied or saved that information.
  • In addition, we may disclose the personal information we collect through the website when we, in good faith, believe disclosure is appropriate to:
    • Comply with applicable law
    • Prevent or investigate a possible crime, such as fraud or identity theft
    • Enforce the terms of the website or other agreements that govern your use of the website and/or our website
    • Protect the rights, property or safety of CIFOR, our users or others
    • Protect your vital interests.
  • We may disclose your information without giving you prior notice if we believe it is necessary to prevent imminent and serious bodily harm to a person. Nothing in this privacy policy is intended to limit any legal objections or defences you might have towards efforts by third parties to compel disclosure of your information, including legal orders from the government.
  • If you comment on our blog or other public forums, you should be aware that any information you submit there can be read, collected or used by other users of those blogs, and could be used to send you unsolicited messages. We are not responsible for the information you choose to submit in these blogs or for any content you receive as a result of sharing such information.

4. How do we store and protect your personal information?

  • We ensure that your information is stored securely and is accurate and up to date. We will keep your data as long as set forth in our Retention Policy or until you ask us to delete it. We keep your information confidential except where disclosure is required or permitted by law or as described under ‘Prohibited Use’.
  • CIFOR may use third parties to process your information on our behalf. All our service providers are required to maintain the confidentiality and security of your personal information, and to use it only in compliance with applicable privacy laws. These third parties are required to comply strictly with instructions that they not use your personal information for their own business purposes.
  • Most of the information we collect is retained by us on our servers. If you are using the website from a country other than the country in which our web servers are located, the various communications will necessarily result in the transfer of information across international boundaries.
  • By registering for and using the website, you consent to the transfer of information to Indonesia or to any other country in which CIFOR, its Affiliates or Service Providers maintain facilities, and the use and disclosure of information about you as described in this Privacy Policy.
  • In case of any breach to our systems we shall inform you within 72 hours of the breach occurring.
  • Personal information is retained for the length of time it is needed for use based on our Retention Policy. Non-personal information is maintained indefinitely in aggregate form.

5. What are your data protection rights?

The right to access – You have the right to be informed about the collection and use of your personal information.

The right to rectification – You have the right to request CIFOR to correct any information you believe is inaccurate. You also have the right to request CIFOR to complete the information you believe is incomplete.

The right to erasure – You have the right to request CIFOR to erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request CIFOR to restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to CIFOR’s processing of your personal information, under certain conditions.

The right to data portability – You have the right to request CIFOR to transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you want to make a request, we have one month to respond to you.

6. Contacting us

If you have any questions related to our Privacy Policy, please contact us on:

7. Modification of this Privacy Policy

CIFOR reserves the right to modify this Privacy Policy. All modifications will be posted on this web page.