privacy policy

thE high commission of the kingdom of lesotho privacy policy

Last updated: 13 February 2024

site NOTICE:

“We recommend that you read this Policy in full to ensure you’re fully informed. However, if you only want to access a particular section o this Policy, then you can click on the relevant TAB below to get to that particular section.”

I. OVERVIEW

This data Protection Policy outlines the privacy practices of the Lesotho High Commission (referred to as “the UK Mission”, “we”, “us” and “our”). It provides details on the protection afforded to your data when you give us your personal information via our website at www.lesothohc.org.uk (the “Website”) or when you contact us via the telephone system, in each case therein (collectively referred to as the “Services”).

For the purposes of the DPA 2013, your information is controlled and processed by the Immigration department under the Ministry of Home Affairs in the government of the Kingdom of Lesotho (“Data Controller”). This department is mandated to control movement of people into and out of the country. It is also charged with the facilitation and issuance, visas, residence permits and citizenship acquisition.

In its capacity as data controller, the Ministry of Home Affairs commits to ensuring that your privacy is respected, and your processed personal data is protected in accordance with the principles of DPA 2013:

This privacy policy, together with our terms and conditions of our website use and cookies policy, sets out, the types of data that we hold on to you as our services user. It also sets out how we use that information, how long we keep it for and other relevant information about your data. Should we ask you to provide certain personal information by which you can be identified when using our services, you can be assured that it will only be used in accordance with this Privacy Policy.

The High Commission of the Kingdom of Lesotho may change this policy periodically to maintain accuracy and compliance. You can check this policy at any time to ensure that you are happy with any changes.

This version of the policy was approved by the High Commissioner of the Kingdom of Lesotho in Feb 2024 and posted online on 20th Feb 2024.

Should you need to discuss the contents of this Privacy Policy or have any questions regarding your rights, please feel free to contact us using our contact procedures as detailed in the relevant sections of this Policy below.

II. ABOUT US & WHO WE ARE

The High Commission of the Kingdom of Lesotho, on the international stage, stands at the forefront as a representative of the Ministry of Foreign Affairs and International Relations, the Ministry of Home Affairs respectively, in the government of the Kingdom of Lesotho. We’re a separate public agency to our functional government bodies and we do not automatically hold, or have a right of access to, personal data collected by other government agencies in the Ministry of Foreign Affairs and International Relations and the Ministry of Home Affairs respectively.

Similarly, the High Commission of the Kingdom of Lesotho does not generally hold information on behalf of both the abovementioned Ministries.

If you have any queries about how these other government Ministries use your personal information, you need to contact them directly.

Under the DPA Act 2013, the Mission is only allowed to use personal information if we have a proper reason (known as a “legal basis”) to do so.

The “legal basis” relied on to process the personal data we hold will depend on way in which you have engaged with the Mission, or the service you use or sign up for. In most cases, however, our handling of your personal information will be necessary for the delivery of our public functions. In other words, when we use personal information, we do so to deliver better public services to the Lesotho nationals in the UK, other nationalities who need relevant services for their entry into the Kingdom Lesotho.

Our Diplomatic Mission collaborates with the UK government agencies, local UK businesses, and other organizations to build and maintain political, commercial, and cultural relationships in accordance with legal and regulatory requirements on data protection laws.

Our main services are the provision of consular services to Lesotho nationals and non-nationals alike, who seek assistance for documents legalization, notarial document services, and or other areas of government agency general assistance to citizens of Lesotho living, working, or traveling into the UK.

Through our consular services, we offer all necessary assistance for both routine administration and emergency situations for our citizens leaving abroad. That also extends to regulatory assistance for citizens of the foreign nationalities who intent traveling to Lesotho, for tourism, business, and diplomatic purposes.

If you are asked to provide information when signing-up for or using a specific High Commission’s service (for example, submission of a passport application, visa application, or registering on our Basotho Diaspora online form on our website) a dedicated privacy page will explain how we use and protect your information.

III. CATEGORIES OF DATA SUBJECTS & TYPES OF PERSONAL DATA

  • Application or “app”: software operated by a user through a computing device, which can be a personal computer, laptop, tablet device or mobile phone.
  • Cookie(s): text-based files, small in data storage size, placed on a device which facilitate the storage of specific information about a user’s browsing session as they use/traverse the World Wide Web. The nature of each cookie varies and not all websites use or need cookies, though their use is common practice.
  • Cookie consent mechanism: a specific tool employed by a website to facilitate your cookie consent preferences as required.
  • Device: a piece of hardware that functions as a computing device, such as a personal computer, laptop, tablet device or mobile phone.
  • Internet Service Provider (ISP): an organisation which provides you a connection to the internet, usually for a fee.
  • IP address: the internet protocol (IP) address is an identifier of a device on a network connected to the internet.
  • Local storage: saved website data on a device, used by the website for specific purposes, usually to facilitate a specific website experience. Local storage technologies are similar to cookies, but data is saved through a different function by the software application (usually a web browser).
  • Operating System: software which allows users to control a device.

IV. CATEGORIES OF DATA SUBJECTS & TYPES OF PERSONAL DATA

This policy applies to all users of the High Commission of the Kingdom of Lesotho’s website, telephone system communication (the “Services”) and is subject to all data protection laws within the Kingdom of Lesotho.

This Policy is relevant to people whose personal information is processed by the Lesotho High Commission including:

  • The Lesotho passport and travel document holders and applicants;
  • Basotho living and travelling overseas, including those who have registered via Diaspora Registration at: lesothohc.org.uk/basotho-diaspora-engagement;
  • People who have made enquiries or complaints to Lesotho High Commission;
  • Visa applicants;
  • Foreign diplomatic and consular staff (for protocol-related purposes);
  • Current and former high commissioners;
  • Other individuals whose personal information is provided in, or in connection with, a passport, or visa application.

V. SOURCES OF DATA COLLECTION

In this policy, personal information and sensitive information has the meaning given to these terms in the DPA 2018/UK GDPR, EU GDPR & Lesotho Data Protection Act, 2013 (DPA 2013).

The information that is collected enables us to perform our consular services duties as a government administrative agency, comply with our legal obligations and carry out our functions as a government department in the Kingdom of Lesotho and abroad.

Visitor’s voluntary submission of personally identifiable information constitutes visitor’s consent to the use of their information for the stated purposes. Should the visitor choose not to provide certain information, we may not be able to fulfil provision of the requested service. In instances whereby we may request visitor’s personally identifiable information, we’ll provide full explanation why we need such information, how we’ll use it in a separate “Privacy Notice”. We neither collect nor use visitors’ information for commercial and or marketing purposes.

We’ll only ask for your personal data if it is required for, or directly related to, the specific performance of our functions and activities. In that regard, there’s a non-exhaustive list below, of all the kinds of personal data that we may ask our visitors to provide to achieve those purposes. We will not collect all the data for all data subjects; we only collect what is necessary.

The limited amount of personal data which we may store shall be collected in the following ways:

1. Information You Provide to Us Directly

It is our usual practice to collect personal information directly from you or your authorised representative if it is required for a specific purpose via:

i. Telephone calls or face to face visit to our office:

When you contact us regarding our services as a potential service user, we may process personal information that is reasonably necessary for, or directly related to the purpose of processing your request. We do not pass these data on without your consent.

  • Names and signatures;
  • Personal contact details such as address, email address, phone number;
  • Proof of identity documents;
  • Next of kin contact information
  • Information about citizenship, visa status and visa application details;
  • Dates and places of birth;
  • Details for registration on Diaspora Registration at: lesothohc.org.uk/basotho-diaspora-engagement; and other relevant information necessary for the service delivery.

We may also collect or hold sensitive information, including your:

  • Photographs used for biometric matching purposes to confirm identity on passport applications (biometric information);
  • Health information, for example when seeking consular assistance;
  • Information about racial identity or status for example when making a passport application.

ii. Visiting our website:

The types of data collected if you contact us via a contact form on our website, can be determined from the relevant contact form.

2. Information Collected Automatically

As a matter of principle, this site does not collect personally identifiable information about you when you visit our website, browse, or download files from it, unless you voluntarily choose to provide it to us. You can generally visit the site without revealing your personally identifiable information unless you voluntarily choose to provide it to us.

When vising our website (www.lesothohc.org.uk), we, or our third-party partners, may collect certain information about you, shall be automatically registered via cookies. Information such as, your Internet protocol (IP) address, user agent string (e.g., browser or device information), user settings, actions taken on the Services, browser or device information, location information (including approximate location as derived from IP address or, as applicable, as otherwise allowed via your consent through the device’s operating system), and Internet service provider, primarily for purposes such as analytics, security, and otherwise providing more streamlined/optimized, personalized, or relevant features, functionality, management and improvement of our website services for your benefit. This information is collected via various technologies, such as pixels or cookies, or server logs, which, in each case, may be provided by us or our third-party partners. However, all such collected information does not identify the visitor personally. You may find more information on cookies in our Cookie Policy.

VI. LEGAL BASIS & PURPOSES FOR DATA PROCESSING

We try to collect only the minimum necessary personal data for completion of purposes of data processing, as set out below.
If you are residing in a country from the EU/EEA or in the UK, or in any other country where the processing of personal data shall be subject to a legally defined lawful basis, the following purposes and legal basis shall be applicable to the processing of your personal data by the High Commission of the Kingdom of Lesotho.

The legal bases under which, the processing of your personal information might be carried out are either for:

i. Public task:

  • Our response to your enquiries or comments submitted via our website, whereby we are carrying out a specific task in the public interest or exercising official authority.
  • To comply with our legal and regulatory obligations;
  • To manage our risk, and ensure compliance with our internal policies and procedures;
  • To establish, exercise and/or defend legal claims, to protect our government department against fraud, theft, other crimes and/or other criminal activity;
  • To protect the integrity and security of our systems.

This is the most used lawful basis in the High Commission of the Kingdom of Lesotho as we are acting on behalf of the ministerial department in the Kingdom of Lesotho;

ii. Legitimate interests:

  • In providing you with the best possible user experience, whereby we use your data in a way that you would reasonably expect for our own interests, or those of a third party;
  • To facilitate your online submission of service request and for all other administrative tasks which may be necessary;
  • To manage our risk, and ensure compliance with our internal policies and procedures;
  • To prevent, detect and investigate fraud and other online crimes;
  • To monitor and manage communications to and from us using our communications systems.

This should have minimal privacy impact;

iii. Legal obligation:

To comply with a court order or other legal requirement.

iv. Consent:

You have given us clear and informed consent to process your personal information for a specific purpose.

Some examples of the purposes for which your personal information might be processed includes:

  • While visiting the High Commission of the Kingdom of Lesotho -UK offices;
  • Taking part in LHC-UK-sponsored online events and forums;
  • Citizens, emergency travel documents, registering births or deaths abroad;
  • Legalising documents for the citizens of the Kingdom of Lesotho;
  • Submitting media enquiries or other information requests to the High Commission of the Kingdom of Lesotho;
  • Obtaining certified copy of your passport or travel document application for submission to the Ministry of Home Affairs for processing;
  • Obtaining your personal information for submission of your visa application to the Ministry of Home Affairs;
  • Obtaining your personal information for submission to the Ministry of Home Affairs for processing your registration on the, Diaspora Registration;
  • Assisting you as a Lesotho national in the UK who seek or require consular assistance;
  • Response to complaints by visitors to our website.

Once your query has been answered, your data will be deleted; this can be assumed to be the case if it is clear from the circumstances that the matter has been concluded and if there were no statutory retention obligations that would prevent deletion of the data.

We will only use your personal information for the purposes on which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

For other purposes which may not fall under the scope of the above-mentioned purposes we will obtain your consent.
If you are residing in a country governed by privacy laws under which consent is the only or most appropriate legal basis for processing personal data, your acceptance of this Privacy Policy or your use of our Site and/or Services, or your communication with us (as the case may be) will be considered your consent to the processing of your personal data for the purposes detailed herein.

VII. LINKS TO OTHER WEBSITES

Our website may contain links to other websites of interest. such links are provided in good faith as additional and relevant resources for our website users. Once you have used these links to leave our website you should note that we do not have any control over that other website unless the University has a formal partnership in place. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting other websites and such sites are not governed by this policy. You should exercise caution and look at the statements and policies applicable to the website in question.

VIII. SHARING YOUR PERSONAL DATA

In the scope of our Mission activities, we cooperate with various government departments/agencies in the Kingdom of Lesotho as well as external parties. In some cases, this may require disclosure of the entire or part of your personal data to these external parties. We always ensure that the appropriate safeguards on your privacy are undertaken. We only disclose personal data to external parties if this is required as part of the fulfilment of our services delivery obligations to you, if we are legally obligated to do so (e.g., disclosure of data to immigration authorities), if we have a legitimate interest in the disclosure whereby, the data subject has given consent to the processing of their personal data for one or more specific purposes; or if another legal basis permits the disclosure of this data. When using processors, we only disclose personal data of our services users/data subjects on the basis of a valid contract on data processing. In the case of joint processing, a joint processing agreement is concluded.

We only share your personal and anonymised information with third parties whom we have contractual relationships to assist us in fulfilling our legal and specific purposes outlined above.

These parties will only use your personal information on behalf of the High Commission of the Kingdom of Lesotho, in accordance with their own Data Protection or Privacy policies and the terms of agreement with the High Commission of the Kingdom of Lesotho and the Ministry of Home Affairs in the government of the Kingdom of Lesotho.

In general, we share the personal and anonymized information we collect in connection with the Services as detailed below:

  • Service Providers. They use that information to help us to provide our Services. This includes service providers that provide us with IT support, cloud hosting, customer service, analytics, targeting advertising technologies, and related services.
  • Disclosures to Protect Us or Others: if we have reason to believe, and in good faith, that doing so is necessary; to comply with applicable law or a court order, or other legal process to prevent, or take action regarding illegal activities; suspected fraud, violations of our terms and conditions, or situations involving threats to our property or the property or physical safety of any person or third party; to establish, protect, or exercise our legal rights or defend against legal claims.

IX. HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR

We will keep your personal data only for as long as required to achieve the purposes for which it was gathered, in line with this privacy policy.

In determining when personal data should be erased, we shall take into consideration the amount of and sensitivity of the personal data we have, the amount of harm that could be caused by a data breach, the benefits of the purposes the data is being used for and any legal requirements that we are bound to.

You may request that we erase your personal data at any time, though in cases where there is a remaining relevant or legal reason why we are required to keep the data we may opt to restrict the amount of processing being conducted to what is absolutely necessary in line with your legal rights, to minimise the impact, the processing will have.

VIII. HOW LONG WE KEEP YOUR PERSONAL INFORMATION FOR

X. YOUR DATA SUBJECT RIGHTS AND HOW TO EXERCISE THEM, OUR RESPONSIBILITY

You also have certain rights relating to the personal data we hold about you which are outlined below, they may be subject to various exceptions and limitations. You can exercise these rights at any time by contacting us. We may need to validate your identity to fulfil your request.

Right of Access

This grants you the right to request access to the personal data we hold about you (Data Access Request). You can seek confirmation of how your personal data is being processed, to be provided with relevant details of what those processing operations are.

We’d encourage you to contact us by using any of the details below.

We can refuse to provide personal data where to do so may reveal another person’s personal data or would otherwise negatively impact another person’s rights.

Request that your personal data is deleted (Right to be Forgotten)

You can ask us to delete the personal data we hold about you when it is no longer required for a legitimate business need, legal or regulatory obligations, where you have withdrawn your consent or is no longer required for the purposes it was collected.

Object to processing (Right to Object)

You may object to us undertaking automated processes, or fully automating decision making, using your personal data except, where used to detect, prevent and investigate fraud and other financial crimes. You may also object to us using your personal data for direct marketing purposes. This includes any profiling we perform as part of our direct marketing activities. Once we receive and have processed your objection, we will stop using your personal data for these purposes.

Request a copy of your personal data (Data Portability)

Where we’ve previously obtained your personal data directly or indirectly, and it was processed electronically, you’ve a legal right afforded to you. You can request us to pass on all the details you have provided to us in a machine-readable format, either to you or to another provider of your choosing.

The Right to Rectification

If you believe that the personal data, we hold about you is inaccurate, incorrect or incomplete, you may request we rectify the mistake. We will make every effort to respond to requests of this type immediately.

Restrict the processing of your personal data (Right to Restrict)

You may ask us to restrict our processing of your personal data whilst we resolve any complaints you have about the way your personal data is used, require it for a legal claim, believe the personal data is not accurate, we no longer need the personal data, you have objected to the processing of your personal data or if you think our processing is unlawful but you do not want us to delete your personal data.

Rights in relation to consent (Right to Withdraw)

A wide range of data processing transactions are possible only subject to your express consent. You can also revoke at any time any consent you have already given us. This shall be without prejudice to the lawfulness of any data collection that occurred prior to your revocation.

In determining when personal data should be erased, we shall take into consideration the amount of and sensitivity of the personal data we have, the amount of harm that could be caused by a data breach, the benefits of the purposes the data is being used for and any legal requirements that we are bound to.

You may request that we erase your personal data at any time, though in cases where there is a remaining relevant or legal reason why we are required to keep the data we may opt to restrict the amount of processing being conducted to what is absolutely necessary in line with your legal rights, to minimise the impact, the processing will have.

XI. MAKING A DATA PROTECTION COMPLAINT

We will always endeavour to maintain the highest standards to inspire confidence you have in us as a government agency. Should you have any concerns about the use of your personal data, we do request that any complaints be first brought to our attention so we can properly investigate matters.

Our Data Protection Officer is:
Mpho Lethoba
7 Chesham Pl, London SW1X 8HN
support@lesothohc.org.uk
0207-235-1291

If, you’re, however, not satisfied with the way we handled your complaint, you are entitled to raise a complaint directly with the Kingdom of Lesotho Information Commissioner’s Office via anyone of the reporting methods listed on their website – https://ico.org.uk/concerns.

XII. THE SITE DATA CONTROLLER

The data processing controller on this website is:
LHC-UK
7 Chesham Pl, London SW1X 8HN
support@lesothohc.org.uk
0207-235-1291

The controller is the natural person or legal entity that single-handedly or jointly with others makes decisions as to the purposes of and resources for the processing of personal data (e.g., names, e-mail addresses, etc.)

XIII. SECURITY OF YOUR INFORMATION

We take precautions to maintain the security, confidentiality, and integrity of the information we collect as directed by the Lesotho DPA 2013. Such measures include access controls designed to limit access to the information to those who need it. We also employ various security technologies to protect the information stored on our systems.

For security reasons and to protect the transmission of confidential content, such as submission of website contact forms, online registration forms or inquiries you submit to us as the website operator, this website uses either an SSL or a TLS encryption program. You can recognize an encrypted connection by checking whether the address line of the browser switches from “http://” to “https://” and also by the appearance of the lock icon in the browser line. If the SSL or TLS encryption is activated, data you transmit to us cannot be read by third parties.

We routinely test our security measures to ensure that they remain operational and effective.

We have taken steps and will always endeavour to ensure that your information is treated securely and in accordance with this Privacy Policy. We apply the standard technical and organisational measures which may be reasonably expected of us to protect your personal data against destruction, loss, changes, counterfeit, distribution, or illegal access. Yet in fact, there is no system that is 100% secure, and we cannot ensure or warrant the security of any information you provide to us. We have taken appropriate safeguards to require that your personal information will remain protected and require our third-party service providers and partners to have appropriate safeguards as well. To the fullest extent permitted by applicable law, we do not accept liability for unauthorized disclosure.

Personal data shall only be passed on to a partner in a country outside the Kingdom of Lesotho if the country guarantees appropriate security levels for your personal data. We may not be held liable for the misuse or illegal use of personal data by a third party. Furthermore, you remain responsible for the confidentiality and the use of your computer, IP address, login, and identification data.

We hold our contractors and other third-party providers (VFS Global, the world’s largest outsourcing and technology services specialist for governments and diplomatic missions worldwide)to the same high standards that we use to ensure the security, confidentiality, and integrity of personal information they may have access to in the course of their work completed on behalf of the Mission and the relevant government Ministries involved in the provision of your services.

By using our Services or providing personal information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of our Services.

XIV. RECORDING OF DATA ON THIS WEBSITE

Our website and pages use what the industry refers to as “cookies.” Cookies are small data packages that do not cause any damage to your device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain archived on your device until you actively delete them, or they are automatically eradicated by your web browser.
Cookies can be issued by us (first-party cookies) or by third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services of third-party companies into websites (e.g., cookies for handling web page browser activities).

Cookies have a variety of functions. Many cookies are technically essential since certain website functions would not work in the absence of these cookies. Other cookies may be used to analyse user behaviour or for promotional purposes.

You have the option to set up your browser in such a manner that you will be notified any time cookies are placed and to permit the acceptance of cookies only in specific cases. You may also exclude the acceptance of cookies in certain cases or in general or activate the delete-function for the automatic eradication of cookies when the browser closes. If cookies are deactivated, the functions of this website may be limited.

Which cookies and services are used on this website can be found on our Cookie Policy page.

XV. INTERNATIONAL DATA TRANSFERS

Your personal data may be transferred outside of the Kingdom of Lesotho from time to time to trusted service providers and other third parties. These other countries have different, and sometimes higher, standards of data protection than those in the Kingdom of Lesotho.

We require third parties to keep your personal data confidential and secure. We will ensure that suitable protection is always maintained by ensuring that appropriate safeguards are in place.

But where we are required by law to disclose, we may not always have control over the terms under which we are required to share your personal data. We will make sure that any disclosure is lawful.

XVI. SOCIAL MEDIA INFORMATION

Facebook

We have integrated elements of the social network Facebook on this website. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook’s statement the collected data will be transferred to the USA and other third-party countries too.

An overview of the Facebook social media elements is available under the following link: https://developers.facebook.com/docs/plugins/.

If the social media element has been activated, a direct connection between your device and the Facebook server will be established. As a result, Facebook will receive information confirming your visit to this website with your IP address. If you click on the Facebook Like button while you are logged into your Facebook account, you can link content of this website to your Facebook profile. Consequently, Facebook will be able to allocate your visit to this website to your user account. We must emphasize that we as the provider of the website do not receive any information on the content of the transferred data and its use by Facebook. For more information, please consult the Data Privacy Policy of Facebook at: https://de-de.facebook.com/privacy/explanation.

If your approval (consent) has been obtained the use of the abovementioned service shall occur on the basis, that the data subject has given consent to the processing of their personal data. Such consent may be revoked at any time. If your consent was not obtained, the use of the service will occur on the basis of our legitimate interest in making our information as comprehensively visible as possible on social media.

Insofar as personal data is collected on our website with the help of the tool described here and forwarded to Facebook, we and Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland are jointly responsible for this data processing (Art. 26 DSGVO). The joint responsibility is limited exclusively to the collection of the data and its forwarding to Facebook. The processing by Facebook that takes place after the onward transfer is not part of the joint responsibility. The obligations incumbent on us jointly have been set out in a joint processing agreement. The wording of the agreement can be found under: https://www.facebook.com/legal/controller_addendum. According to this agreement, we are responsible for providing the privacy information when using the Facebook tool and for the privacy-secure implementation of the tool on our website. Facebook is responsible for the data security of Facebook products. You can assert data subject rights (e.g., requests for information) regarding data processed by Facebook directly with Facebook. If you assert the data subject rights with us, we are obliged to forward them to Facebook.

XVII. INFORMATION USE PRACTICES

Artability Ltd may use the collected information or data described above, individually or in the aggregate, for any lawful purpose, including, but not limited to, such purposes as ….. analysing and tracking user activity on the Services for individual users, tracking and analysing usage trends, personalizing the Services to better reflect your preferences, enhancing your use of the Services. All collected information may be linked to specific website users and may result in the tracking of the usage information for individual users.

Artability Ltd may also use your submitted information to contact you, via regular mail, email, text message, telephone, or otherwise, regarding your purchased services, or other relevant or promotional information or offers as determined by Artability Ltd. By submitting your contact information to Artability Ltd you consent to receiving such communications.

XVIII. DISCLOSURE OF INFORMATION

Except for the limitations expressly discussed herein, if any, Artability Ltd may disclose or transfer any collected information to third-parties for any lawful purpose in our sole discretion.
Artability Ltd may disclose any collected information about a customer.
The disclosed information about a customer include, but are not limited to, the person’s name, user name, contact information, and information related to any transactions between those persons:

  • Third-Party Services:- If you log in to Artability Ltd through a third-party service like Facebook or Google, then those third-parties may have access to certain information about your use of Artability Ltd. For more information on the type of information those third-parties may collect about you, please review the privacy policies for those third-parties.
  • Vendors:- Artability Ltd may use third-party companies, agents, or contractors to perform services on our behalf. For example, Artability Ltd may partner with other companies to personalize our web pages, analyse our website or usage information, or otherwise assist Artability Ltd in better serving the Services’ users. During the course of providing Artability Ltd with these services, these third-parties may have access to your personal and non-personal information in order to provide the services we requested from those third-parties.
  • Legal compliance – Artability also reserves the right to disclose personal information when we reasonably believe disclosure is required by law, if we reasonably believe disclosure is necessary to establish or exercise legal rights, or in situations involving potential threats to physical safety.

XIX. Third-Party Links

The Services may contain links to websites not owned or controlled by Artability Ltd. Artability Ltd does not necessarily review or endorse the content of these linked websites. You should review the terms of service and privacy policies of all websites you visit.

XX. Security

We use commercially reasonable efforts to protect the information we collect on the Services. Unfortunately, however, no security system can be guaranteed to be 100% effective. Accordingly, we cannot and do not guarantee the security of your personal information and cannot assume liability for improper access to it. Do not submit confidential information through the Services.

You are responsible for restricting access to your computer or mobile device through which you access the Services. Users of public or shared computers or unprotected mobile devices should log out at the completion of each visit to our Services. By using the Services, or providing personal information to us through any means, you agree that we can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of these Services.

XXI. CONTACT INFORMATION

For any data processing related questions and/or requests, please contact us at: dpo@lhc.lesotho.org.uk.

Current revision: February 01, 2024.

XXII. The supervisory authority

The supervisory authority in the Kingdom of Lesotho for data protection matters is the The Data Protection Commission (Commission). If you think your data protection rights have been breached in any way by us, you are able to make a complaint directly to the Commission.

External Websites: