Privacy Policy

Last updated: December 2025

1. Introduction

This application is provided by the United Nations Office at Nairobi (UNON) ICT Services. The system supports secure internal operations including user authentication, QR code generation, visitor management, and related business processes.

Protecting your privacy is important to us. This policy explains the data we collect, how we use it, and how we safeguard your information.

2. Information We Collect

a. Identity Information
  • UN email address
  • First and last name
  • Organizational unit / department
  • Job title
  • User ID (from Azure Active Directory)
b. Authentication & Security Information
  • Login timestamps
  • IP address (for security auditing)
  • Multi-factor authentication details (via Entra ID)
c. Application Use Information
  • Generated QR codes
  • Form submissions
  • Uploaded documents
  • Audit trails
  • Actions performed within the system

3. How We Use Your Information

Your information is used strictly for legitimate UN operational purposes, including:

  • Verifying your identity and granting secure access
  • Providing system services and processing requests
  • Generating and managing QR codes
  • Monitoring and improving system performance
  • Security monitoring and audit logging

No information is used for external advertising or commercial profiling.

4. Data Storage & Security

Your data is stored securely using UN-managed cloud infrastructure, including:

  • Azure SQL Databases (encrypted at rest and in transit)
  • Azure Active Directory authentication
  • Azure Key Vault–secured secrets
  • HTTPS encryption
  • Role-based access controls

Audit logs are maintained to ensure accountability and system integrity.

5. Who Has Access to Your Data

Access is strictly limited to authorized personnel:

  • UNON ICT Services technical staff
  • System administrators
  • Support teams handling troubleshooting or service requests

All access is controlled and logged. Data is never shared with external parties unless required by UN mandates.

6. Data Retention

We retain data only as long as required for operational, audit, and compliance reasons. Retention periods vary depending on the type of data and applicable UN administrative policies.

7. Cookies

This site uses cookies solely for technical and security purposes:

  • Maintaining your authenticated session
  • Anti-forgery protection
  • Ensuring secure application interactions

No tracking or advertising cookies are used.

8. Your Rights

You may request:

  • Access to your personal data
  • Correction of inaccurate information
  • Removal of certain data (subject to UN policies)

Requests may be submitted through your UN ICT Service Desk or system focal point.

9. Changes to This Policy

This Privacy Policy may be updated to reflect system changes, policy updates, or security improvements. Any modifications will be posted on this page with an updated revision date.

10. Contact

If you have questions about this Privacy Policy or how your data is used, please contact:

UNON ICTS – Data Services & Solutions
Email: unon-ibsdata@un.org
United Nations Office at Nairobi

This privacy notice applies to internal UN systems and authorized UN users only.