The Identification of Poor Households (IDPoor) mechanism, established in 2006 within the Ministry of Planning (MOP), is part of the Government of the Kingdom of Cambodia’s ongoing efforts to reduce poverty and support socioeconomic development throughout the country. Being the Government’s mandatory standard tool for targeting pro-poor measures in the country, the programme provides regularly updated information on poor and vulnerable households to a large number of Government and non-governmental agencies to help them target services and assistance to the poorest and most vulnerable persons.
For this overarching purpose, access to the IDPoor platform requires the storage of personal data. MOP-IDPoor takes the protection of personal data very seriously. This declaration explains what personal data is stored and what it is used for.
Data is being collected and processed by the Ministry of Planning (MOP), New Building, 6th Floor, Room 606, Street 360, Boeung Keng Kong 1, Khan Boeung Keng Kong, Phnom Penh, Cambodia, in cooperation with sub-national implementers.
MOP runs three distinct online systems with regards to the IDPoor mechanism. The IDPoor website provides information on the IDPoor mechanism. The IDPoor Web system provides access to the IDPoor Management Information System (MIS), with various types of user accounts. Finally, the IDPoor Public App allows data subjects of the IDPoor MIS to view information related to their entries as well as to file complaints.
The type of information we collect
The following data will be collected of all users of the platform while using the platform:
- Session information (login-in and log-out time)
- Usage data (user interactions, creation/editing/deletion of entries/users/settings)
Furthermore, the following personal data will be stored of all registered users of the platform:
- First name and last name
- Email address and/or Telephone number
The following additional personal data will be stored of standard and advanced users:
- Organisation details (Name, address, telephone number and email address)
- Personal details of the responsible person (Title, Position in the organisation, telephone number)
Purpose and storage
This data is required for the purpose of ensuring the protection of data in the IDPoor MIS as well as managing and improving the platform. The data will be stored on Amazon Web Services (AWS) servers.
- The data will be used solely for the purpose of managing access to the database as well as monitoring access patterns to optimize and maintain the platform.
- The data will be used exclusively for the purposes described in the statement. Any other use will always be subject to further consent. Your data will not be used for advertising purposes.
- Session information will be additionally stored in the identity management system Keycloak (https://www.keycloak.org/). This enables MOP and its IT contractors to perform maintenance of the platform as all active sessions can be informed and terminated prior to maintenance down times. Session information is only stored temporarily and will be deleted when users close an active session (logout).
- Usage information will be additionally stored in the analytics tool Firebase (https://firebase.google.com/). This enables us to monitor and respond to malfunctions of the platform. Usage information are only stored temporarily and will be deleted after six months.
- Usage information may be additionally stored in the analytics tool Google Analytics (https://analytics.google.com/). This enables IDPoor to monitor and analyze traffic across the IDPoor systems in order to improve the platforms. This data is shared with other Google services and Google may use the collected data to contextualize and personalize the ads of its own advertising network.
Data security and transfers
- IDPoor uses appropriate technical and organisational measures to secure data against unintentional or intentional falsification, destruction, loss or access by unauthorised persons.
- Access to your personal data is restricted to MOP staff working for the IDPoor department and IT administrators who need to process it for the above-mentioned purposes, and who will handle the information you provide in a proper and confidential manner.
Rights of data subjects
You are entitled to enquire about your personal data, have the data corrected if necessary, and ask for processing to be restricted or data to be erased. The data will then be removed from the system. The consent given to use personal data can also be revoked at any time. This does not affect the lawfulness of processing up to the time of revocation.
In the case of revocation, it is not possible to use the platform. To restrict processing, delete data or to revoke consent, please send an email to: [email protected]
Should you have any questions or complaints relating to this statement or the processing, you can contact the person responsible for data protection at IDPoor at the following email address: [email protected]