Apply For Scholarship

Privacy Policy

Last updated: February 28, 2026

BUCABUMA – Building Capacity in Circular Natural Building Materials using Frugal Digital and Traditional Engineering Innovations

Effective Date: 28/02/2026
Last Updated: 28/02/2026

Introduction

The BUCABUMA Project (Building Capacity in Circular Natural Building Materials) is an international academic and research initiative coordinated by Kwame Nkrumah University of Science and Technology (KNUST).

BUCABUMA is committed to protecting personal data and ensuring compliance with applicable data protection laws, including:

  • Regulation (EU) 2016/679 – General Data Protection Regulation (GDPR)

  • Regulation (EU) 2018/1725 applicable to EU institutions and bodies

  • Relevant national data protection laws

  • EU-funded project data protection and audit requirements

This Privacy Policy explains how personal data is collected, processed, stored, protected, and shared through the BUCABUMA:

  • Public Website

  • Scholarship & Application Management Portal

  • Administrative & Management Portal

Data Controller

For the purposes of GDPR and applicable EU regulations:

Data Controller:
BUCABUMA Project
Coordinated by Kwame Nkrumah University of Science and Technology (KNUST)
Kumasi, Ghana

Where required by EU funding agreements, the project may cooperate with relevant EU institutions or funding agencies in accordance with Regulation (EU) 2018/1725.

Categories of Personal Data Collected

BUCABUMA processes only data that is necessary and proportionate for the performance of its activities.

3.1 Website Visitors

  • IP address

  • Browser type and version

  • Device information

  • Pages visited and usage statistics

  • Cookies and analytics data

3.2 Scholarship Applicants

  • Full name

  • Contact details (email, phone number, address)

  • Date of birth

  • Nationality

  • Academic qualifications

  • CV and supporting documents

  • Identification documents (where required)

  • Application responses

  • Evaluation scores and review comments

  • Communication records

3.3 Administrative Users

  • Name

  • Institutional affiliation

  • Contact information

  • Role-based access credentials

  • System activity logs

3.4 Communication Data

  • Email correspondence

  • Helpdesk or support inquiries

  • Notifications and system alerts

Legal Basis for Processing

Personal data is processed under the following lawful bases pursuant to Article 6 GDPR:

  • Consent – where explicitly provided (e.g., application submission)

  • Performance of a contract – scholarship administration

  • Legal obligation – compliance with funding, audit, and reporting requirements

  • Public interest task – educational and research capacity building

  • Legitimate interests – system security, fraud prevention, quality improvement

Special categories of data (if applicable) are processed in accordance with Article 9 GDPR and only when strictly necessary.

Purpose of Processing

Personal data is processed for the following purposes:

  • Managing scholarship applications

  • Evaluating and shortlisting candidates

  • Communicating application status

  • Generating reports for institutional and donor compliance

  • Maintaining audit trails

  • Ensuring system security

  • Monitoring performance and usage

  • Supporting research dissemination and project visibility

No personal data is used for commercial advertising.

Data Minimization and Paperless Policy

BUCABUMA operates under a strict “Without Paper” (Paperless) Policy.

  • Only necessary data is collected.

  • All processes are conducted digitally.

  • Data is structured within a normalized relational database.

  • Redundant or excessive information is not retained.

Data Retention

Personal data is retained only for as long as necessary to:

  • Complete scholarship evaluation cycles

  • Fulfill contractual and funding obligations

  • Satisfy audit and reporting requirements

  • Comply with EU and institutional retention policies

After the retention period expires:

  • Data will be securely deleted, or

  • Anonymized for statistical or research purposes

Data Security Measures

BUCABUMA implements technical and organizational measures aligned with EU Agency cybersecurity best practices, including:

  • HTTPS/SSL encryption

  • Encryption of sensitive data at rest where applicable

  • Role-based access control (least privilege principle)

  • Multi-layer authentication mechanisms

  • Secure hosting environment

  • Protection against CSRF, XSS, SQL injection

  • Regular system updates and security patching

  • Backup and disaster recovery procedures

  • Audit logs and system activity monitoring

Access to personal data is restricted strictly to authorized personnel.

Data Sharing and Transfers

Personal data may be shared with:

  • Authorized project evaluators

  • Institutional partners

  • EU funding bodies (where required for reporting or audit)

  • Hosting and IT service providers (under Data Processing Agreements)

International Transfers

Where data is transferred outside the European Economic Area (EEA), appropriate safeguards are implemented, including:

  • Standard Contractual Clauses (SCCs)

  • Institutional agreements

  • Secure technical controls

No personal data is sold to third parties.

Automated Decision-Making

BUCABUMA does not rely solely on automated decision-making.

While automated scoring tools may assist in organizing applications, final scholarship decisions are made by qualified human evaluators.

Data Subject Rights

Under GDPR, individuals have the right to:

  • Access their personal data

  • Rectify inaccurate data

  • Request erasure (“Right to be Forgotten”)

  • Restrict processing

  • Object to processing

  • Data portability

  • Withdraw consent at any time

Requests may be submitted to the BUCABUMA Project Coordinator via official contact channels published on the website.

Individuals also have the right to lodge a complaint with a competent Data Protection Authority (DPA) within the EU.

Cookies and Tracking

The website may use:

  • Essential cookies (required for system functionality)

  • Analytics cookies (for performance monitoring)

Users may manage cookie preferences through their browser settings.

No profiling for advertising purposes is conducted.

Children’s Data

Scholarship applicants must meet eligibility criteria.
Where minors are involved, parental or legal guardian consent will be required in accordance with GDPR Article 8.

Intellectual Property and Confidentiality

All scholarship applications, evaluation materials, and internal communications are treated as confidential and processed strictly for official project purposes.

System access is monitored and logged.

Breach Notification

In the event of a personal data breach:

  • The incident will be assessed immediately.

  • Where required, supervisory authorities will be notified within 72 hours.

  • Affected individuals will be informed if the breach poses a high risk to their rights and freedoms.

Changes to This Privacy Policy

This Privacy Policy may be updated periodically to reflect:

  • Regulatory changes

  • Funding requirements

  • System upgrades

The latest version will always be published on the official BUCABUMA website.

Contact Information

For privacy-related inquiries, data access requests, or concerns:

BUCABUMA Project Coordination Office
Kwame Nkrumah University of Science and Technology
Kumasi, Ghana

Email: info@bucabuma.org
Website: www.bucabuma.org

Declaration

BUCABUMA affirms its commitment to responsible data governance, transparency, accountability, and full alignment with EU data protection principles in the management of its digital systems and scholarship processes.

Was this information helpful?