International Open University

> Privacy


The International Open University (‘IOU’) – The Gambia, formerly known as Islamic Online University collects and uses your personal data in order to provide its services to you. The IOU’s legal title is International Open University registered in The Gambia

When you initially get in touch with us through email or chat desk, we will create a record for you. We will add data to this record whenever you contact us, to respond to your queries or requests and/or to provide services to you. The IOU is the data controller and/or processor of your personal data. This means that the IOU decides how to use it and is responsible for looking after it in accordance with data protection legislation.

This document includes information required by the General Data Protection Regulation (EU Regulation 2016/679) and related data protection legislation.

Further information about what we do with your data is set out in the relevant privacy notice. Our main privacy notices are for Enquirers and Website UsersStudentsSupporters and Alumni.

Access to your personal data within the IOU will be provided to staff who need to view it as part of their work in connection with our business operations. It will also be shared with third parties for overall University’s statistical analysis and promotional activities.

References in our policies to your ‘personal data’, means any information that is about you and from which you can be identified, and by ‘processing’ of your personal data, we mean anything that we do with that information, including collection, use, storage, disclosure, deletion or retention.

We process your data for purposes arising from your use of the website. This processing occurs because it is necessary to meet our legitimate interests in operating and improving the website, analysing its use, and ensuring its security.

We will only use your data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another related reason and that reason is compatible with the original purpose. If we need to use your data for an unrelated purpose, we will seek your consent to use it for that new purpose.

We may share your data with third parties who provide services on our behalf. All our third party service providers are required to take appropriate security measures to protect your data in line with our policies. We do not allow them to use your data for their own purposes. We permit them to process your data only for specified purposes and in accordance with our instructions. We may also share your personal data with third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our website terms of use or to protect the rights, property or safety of our website, our users, and others. Where your data is shared with third parties, we will seek to share the minimum amount necessary.

We may store data collected by the website manually or electronically. The data is stored on our secure servers or on our cloud­based systems which are located in different regions in Europe and America.

Unfortunately, transmission of information over the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data transmitted to the website and any transmission is at your own risk.

Our website contains links to and from various third party websites. If you follow a link to any of those websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check the policies before you submit any personal data to those websites.

We will only retain your data for as long as we need it to fulfil our purposes, including any relating to accreditation, operational, legal, accounting, or reporting requirements.

Your Rights

This policy and the terms of use and any other documents referred to in it describe how we collect and process your personal information. Briefly, you have various rights regarding your personal data.

You have the right to:

  • access the personal information we hold about you -­ a “subject access request” enables you to receive a copy of your data and to check that we are lawfully processing it.
  • correct inaccuracies in the information we hold about you -­ enables you to ask us to correct any incomplete or inaccurate information we hold, though we may verify the accuracy of the new data you provide to us.
  • request erasure of your personal data – enables you to ask us to delete or remove your data under certain circumstances, for example, if you consider that there is no good reason for us continuing to process it, where we may have processed your information unlawfully or where we are required to erase your personal information to comply with the law. We may not always be able to comply with your request of erasure for specific reasons of which you will duly be informed.
  • request that we stop sending marketing communications to you.

You may also have the right to:

  • restrict the processing of your personal data in certain ways – you may request that we suspend the processing of your personal data, firstly, if you want us to establish the data’s accuracy;; secondly, where our use of the data is unlawful but you do not want us to delete it;; thirdly, where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims;; or fourthly, you have objected to our use of your data but we need to verify whether we have overriding legitimate reasons to use it.
  • obtain a copy of your personal data in a filing system
  • object to certain processing of your personal data by us – where we (or a third party) are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground as feel it impacts on your rights and freedoms. In certain situations, we may assert that we have compelling legitimate grounds to process your data which override your rights and freedoms.
  • request a transfer of your data to a third party – we will provide to you, or a third party on your behalf, your personal information in a structured, commonly used, machine readable format. This right only applies to automated data which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent where we are relying on consent to process your personal data – but this will not affect the lawfulness of processing carried out before you withdraw consent. If you withdraw your consent, we may not be able to provide certain services or products to you. Should this happen, we will advise you at the time you withdraw your consent.
  • request a review by a human of any automated decision.

For information about your rights or in order to exercise those rights, you may contact the IOU’s Data Protection Officer whose details appear below.

If you have concerns about the way your personal data is processed, you could write to our Data Protection Officer for assistance. Any grievances raised would tried to be resolved in an amicable manner.

Enquirers and registered website users

For information about how we use information of an enquirer or as a registered website user, please see our Enquirers and Website Users Privacy Notice.


We will collect and use information about registered students in connection with their studies, and we will keep long term academic/transcript data. For further information, please see our Students Privacy Notice.

Supporters and Alumni

The IOU maintains records on supporters of the IOU, and individuals who have been identified as possible supporters of the IOU as well as alumni (those who have completed an IOU qualification). Please see the Supporters and Alumni Privacy Notice.


The IOU website uses cookies to distinguish you from other users. This helps the IOU to provide you with a good experience when you browse the website and also allows us to improve the website.

We will automatically collect, store, and use the following categories of data when you browse and search our website, if you have consented to our use of cookies:

  • device/ technical information, for example the type of device you use to access our website, the IP address used to connect your device to the Internet, your login information, browser type and version, browser versions, operating system and platform; and
  • information about your visit to our website including the full URL, clickstream to, through and from the website, pages viewed, page response times, length of visits to certain pages, page interaction information (such as scrolling and clicks), and methods used to browse away from a page.

For further information, please see our Cookies Policy.

Contact the Data Protection Officer

If you have any questions about our data protection policies, then please contact our Data Protection Officer:


Post: Data Protection Officer, Student Affairs Division.

This document will be updated in order to ensure that it complies with data protection legislation.