Privacy Policy

GDPR & Botswana Data Protection Act

GDPR is short for the General Data Protection Regulation. This is a landmark EU law that came into effect on 25 May 2018, replacing older legislation. It represents the biggest overhaul of data protection rules in over 25 years and introduces new, strict requirements for how organisations must handle personal data. The law states that all organisations in the European Union, or any organisation processing the personal information of EU citizens, must comply with the GDPR.


A similar approach has been adopted in Botswana. The country's Data Protection Act No. 18 of 2024 took effect on 14 January 2025, repealing the previous 2018 Act. This new law is closely based on the GDPR, and its requirements will be very familiar to anyone who understands the European rules. It applies to organisations both inside and outside Botswana if they offer goods or services to, or monitor the behaviour of, people in Botswana . While the principles are similar, a key difference is that the Botswana Act can impose prison sentences of up to 12 years for serious violations like unauthorised data use.

Personal Information

Under Botswana's law, "personal information" (or "personal data") is defined broadly as any information that can be linked to a living individual. The official definition is:

Information relating to an identified or identifiable individual, which individual can be identified directly or indirectly, in particular by reference to an identification number, or to one or more factors specific to the individual’s physical, physiological, mental, economic, cultural or social identity

When do we collect information?

When you "Send Us" an email from the website and when you respond to our "Expression of Interest" on our Portal, you are asked to enter a lot of information and attach documents, again when your are on our social media platforms you comment and send enquiries etc. Thats how we collect information from our users.

How do we use your information

We may use the information we collect from you in the following ways:

  1. To personalise user's experience and to allow us to deliver the type of content and service offerings in which you are most interested.
  2. To improve our website in order to better serve you.
  3. To allow us to better our service in responding to your customer service requests.
  4. To administer a contest, promotion, survey or other site feature.


How do we protect visitor information

Our website and web-portal is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

  1. We use regular Malware Scanning.
  2. We use an SSL certificate to protected user information.
  3. We do not use cookies for tracking purposes.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser's Help menu to learn the correct way to modify your cookies.

Third party disclosure

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.

Third party links

Occasionally, at our discretion, we may include or offer third party products or services on our website or web-portal. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

User notifications on privacy policy changes

Users will be notified of any privacy policy changes on our Privacy Policy Page. Users are able to change their personal information:


  1. By emailing us.
  2. By calling us.
  3. By chatting with us using our Live Chat or sending us a ticket.

Fair information practices

The Fair Information Practices Principles form the backbone of privacy law in Botswana and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur, we will notify the users via the website notification within 1 business day.

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.


Copyright © 2026 | Education Infrastructure & Management Company - EIMC.