We collect only what we need to operate the website, receive submissions, communicate with contributors, preserve provenance, and protect the archive.
Privacy Policy
Website Privacy & Archive Data Policy for Mahaldheeb Scoutun Project Digital Archive. Built for historical preservation, contributor trust, and responsible public access.
Archive-first, privacy-conscious.
We preserve history carefully. Some archival items may contain personal data, images of identifiable people, names, group records, dates, locations, captions, or recollections.
We may restrict, redact, contextualise, or remove material where appropriate, but historical records are not automatically erased when preservation is necessary.
We treat minors and living persons with special care and prohibit scraping, facial recognition, profiling, harassment, doxxing, or misuse of archive materials.
Formal notices should be sent by email so the archive team can record, assess, and respond properly.
About this Privacy Policy
This Privacy Policy applies to the Mahaldheeb Scoutun website, the Project Digital Archive, and related contribution, communication, review, preservation, and publication activities operated by the archive team. It explains how we collect, use, preserve, publish, restrict, share, and protect personal information. It also explains how people may ask us to review material that concerns them, including historical records, photographs, names, captions, oral-history information, submissions, and metadata. This policy should be read together with our Terms of Use & Legal Policy, Copyright and Takedown Policy, Contributor Agreement, Cookie Notice, and any collection-specific access notice. If there is a conflict between this Privacy Policy and a written agreement signed by the archive team, the signed agreement applies to that specific contribution or collection.
Who we are
Mahaldheeb Scoutun is a Project Digital Archive initiative created to document, preserve, and share the heritage of Scouting in the Maldives. It is managed by the 14th Malé Rover Crew and endorsed by The Scout Association of Maldives. In this policy, "we", "us", "our", "Archive", "Archive team", and "Mahaldheeb Scoutun" refer to the team responsible for operating the website and managing the digital archive. Our formal contact channel for privacy, legal, rights, correction, and takedown matters is set out in section 24. We operate as a heritage and documentation initiative rather than a commercial data broker. We do not sell personal information.
The nature of this archive
The Archive contains historical and contemporary materials about Scouting in the Maldives, including photographs, documents, event records, project records, scouting group information,
veteran stories, oral histories, training materials, exhibition content, community-submitted materials, and metadata used to describe those items. Preserve broadly, publish selectively. Receiving, storing, scanning, cataloguing, or preserving an item does not mean every item will be published online. We may keep internal preservation copies, restrict public access, blur or redact details, apply content warnings, add context, or decline publication. Some archive materials may be rare, irreplaceable, sensitive, or not held elsewhere. Removing all traces of a record may damage the historical record. For that reason, privacy requests are assessed carefully and may result in restriction, redaction, correction, annotation, de-indexing, delayed publication, or removal, depending on the facts. Publication by the Archive is not intended to embarrass, exploit, defame, profile, or target any individual. Materials are provided for historical, educational, cultural, documentation, research, and public-interest purposes.
Privacy principles we follow
Although the Maldives does not yet have a single comprehensive general data-protection law equivalent to the EU GDPR, we voluntarily follow recognised privacy and archive-governance principles where practical and appropriate. Purpose limitation: we use personal information for clear archive, operational, communication, rights-management, security, and legal purposes. Data minimisation: we avoid collecting unnecessary contact, identity, or sensitive details. Accuracy and context: we aim to preserve names, dates, captions, and provenance accurately and allow corrections where supported by evidence. Security: we restrict internal access to non-public records and use reasonable technical and organisational safeguards. Respect for dignity: we consider privacy, family life, reputation, children and youth protection, cultural sensitivity, and risk of harm. Accountability: we keep records of submissions, rights decisions, takedown reviews, and publication restrictions where necessary to protect the Archive and affected people. Where laws such as the GDPR, UK GDPR, CCPA/CPRA or other foreign privacy rules apply because of a particular user, visitor, service provider, or activity, we will consider those requirements in good faith and may provide additional rights or notices where legally required.
Information we collect
The information we collect depends on how you interact with the Archive. These categories help explain what may be collected and why it may be needed.
Contact information
Examples: Name, email address, phone/WhatsApp, Instagram handle, organisation, and role.
Why it may be needed: Used to respond to questions, submissions, rights requests, corrections, and notices.
Contribution information
Examples: Contributor name, relationship to material, source, permission details, captions, dates, locations, and descriptions.
Why it may be needed: Used to verify provenance, classify rights, preserve context, and attribute contributions.
Archive subject information
Examples: Names, images, roles, group membership, event participation, achievements, public Scouting history, and oral-history details.
Why it may be needed: Used to document historical records and Scouting heritage.
Technical information
Examples: IP address, browser/device type, pages viewed, timestamps, referral URL, cookies, and analytics identifiers.
Why it may be needed: Used to operate, secure, improve, and measure the website.
Legal and request records
Examples: Rights claims, takedown requests, evidence of identity or authority, correspondence, decisions, and counter-notices.
Why it may be needed: Used to review disputes, maintain accountability, and protect the Archive from legal claims.
We do not intentionally collect payment-card data, government identity numbers, health records, precise live location, biometric identifiers, or other highly sensitive information through ordinary website use. If such information appears inside historical materials, we assess whether to redact, restrict, or withhold it.
Archival materials and embedded personal data
Archive materials may contain personal data because they document real people, real events, and real institutions. Examples include photographs of Scouts or leaders, names in reports, award lists, captions, signatures, handwritten notes, letters, event rosters, group histories, interviews, and metadata attached to digital files.
We handle such information differently from ordinary website contact data. Contact data is usually private and operational; archival data may be preserved because it forms part of the historical record. We may therefore keep archival data where necessary for: historical documentation and cultural heritage preservation; education, research, exhibition, public-interest storytelling, and community memory; authenticity, provenance, attribution, copyright and rights-management records; defending the Archive against inaccurate claims or legal complaints; and compliance with lawful requests, legal obligations, or dispute-resolution processes. Where privacy risks outweigh the value of open publication, we may preserve a non-public copy while restricting the public version.
Minors, youth members and living persons
Scouting is a youth movement. Many photographs and records may show children, young people, volunteers, leaders, parents, school communities, and living individuals. We treat these materials with additional care. We review materials showing identifiable minors or vulnerable persons before publication. We may blur faces, crop images, remove names, restrict download quality, add content warnings, publish only group-level context, or withhold an item. We avoid publishing unnecessary contact details, private addresses, personal numbers, private messages, sensitive family details, or information that creates safety risks. Parents, guardians, affected individuals, family representatives, or community representatives may ask us to review material concerning them or a minor. Visitors may not use the Archive for facial recognition, biometric analysis, identification, profiling, harassment, doxxing, targeting, or commercial exploitation of identifiable people. We balance privacy with historical, cultural, educational and public-interest value. Not every request will lead to full removal, but every credible request will be reviewed.
How we collect information
We may collect personal information directly from you, from people who submit materials, from publicly available historical sources, from scouting groups or project partners, and from the website's technical systems. Directly from you: when you contact us, submit materials, complete a form, send email, message us on social media, or make a privacy or rights request. From contributors: when a donor or contributor provides photographs, documents, captions, or stories that mention other people. From public or semi-public sources: where the information is already part of scouting history, public events, published documents, public social media, newspapers, newsletters, reports, or exhibition material. Automatically: through hosting logs, analytics tools, cookies, security tools, and ordinary browser/device information. We ask contributors not to submit confidential, private, or sensitive information unless they have proper authority and it is necessary for preservation.
Why we use information
We use personal information for the purposes below. Depending on the law that applies, these purposes may correspond to consent, legitimate interests, public-interest archiving, legal obligation, contract, or protection of vital interests. PURPOSES OF USE PURPOSE
EXAMPLES
Operate the Archive
Maintain the website, forms, submission channels, catalogues, search functions, backups, and internal workflows.
Preserve history
Store, digitise, describe, organise, authenticate, and preserve archive items and metadata.
Publish selectively
Display appropriate materials online with captions, rights labels, context notes, and access restrictions.
Communicate
Reply to contributors, researchers, rightsholders, families, partners, sponsors, and affected people.
PURPOSE
EXAMPLES
Review rights and privacy
Assess ownership, consent, privacy, takedown, correction, attribution, and restriction requests.
Protect the Archive
Prevent abuse, scraping, unauthorised access, security incidents, impersonation, false claims, and legal risk.
Report and improve
Understand website usage, improve accessibility, fix errors, plan exhibitions, and report project impact in aggregated form.
We do not use personal information to sell targeted advertising profiles, and we do not sell personal information.
Cookies, analytics and technical logs
The website may use cookies, local storage, analytics, performance tools, security logs, and similar technologies to operate the site, remember preferences, understand traffic, and protect against misuse. Technical logs may include IP address, device and browser information, pages visited, dates and times, referring pages, approximate location derived from IP address, and error/security events. We use this information to maintain the website, diagnose problems, prevent abuse, and understand which resources are useful. You can usually control cookies through your browser settings. Blocking some cookies may affect how the website functions. We do not permit visitors to scrape, crawl, bulk-download, facially recognise, re-identify, profile, or create datasets from people shown in archive materials without written permission.
Contributions and user-submitted materials
When you submit photographs, documents, stories, captions, links, audio, video, or other materials, we collect information necessary to evaluate, preserve, describe, and manage those materials. This may include your name, role, contact information, relationship to the material, ownership or permission details, context, and any restrictions you request. By submitting material, you confirm that the information you provide is accurate to the best of your knowledge and that you have the right or authority to share the material for archival
review. Where material concerns living individuals, minors, private family matters, confidential records, or sensitive community information, you should tell us clearly so we can decide whether to restrict, redact, or withhold it. Your contact details are not normally published. Your name may be published as a contributor, donor, photographer, interviewer, witness, or source only where appropriate and where doing so supports attribution, provenance, transparency, or rights management.
Publication and access controls
We may classify material into different access levels. These levels allow us to preserve important material without automatically exposing it to unrestricted public use.
Public
Visible on the website with appropriate context, rights label, and citation information.
Limited public
Published with redactions, lower-resolution images, disabled downloads, blurred faces, partial captions, or content warnings.
Research review
Not openly published; access may be considered for approved research, rights review, family verification, or archive administration.
Restricted
Preserved internally but withheld from public access due to privacy, minors, safety, cultural sensitivity, rights, confidentiality, or legal concerns.
Embargoed
Held until a specified date, event, permission, or review condition is satisfied.
Access decisions may change over time as new information, legal claims, privacy concerns, or historical context becomes available.
Storage, security and confidentiality
We use reasonable technical and organisational safeguards to protect personal information and restricted materials. These may include access controls, trusted cloud storage, limited editor access, password-protected accounts, backups, role-based permissions, review workflows, and internal guidance for volunteers. Only authorised team members should access restricted records where access is necessary for archive work.
We aim to keep contribution records, rights decisions, takedown correspondence, and sensitive review notes in controlled systems. We ask team members and volunteers to handle non-public information confidentially. We may remove access from a team member or partner when their role changes or access is no longer needed. No website or storage system is completely secure. We cannot guarantee absolute security, but we work to reduce risk and respond responsibly to incidents.
Retention of information
We keep personal information only as long as necessary for the purposes described in this policy, unless a longer retention period is required or justified for archival, historical, legal, rights-management, security, or dispute-resolution purposes.
Kept long enough to respond, manage follow-up, and protect against repeated or abusive claims.
Kept as long as the submitted material is preserved, because provenance and permission records protect the Archive and contributors.
Kept while the item remains part of the Archive, subject to correction, restriction, or removal review.
May be kept long-term for historical, research, rights-management, or legal accountability reasons.
Kept for a limited period needed for security, analytics, debugging, and abuse prevention, unless needed for an investigation.
Kept as long as needed to evidence decisions, prevent repeated disputes, and defend the Archive.
A deletion request may lead to deletion of operational contact data while a restricted rights-management record is retained to document why an archive item was changed, restricted, or removed.
Sharing and disclosure
We share personal information only where needed for archive purposes, website operation, legal review, rights management, security, or lawful cooperation. Team members and authorised volunteers: to review, catalogue, publish, restrict, or respond to archive matters. Service providers: hosting, cloud storage, email, forms, analytics, security, design, and communication tools. Project partners: where needed for verification, exhibition, documentation, or approved collaboration. Rightsholders or affected people: where necessary to assess a claim, verify authority, or resolve a dispute. Legal advisers, insurers, authorities, or courts: where necessary to comply with law, protect rights, respond to legal process, or defend the Archive. We may publish contributor names, photographer credits, interview credits, institutional sources, and historical subject information where appropriate for attribution and context. We do not normally publish private contact details.
International transfers and providers
The Archive may use service providers located outside the Maldives or operating international infrastructure. These may include website hosting, cloud storage, email, forms, analytics, social media, messaging, file transfer, backup, and collaboration services. Where information is processed outside the Maldives, it may be subject to the laws of other countries. We select providers in good faith and expect them to use appropriate security and privacy protections. Where legally required, we will consider appropriate safeguards such as contractual commitments, provider privacy terms, data-processing terms, access controls, and minimisation. The specific providers we use may change as the Archive develops. Current examples may include Google services, Meta services such as WhatsApp or Instagram, website hosting providers, analytics providers, and communication tools.
Your privacy rights and requests
You may contact us to request access, correction, clarification, restriction, redaction, withdrawal of consent where applicable, deletion of operational contact data, or review of material that concerns you. To protect the Archive and prevent fraudulent requests, we may ask for information reasonably needed to identify the item, verify your identity or authority, understand the basis of your request, and assess whether the requested action is appropriate. We may refuse or limit a request where necessary to protect historical integrity, public-interest archiving, legal claims, the rights of others, freedom of expression, child protection, safety, security, or the integrity of rights-management records. Where we do not fully grant a request, we aim to explain the main reason. A request relating to a historical item may be resolved by correction, restriction, redaction, contextual note, attribution update, de-indexing, access limitation, temporary withdrawal, or removal. Full erasure is not the only remedy.
Correction, restriction and takedown
If you believe material is inaccurate, misattributed, private, harmful, unlawfully published, culturally sensitive, or unsafe, you may ask us to review it. Include the item link or identifier, your relationship to the item, the issue, supporting evidence, and the outcome you are seeking. We may temporarily hide or restrict material while reviewing a serious request. We may also contact the contributor, photographer, scouting group, rightsholder, family representative, or relevant project partner where appropriate. Possible outcomes
correcting a name, date, location, caption, or attribution; adding a contextual note or content warning; blurring, cropping, redacting, or reducing image resolution; removing search/index visibility while keeping a preservation copy; moving an item to restricted or research-review access; temporarily withdrawing an item while rights or privacy issues are assessed; or removing an item where publication is inappropriate or unlawful.
We do not guarantee automatic removal on demand. We promise a fair, reasoned review that considers privacy, dignity, safety, historical value, rights, evidence, and applicable law.
Copyright, ownership and privacy overlap
Privacy and copyright are different legal issues. A person shown in a photograph may have privacy or dignity concerns, while copyright may belong to the photographer, employer, publisher, estate, association, or another rightsholder. Hosting, scanning, describing, or preserving an item does not automatically mean the Archive owns copyright in that item. Copyright, ownership, permission, moral rights, commercial reuse, takedown notices, counternotices, and use of archive materials are primarily handled under our Terms of Use & Legal Policy, Copyright and Takedown Policy, and collection-specific rights labels. However, when a copyright complaint also raises privacy, safety, child-protection, or reputational concerns, we may review it under this Privacy Policy too. If a third party claims that material belongs to them, our first response is to assess evidence, restrict access where appropriate, preserve the dispute record, and decide whether correction, attribution, restriction, licensing clarification, counter-notice, or removal is justified.
Children's privacy
The website is intended for general audiences interested in Maldivian Scouting history. We do not knowingly ask children to provide more personal information than necessary. If a child contacts us, submits material, or appears in material submitted by someone else, we may restrict processing or seek parent, guardian, group, or authorised adult input where appropriate. Parents and guardians may contact us to ask about material involving a child. We may ask for information to verify the relationship and the specific material concerned. Historical photographs of youth members may still be preserved where they form part of the record of Scouting, but public access may be limited if there is a privacy, dignity, safety, or child-protection concern.
Security incidents
If we become aware of a security incident involving personal information or restricted archive materials, we will assess the incident, take reasonable steps to contain it, preserve evidence where needed, reduce harm, and decide whether affected people, service providers, partners, authorities, or advisers should be notified. As a voluntary benchmark, we aim to make an initial assessment within 72 hours of becoming aware of a serious incident, although the actual timing may depend on available information, technical access, volunteer capacity, and legal advice.
External links and social platforms
The website may link to external websites, documents, videos, social media pages, and thirdparty resources. We are not responsible for the privacy practices, security, accuracy, or content of websites and platforms we do not operate. If you interact with us through Instagram, WhatsApp, email providers, Google services, or other third-party platforms, those platforms may collect and use information under their own terms and privacy policies.
Changes to this policy
We may update this Privacy Policy as the Archive grows, as our systems change, as new contribution or publication workflows are introduced, or as Maldivian and international privacy law develops. The current version will be published on the website with its version number, effective date, and review date. Material changes may be highlighted on the website or communicated to affected contributors where appropriate.
How to contact us
For privacy, legal, rights, correction, restriction, and takedown matters, please contact the Archive team. Email is our designated channel for formal notices because it allows us to record and track requests properly.
This policy is designed as a strong publication-ready privacy framework for the Mahaldheeb Scoutun Project Digital Archive. Because privacy, copyright, archive law, child protection, and online liability can change, the Archive should obtain review by a Maldivian legal adviser before relying on it for contested legal matters.
Request checklist
To help us process a privacy, correction, restriction, or takedown request, please include the following where possible: your full name and preferred contact details; the exact item link, page, filename, screenshot, or archive identifier; your relationship to the person, image, document, or rights involved; the reason for the request, such as privacy, child protection, accuracy, reputation, copyright, confidentiality, cultural sensitivity, or safety; supporting evidence, such as proof of authorship, permission, identity, guardianship, family relationship, event details, or corrected information; the outcome you are seeking, such as correction, attribution update, redaction, restriction, de-indexing, temporary withdrawal, or removal; and whether the issue is urgent and why. We may be unable to act on vague or unsupported requests, but we will try to guide you toward the information needed for a fair review.
B
Internal data map
This internal map is included to help the Archive team operate consistently.
Restrict inbox access; label legal/privacy requests; retain
Regular review, permission, contributor contact, and proposed
Rights label before publication
Historic before publication; consider cropping, blurring, low-resolution access, or restriction
Remove hidden EXIF or private device metadata unless needed for provenance and kept restricted
Needed for provenance and kept restricted
Keep consent, evidence, decision, and action log in a scoped manager/legal record
Controlled folder / contact submissions
Review periodically and remove access when roles change
Use rights labels, content warnings, captions, and source notes where appropriate
Prepared by: Mahaldheeb Scoutun Project Digital Archive. Review: Version 1.0 · Effective 27 June 2026.
Contact the Archive team
For privacy, legal, rights, correction, restriction, and takedown matters, email is the designated channel because it allows the team to record and track requests properly.