Privacy Policy

The General Council for Islamic Banks and Financial Institutions (CIBAFI) values the privacy of its users and places utmost due care in the way personal information is held and treated. Accordingly, this privacy statement outlines the type of personal information that may be held from the users, the purposes for which it is held, and how that information is collected, stored, used, and disclosed.


1.1 CIBAFI is committed to the privacy of its website users (hereinafter "Users") and to complying with relevant law, including the European Union's General Data Protection Regulation ("GDPR"). This Privacy Policy describes how CIBAFI collects and uses personal data of its users.

1.2 The User acknowledges having read this information and authorizes CIBAFI to process, in accordance with the provisions of the Privacy Policy, their data.

1.3 For purposes of GDPR, the data controller is:

General Council for Islamic Banks and Financial Institutions Road 2811, Building 657, Block 428, Jeera Tower 3, Office 51 Manama, Bahrain

1.4 Any questions regarding the processing or use of data may be sent to

Information Collection and Use

What personal information does CIBAFI website collect about you?

CIBAFI website gathers and stores personal information that users provide through optional, voluntary registrations and submissions. The website does not collect any personally identifying information about the users except personal information that they specifically and knowingly provide. For instance, during registration as a member/trainee to the website, users must provide various forms of personally identifiable information such as name, country, phone number, email address, industry, job role, fax, address, invoicing information, etc.

In addition, when a user visits CIBAFI website, a record “log data” will be created, which is information that the browser automatically sends to a web analytic service such as the user’s computer Internet Protocol address, browser type, browser version, the pages of website visited, the time and date of visit, and the time spent on those pages.

Sensitive information about the user will not be collected without the user’s consent unless the law so requires its collection.

Means of Collection

Personal Information is collected mainly through registering on the website. Registration as a member/trainee is a requirement to have full access to the website and all resources therein. To complete registration, certain basic and contact information as described above is required from the user. Some information is mandatory (those marked with an Asterisks*) while the remaining are optional.

Where practical, we may also collect or receive information about users from other sources to ensure that the contact details we already hold for you are accurate and up to date.

No personally identifiable information is collected from visitors to our site who do not wish to register as users. However, if the visitor wishes to contact us or subscribe, the website enables them to send comments or forward recommendations. The visitor in such circumstances must provide certain personally identifiable information such as name, email address, country, and mobile number. This information will only be used should in case we need to get into contact with the visitors in response to his/her comments or recommendations. Please note that the information provided will not be sold to mass marketers without the user’s / visitor’s prior consent.

Cookies - A cookie is a small data file that certain websites store on your hard drive when you visit them for record-keeping purposes. A cookie file can contain information about your preferences on a particular site. The use of cookies is an industry-standard, and many major websites use them to provide useful features for their customers. Cookies do not personally identify users, although they do identify a user’s computer. A cookie cannot read data off your hard disk or read cookie files created by other sites. Most browsers are initially set up to accept cookies. If you prefer, you can set yours to refuse cookies. However, you may not be able to take full advantage of the website if you do so. You can also set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it or not.

Usage Tracking- CIBAFI website supports Do Not Track ("DNT"). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.

Google Analytics- CIBAFI website uses Google Analytics, which is a web analytics service, to gather data about the services accessed by CIBAFU website users and visitors to our website. The IP address of the data subject is abridged by Google and anonymized when accessing CIBAFI websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area (EEA).

Users may block Google Analytics by preventing the setting of cookies through CIBAFI website, as explained above, or by downloading and installing a browser add-on under the link Non-personal information, which is aggregated from tracking various uses of the website, is used to assist us in refining our services, to better serve our users and visitors, to enhance the users' experience on our website, and to improve the website’s performance. Again, this information will not be associated with any individual user and would not in any circumstances be sold to mass marketers.

Storage and Security

3.1 Where is your personal data stored?

CIBAFI stores all data on servers located in Bahrain and India.

3.2 How we protect your personal information?

CIBAFI will take all reasonable steps to protect the personal information collected from misuse, loss and unauthorized access, modification or disclosure using physical, electronic, and procedural safeguards. To keep electronic information secure, it will adopt a range of security measures.

CIBAFI endeavor to make sure that the personal information it holds is accurate, complete, and up to date. If CIBAFI is notified by the owner of the personal information that the same is not accurate, complete or up-to-date, we will take steps to ensure that it is duly corrected or the changes to the information noted.

If the user believes that the personal information held by us is incorrect, incomplete or inaccurate, the user may request amendment of the same by contacting us on

3.3 Personal Information no longer needed

CIBAFI will destroy personal information that is no longer needed for the purposes for which it was collected or if the information is no longer required by law to retain it, using secure methods to destroy or de-identify the information.

Communications and Marketing

Use of Personal Information

CIBAFI shall use personal information to send communication as well as market its products and services such as research papers, publications, surveys, and events among others, unless the user indicates that it does not wish to receive such communications.

CIBAFI will not use the information for any other purpose unless otherwise disclosed to the user at the time of collecting the information.

Opt-Out Policy

CIBAFI website gives users the option, wherever necessary and practical, to opt-out from the use of their personally identifiable information for secondary uses (those that are not necessary to complete a transaction on our website). Such choices include the option not to receive newsletters, publications, press releases, event announcements, and invitations.

Access to Personal Information

Data subjects in the European Union and Contracting States of the EEA have the right to request access to and rectification or erasure of their personal data, to restrict processing of their personal data or to object to processing. Data subjects also have the right to data portability, which is the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided. Data subjects also have the right to complain of a supervisory authority.


Privacy Policy Changes

This privacy statement states our current practices and policies and is effective as of May 25, 2018. If our practices change in the future, this statement will be updated and posted on this page so that you have the latest information on our data collection and use policies.

If you have any questions about this Privacy Policy, please contact us

Children Privacy

The Services are not directed to children under the age of 16 and we do not knowingly collect personal information from anyone under the age of 16. Where different age limitations apply, we comply with them.

Our Members