Effective: 16 December 2019
INFORMATION WE COLLECT
The Site’s web servers collect standard internet log information during user visits to the Site. This information is used to assist with troubleshooting issues with the Site including performance and security related functions. In addition to server logs, the Site also uses the Google Analytics service to help us assess how users access and utilize the Site by collecting bits of information such as statistical usage and telemetry information including an anonymized version of your IP address. This information is used to create aggregate statistics about the operation and use of the Site such as when the Site is accessed, the pages which refer visitors to the Site, and other information that helps us understand how the Site is used and how it might be improved in the future.
Like many services, Google Analytics uses first-party cookies to track user interactions as in our case, where they are used to collect information about how users use our Site. This information is used to compile reports and to help us improve our Site. The reports disclose website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our Site – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.
In general, when you visit the Site we only incidentally collect such information as your IP address and/or information about your browser or computing device that enables us to provide you with access to the Site and appropriate content. There are pages, however, on which you need to provide additional Personal Data to register, make a donation, contact us, request news and updates, or conduct other transactions via the Site.
Such Personal Data will include:
- name, address, website address, social media handle, and contact information;
- organization (including the organization’s name, website, phone number, and address), fields of work, languages and location;
- the results of any questionnaires that you agree to respond to.
HOW WE USE THE PERSONAL DATA WE COLLECT
As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organization, we will use your information to: process donations, provide requested information about our organization, evaluate employment candidates, evaluate Fellow candidates, respond to requests for information or connections with EMAUA staff, and process questionnaire responses submitted by you. We will also use the Personal Data we collect to improve the Site and to ensure the Site’s content is presented in the most effective manner for you and your device; administer the Site, and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes, or to keep the Site safe and secure.
With your consent, we will use your Personal Data to send you information that we think will be relevant to you, including newsletters and marketing information. You may revoke this consent at any time by using any such provided “unsubscribe” link or by contacting us at firstname.lastname@example.org.
We will share Personal Data with our partners, affiliates, consultants, and providers. Our agreements with these entities require that they keep your Personal Data confidential and only use your Personal Data to the extent necessary to perform their functions and not for any other purpose. We also contract other companies and individuals (collectively Service Providers) to perform functions on our behalf:
We will take reasonable steps to ensure that these Service Providers keep your Personal Data confidential and only use your Personal Data to the extent necessary to perform their functions and not for any other purpose.
Donations that are made to EMAUA on the Site are processed using a third-party payment system. Credit/Debit card details will be retained by the party providing the payment services and its affiliated bank as deemed necessary by them to process the payment for your donation. Your Credit/Debit card details will be retained by the processor for future transactions only upon your authorization. If you later decide that you do not want such information stored, you may contact us at email@example.com and we will coordinate with the processor to remove such information.
HOW LONG DO WE STORE YOUR PERSONAL DATA?
We will retain your information as follows:
- technical data (e.g., IP address, device information) incidentally collected when you visit the Site will be retained for 90 days;
- if you sign up for communications from us, we will keep your information until you unsubscribe after which we will retain only that information that will enable us to respect your unsubscribe preference;
- if you donate to us through the Site, we will keep your information to process your payment and to enable us to ensure that transactions can be appropriately processed, settled, refunded or charged-back, to help identify fraud and to comply with anti-money laundering and other laws and rules that apply to us and to our financial service providers.
At the end of the retention period we may store your information in an aggregated and anonymized format to help us understand historical behaviors and to enhance the Site.
Your Personal Data will be retained for longer if required by law or a court order and/or as needed to defend or pursue legal claims.
HOW WE SHARE YOUR PERSONAL DATA WITH THIRD PARTIES
Your Personal Data will be transferred to Service Providers located in jurisdictions other than your residence jurisdiction, in particular Switzerland and the USA, for the purpose of providing the services you request. We share your Personal Data with our Service Providers so that they can perform services on our behalf. We require our Service Providers to take appropriate technical and organizational measures to safeguard your Personal Data against loss, theft and unauthorized use, access, or modification.
For users in the EU, we ensure that adequate safeguards are in place when we export your Personal Data out of the EEA, including:
- Model Clauses: The Personal Data that we collect from you will be transferred to, and stored at/processed in the United States by Stripe for the purposes of processing credit card transactions and Form Assembly for the purposes of processing form data under the Commission’s model contracts for the transfer of personal data to third countries.
- Privacy Shield: The Personal Data that we collect from you will be transferred to, and stored at/processed by Google Analytics, Stripe (when making a donation) which comply with the US Department of Commerce’s EU-US Privacy Shield and have certified that they adhere to the EU-US Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. For more information about the EU-US Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield website.
Except as provided herein, we will not sell any Personal Data that you provide through the Site without your prior written consent.
We will share your information with law enforcement agencies, public authorities, or other organizations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
- comply with a legal obligation, process or request;
- enforce our terms and conditions and other agreements, including investigation of any potential violation thereof;
- detect, prevent or otherwise address security, fraud or technical issues; or
- protect our rights, property or safety, or those of our users, a third party, or the public as required or permitted by law (including exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction).
The Service is not intended for use by children under the age of 18, and we do not knowingly collect Personal Data from such children. If we become aware that we have unknowingly collected Personal Data from a child under the age of 18, we will make all reasonable efforts to delete such information from our database. If you become aware that we have unknowingly collected Personal Data from a child under the age of 18, please contact us immediately at firstname.lastname@example.org.
The security of your Personal Data is important to us. We use appropriate technical and organizational measures to safeguard your Personal Data against loss, theft, and unauthorized use, access or modification. We encrypt information submitted to and presented by the Site using Transport Layer Security (TLS) technology. By encrypting this data, TLS attempt to prevent anyone from reading it as it travels across the Internet. Unfortunately, the transmission of information via the internet or email is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your information transmitted through the Site or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organizational measures to safeguard your Personal Data against loss, theft and unauthorized use, access or modification.
You have the right to access the Personal Data that we hold about you. To the extent permitted by applicable law, you also have the right to request the correction or deletion of your Personal Data, to require us to stop processing the Personal Data except for storage purposes in certain circumstances and to obtain a copy of your Personal Data in a commonly used, machine-readable format. You can exercise these rights by contacting us at email@example.com. We may refuse your request for correction or deletion of your Personal Data where its retention is necessary, for example in the context of a legal dispute or as required by law.
Where you have provided your consent for us to process your personal data, you can withdraw your consent at any time by contacting us at firstname.lastname@example.org.
At any time you have the right to object to our processing of Personal Data about you in order to send you marketing, including where we build profiles for such purposes, and we will stop processing the Personal Data for that purpose.
In the event that you wish to make a complaint about how we process your Personal Data, please contact us in the first instance at email@example.com and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.
If you have any questions, concerns, or complaints about our use of your Personal Data, or would like to request access to, correction, or deletion of, your Personal Data, please address them to:
EMAUA Switzerland Association
Chemin de la Poste 10
You may also reach our data privacy team via email at firstname.lastname@example.org.