Valid as of: 20.02.2023
Introduction
Charity Organization “Charitable Foundation “Dopomogator”, with registered address at: Ukraine, 01133, Kyiv, 26 Lesi Ukrainky blvd. (herein together referred to as “we”, “us”, “our”) respect and realize importance of protecting your privacy.
Protecting your data and using it only in the way our visitors expect from us is our highest priority. Thus, the following Privacy Policy is designed to inform you about the processing of your personal data and your rights regarding this processing according to applicable data protection laws.
We are the controller of your personal data, meaning that we are the organization that is legally responsible for deciding how and for what purposes your personal data is used and therefore, responsible for the data processing explained herein.
By using our website (https://dopomogator.org/) (the “Website”) you accept this Privacy Policy and give us your consent to the processing of your personal data described herein.
This Privacy Policy will also apply in other cases, where we make a specific reference to it, for example, in cases where we receive your personal data from third parties and are obliged to notify you about our use of your personal data.
How Your Data is Collected
We collect personal data from you:
- directly, when you enter your personal data on the Website or send us such information by other means, such as when you contact us or send us feedback; and
- indirectly, such as from your browsing activity while using our Website.
We may have access to/collect information that you voluntarily give to our partners, affiliates and other third parties via email, via phone, via forms on the Website or otherwise.
Data We Collect
Data we collect about you may include your name, phone number, email address, your inquiry or feedback, your bank details (e.g. card number), data on our communications with you, analytical data and other additional information you provide us with.
Please note that we DO NOT collect personal data that is, by its nature, particularly sensitive. This is genetic data, biometric data, data revealing racial or ethnic origin, information about political opinions, sex life, sexual orientation, religion or other beliefs, data concerning health, trade union membership or other sensitive information.
The main purpose of processing your personal data is to implement our statutory activities (i.e. charitable activities). We may also use the information that you provide us with for the following purposes: a) to communicate with you; b) to improve user experience; c) to improve our Website; d) to administer the contractual relationship between you and us and us and third parties.
Your personal information may be added to our CRM system or other internal databases.
We process your personal information under the following lawful basis and for the following reasons.
Your consent | We rely on your consent when we use your personal data for implement our statutory activities, for optimizing and enhancing the operation of our Website. You have a right to withdraw consent to processing of your personal data. You may enjoy this right at any time you wish. Please remember, that the withdrawal of consent does not mean that the processing before the withdrawal is considered thus illegal. |
Compliance with our legal obligations | We rely on this ground to identify you and verify your identity (when relevant and required), to help prevent and detect fraud against you or us, to protect the security of systems and data, or for disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our activity. |
For the performance of a contract with you or to take steps at your request before entering a contract | We may rely on this ground to engage in non-commercial relations with you when you make a charitable donation to us. |
For our legitimate interests or those of a third party | We may rely on this ground to make non-marketing related communications to you about changes to our terms or policies or to provide other important notices; to enable or administer our activities (quality control, consolidated reporting, customer service), transfer of ownership and so on. |
Marketing Communications
Where you have opted in to receive marketing communications from us, we may use your personal data to send you marketing emails about our new charity programs and initiatives. In using your personal data for such marketing purposes, we rely on your consent.
If a marketing email is sent to you, it includes information on how to opt out of receiving such email notifications in the future.
Safety of Your Personal Data
We adopt appropriate data collection, storage and processing organizational and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information. Personal data that we process for any purpose will not be kept for longer than is necessary for that purpose, including for compliance with legal requirements. If you revoked your consent, we may retain certain personal information for the period required by the applicable legislation (e.g. AML/CFT legislation), to resolve disputes and/or enforce our rights and agreements.
Data transfer
In certain cases, there may be situations when we share your personal data to other countries (including those outside the EEA). In those cases, we will comply with applicable laws designed to ensure the privacy of your personal data.
Under data protection laws, we can transfer your personal data to third countries on the basis of an adequacy regulation or, where such is not available, under legally-approved standard data protection clauses recognised or issued under the applicable data protection laws. In the event we cannot or choose not to continue to rely
on either of those mechanisms at any time we will not transfer your personal data to third countries unless we can do so on the basis of an alternative mechanism permitted by data protection authorities.
By using our Website, you consent to the transfer of information that we collect about you, including personal data, to any country in which we or our service providers are located.
Disclosure of Your Data
Any information collected and processed by us is treated with the utmost confidentiality. We will make no public release of any personal information that is collected. We ensure we always include the controls and warranties embodied in this Privacy Policy to the contracts and agreements we enter into with our partners and contractors to whom we grant access to your personal data. Once they will have access to your data, they will provide the same equal protection as stated here.
We may be legally obliged to disclose your personal data to the competent state authority, enforcement agency or a court in case we receive a mandatory request for such disclosure from them, including to meet national security or law enforcement requirements and/or to comply with a judicial proceeding, court order, or legal process served on our Service. What is more, we may be proactive and address the competent authority in case we suspect a violation of law to be committed in association with your persona via our Service.
If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
We may share your personal data with third parties helping us to run our activity, e.g., website hosts (such as Amazon Web Services) and website analytics providers (such as Google Analytics). We use Google Analytics to better understand our audience and users, to improve our marketing campaigns, and to enhance our Service. To opt out of being tracked by Google Analytics across all websites, you can visit http://tools.google.com/dlpage/gaoptout.
We may also need to share your personal data with external auditors, professional advisors (such as lawyers and other advisors), law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations; or other parties in connection with a significant corporate transaction or restructuring. Usually, information will be anonymised, but this may not always be possible, however, the recipient of the information will be bound by confidentiality obligations.
Children’s privacy
Our Website is not provided for use by children. We do not knowingly collect or solicit any personal information from children under the age of 18 (or other age of maturity depending on the applicable country’s requirements). If we find out that child’s personal data is provided to us, we’ll delete it from our databases. If you are parent or guardian of a child and believe that we have collected such personal data, please contact us as indicated in the “Contact information” section below and we’ll delete it as soon as possible.
Third Party Links
Our Website may contain links to third party websites. We shall not be held responsible for the privacy practices or the content of such third-party websites.
We recommend that you review privacy statements and the terms and conditions of such websites.
Changes to the Privacy Policy
We may update this Privacy Policy by publishing a new version on the Website from time to time at our sole discretion. Any changes we make to this Privacy Policy will be posted on the Website so that you are always aware of what information we gather, how we might use that information and under which circumstances we may disclose it.
The date of the last modification of this Privacy Policy is stated at the beginning of this document.
Cookies
As most websites, our Website uses cookies to help us provide you with the best possible browsing experience.
A cookie is a small text file which is placed onto your device (e.g., computer, smartphone or other electronic device) when you use our website. These help us recognise you and your device and store some information about your preferences or past actions.
Please refer to our Cookie Policy for more information.
Data Storage
We ensure that the personal data are not retained longer than necessary in relation to the purpose for which they are processed. In order to ensure compliance with this principle, we define the retention periods applicable to each processing operation. The following elements are considered when determining the retention period: a) legal obligations; b) recommendations of supervisory authorities; c) best practices; d) our operational needs.
Different retention periods apply for different types of personal data. Following the end of the relevant retention period, we will delete or anonymise your personal data.
Your Privacy Rights
We undertake to guarantee the effective exercise of your rights as a data subject. Usually, you can exercise them free of charge. Nonetheless, we retain the right to do so in case we receive an excessive number of repeated requests.
Your rights are the following:
- The right to receive information about the data processing and a copy of the processed data;
- The right to demand the rectification of inaccurate data or the completion of incomplete data;
- The right to demand the erasure of personal data;
- The right to demand the restriction of the data processing;
- The right to receive your personal data in a structured, commonly used and machine-readable format and to request the transmittance of these data to another controller;
- The right to object to the data processing;
- The right to withdraw a given consent at any time to stop a data processing that is based on your consent;
- The right to file a complaint with the competent supervisory authority.
To exercise your rights, please contact us (see “Contact us” section below). When you send us a request to
exercise a right, you are asked to specify as far as possible the scope of the request, the type of right exercised,
the personal data processing concerned, and any other useful element, in order to facilitate the examination of your request. In addition, in case of reasonable doubt, you may be asked to prove your identity.
We will do our best to answer you as soon as possible or within a reasonable period taking into account the complexity of the request, but in case we are processing a large number of requests the answer may take us longer than you might expect.
How to Complain
Please contact us if you have any query or concern about our use of your information (see below “Contact us”).
You also have the right to lodge a complaint with a relevant data protection supervisory authority in the EEA state of your habitual residence, place of work or of an alleged infringement of data protection laws in the EEA.
For a list of EEA data protection supervisory authorities and their contact details see here.
Contact Us
You can contact us by post or email if you have any questions about this Privacy Policy or the information we hold about you, to exercise a right under data protection law or to make a complaint.
Our contact details are shown below:
Name: Charity Organization “Charitable Foundation “Dopomogator”
Postal address: Ukraine, 01133, Kyiv, 26 Lesi Ukrainky blvd.
Email: info@dopomogator.org
Notice For California Residents
If you are a California resident, provisions of the Privacy Policy will apply to you subject to several additional things you need to know about processing of your personal data pursuant to California Consumer Privacy Act (“CCPA”), which went into effect on January 1, 2020.
Your Rights
Under CCPA, you have the following rights regarding your personal information:
Right to know what personal information we collect about you and the purposes of that collection, as well as know how your personal information is used: you have the right to know what personal information about you we collect, the sources from which it is collected, and the purposes for which we collect it.
Right to know with whom we share your personal information: you have the right to know whether we share your personal data with any third parties. We may share your personal information with third parties who help us run our activities.
Right to know whether any of your personal information is sold: we do not sell or rent out your personal information.
Right to “Opt-Out of Sale” of your personal data: we do not sell your personal data to third parties and therefore do not offer an “opt-out” mechanism.
Right to access, request, and receive personal information: you have the right to request which personal data was collected about you and receive a copy of such information. We will disclose and deliver the required information to you in the manner described in the CCPA after receiving a verifiable request from you.
Right to request deletion of your personal data: you have the right to request deletion of your data from our systems to the extent provided by the CCPA.
We will not discriminate against you for exercising any of your CCPA rights. Please contact us if you have any further questions regarding your rights under the CCPA (see the “Contact Information” section for contact details). This should be a verifiable consumer request related to your personal information. The verifiable consumer request must provide sufficient information that allows us to reasonably verify that you are the person about whom we collected personal information or an authorized representative and describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. All requests must be labelled “California Resident Request” on the email subject line.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will reply within 45 days of request receipt. If we need more time (up to 90 days), we will inform you of the reason and extension period in writing. We will deliver our written response electronically.