Last Updated: November 14, 2020
- On or through the Website;
- Through online queries or forms you submit on the Website and through any of your subsequent email or electronic communications with us regarding these queries or forms;
- In text, and other electronic messages between you and this Website; and
What Information We Collect and Process
Like other websites, we gather certain information automatically through your use and/or access of the Website. Depending on how you use the Website however, the information we gather from you varies.
a) Information We Collect and Store Automatically When You Access the Website
If you visit the Website exclusively for informational purposes (e.g., without completing a form on, or otherwise actively submitting information to, the Website), we collect the personal information that your browser automatically transmits to our server log files. This information is necessary to present the Website to you and helps support its stability and security. For example, our system stores your IP address temporarily to improve the Website’s stability and functionality, as well as for troubleshooting where required. Such automatically collected information includes:
- Your IP address;
- Date and time of the inquiry;
- Time zone difference to Greenwich Mean Time (GMT);
- Content of the request (concrete page);
- Access status/status code;
- Data volume transmitted in each case;
- Website from which the request comes;
- Browser type;
- Internet Service Provider (ISP);
- Operating system and its interface; and
- Language and version of the browser software.
We store the above-mentioned information in our server log files. Any other information pertaining to your page visits is not stored.
The above-mentioned information is erased as soon as storage is no longer required to present the Website to you and to help support its stability and security. In the case of making the Website available to you, this occurs after the end of the visit to the page. Log files are erased after a maximum of 10 days.
b) Information We Collect and Store When You Provide it to Us
When you visit the Website and contact us through an online query or form available on the Website, we store the personal information you provide to us in order to process your requests and where applicable, answer any questions you have asked. Such information includes, but is not limited to:
- Your name,
- Country, State, and city (USA and India only); and
- Your email address.
We may retain any communications in relation to your online queries in order to process corresponding inquiries, respond to your requests and improve our services.
We erase the accrued data once storage is no longer necessary, or we restrict access if there are any applicable legal or regulatory obligation(s) to retain data.
c) How Long and Where We Store Your Personal Information
The criteria used to determine our retention periods include:
- The length of time we have an ongoing relationship with you and provide our services to you;
- Whether there is a legal obligation to which we are subject; and
- Whether retention is advisable considering our legal position.
Some or all of your personal information may be stored outside of your country of domicile. You accept and agree to this by using and/or accessing the Website.
How We Share Personal Information We Collect
When you submit an information request using our online forms (e.g., an information request about specific events in a certain country or city), we will forward the personal information you provide on the form (name, email address, country, state (US only), city) to our subsidiary or affiliate in that country or city.
These third parties may be governed by a different data privacy framework and will protect your personal information in accordance with that framework (e.g., GDPR in the countries of European Union). Please see our Supplemental GDPR Privacy Notice for more details.
How We Protect Personal Information We Collect
We have implemented technical and organizational measures to safeguard the confidentiality, integrity and availability of your personal information.
a) Technical Measures
We have implemented an information security policy that will minimize the risks of processing your personal information with regards to confidentiality, integrity and availability.
We have implemented and take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of your personal information and other data contained or stored on the Website, including internal reviews of our data collection, storage, processing practices and security measures as well as physical security measures to guard against unauthorized access to systems where we store personal information.
b) Organizational Measures
We restrict access to personal information to our volunteers, contractors and agents who need to know that information in order to deliver, operate, develop or improve our services. These individuals are bound by confidentiality obligations and our privacy code of conduct, and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
How to Correct Your Personal Data or Have It Deleted From Our Files
You can review and change your personal information by submitting a request through our Contact DPO form.
We reserve that right to deny any such request to change, modify, or delete any information if we believe the change would violate any applicable law or legal requirement, including, but not limited to, any lawful retention period, or cause the information to become incorrect.
If you request deletion or erasure of any of your information stored on the Website, copies of such information may remain viewable in cached and archived pages, or might have been copied or stored by other Website users. We are not responsible and will not be held liable for any damages resulting from a third party’s use of such cached, archived, copied, or stored information after completing your request for erasure or deletion.
When We May Disclose Information
The conditions under which we may disclose your information vary depending on the applicable law and/or regulations and whether such information can be used to personally identify you.
a) Non-Personally Identifiable Information
We may disclose aggregated information about users, and information that does not identify any individual, without restriction.
b) Personally Identifiable Information
We may disclose personal information that we collect or you provide to us:
- To our subsidiaries and affiliates;
- To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them;
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern, or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by us about our Website users is among the assets transferred;
- To fulfill the purpose for which you provide it (e.g., to present the Website to you, to help support the Websites stability and security, or to process and respond to your inquiries submitted via an online query or entry form available on the Website);
- For any other purpose disclosed by us when you provide us the information;
- If we reasonably believe disclosure is necessary or appropriate to protect the rights, property, or our safety, or the safety of our employees, directors, subsidiaries, parent companies, or affiliates, and any other users of the Website, including exchanging information with other companies and organizations for the purposes of fraud protection; and
- To comply with any court order, law, or legal process or procedure, including to respond to any government or regulatory request.
Information Processed by External Service Providers
We control the personal information that we collect, but in some cases we use external service providers to improve and secure the Website, and to process data. The following are types of external service providers with which we may share your information:
- Analytics services;
- Data and Website security providers;
- Email delivery providers;
- Online donation processing services; and
- Service providers that may allow us to update and enhance our services.
a) How We Process Online Donations
We may use a third party to collect donation information and provide credit card, bank, payment and information processing services. If you choose to use our donation page to make an online donation, you will be asked to provide personal information such as your name, address, email address, phone number, credit card information and donation amount. We will share your personal information with our donation processing service provider: PayPal, Inc. (“PayPal”). By using PayPal, your information may be subject to the terms and conditions stated in PayPal’s Privacy Statement and/or other Legal Agreements available on PayPal’s website. You should carefully review these policies before making a donation.
You may grant your permission to us to gather any and all information necessary to process your donation either before, during or after you enter your information into an online donation query or form available on the Website or before, during or after PayPal collects your personal information and / or your sensitive personal data or information. You may also grant permission to us to gather any and all information necessary to process your donation through other forms that you complete either online or offline.
b) Improvements to the Website and Google Analytics
We have set the Data Retention Controls for Google Analytics for 26 months. Once again, Google Analytics will not collect IP addresses used to connect your device to the internet.
You can install the Google Analytics Opt-out Browser Add-on to your browser to prevent information about your visits to the Website from being sent to Google Analytics.
Our Cookie Statement
a) What Are Cookies?
Cookies are small text files that are stored on your computer or mobile device when you visit a website. For this section, we use “cookies” as an umbrella term for techniques such as Cookies, Flash Cookies and Web Beacons which do not take up much space and are removed automatically when expired. Some cookies expire at the end of your session, while others will be saved for a certain amount of time.
b) What Are the Different Types of Cookies We Use?
Different types of cookies have different uses. Some cookies allow you to browse the Website and see certain features, while others provide information about your browsing experience—namely, when you have trouble finding what you are looking for—so that we can improve and make your future visit as pleasant as possible.
Cookies set by us are called “first party cookies.” Cookies set by other parties are called “third-party cookies.” Third-party cookies enable third party features or functionality to be provided on, or through, the Website (e.g., Google Analytics). The parties that set third-party cookies can recognize your computer or mobile device both when it visits the website in question and when it visits certain other websites. We use first party and third-party cookies on the Website.
Additionally, there are required and functionality /analytics cookies. Required cookies are essential to help you to navigate the Website and to access and use certain features. We use functionality/analytics cookies to improve the Website. Below is a brief overview of each:
- Required cookies are essential for website navigation and movement, and for the access and use of certain features. These cookies are required to enable core site functionality and are stored for the duration of your browsing session.
- Functionality/analytics cookies provide an improved user experience. These cookies allow us to analyze Website usage so we can measure and improve performance. Functionality/analytics cookies may be placed by us or a third party on our behalf and are also stored for the duration of your browsing session.
We use both first party and third-party cookies primarily to ensure that your visit to the Website is as pleasant as possible. Such reasons for using cookies also include, but are not limited to:
- Understanding the activities and behaviors of visitors to the Website;
- Recognizing new or past visitors to the Website;
- Improving the Website;
- Understanding the interests of visitors to the Website; and
- Facilitating the functionality, stability, and security of the Website and its features.
d) What if You Don’t Like Cookies
You can change your browser settings to delete or prevent certain cookies from being stored on your computer or mobile device without your explicit consent. The ‘help’ section in your browser should provide information on how to manage your cookie settings.
Other Important Privacy Information
We may present links in a format that enables us to keep track of whether these links have been followed. We use this information to improve the quality of the Website.
b) Other Sites
c) GDPR Notice
People who are residents of the European Economic Area (“EEA”) may have additional rights under the General Data Protection Regulations (“GDPR”). All residents of the EEA should review our Supplemental GDPR Privacy Notice before using the Website.
Disclaimer and Reporting of Possible Data Breaches
If you suspect a possible data breach, please report it using our Contact DPO form.
If we receive a formal written complaint sent either through our Contact DPO form, or through the mail, it is our policy to contact the user regarding their concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between us and the complaining user.
If your complaint is not resolved to your satisfaction, you can contact the competent privacy authority and/or lodge a complaint with a data protection authority for your country or region, or where an alleged infringement of applicable data protection laws occur.