Privacy Policy
1 - Introduction
“The protection of personal data is a fundamental right, according to the Universal Declaration of Human Rights. In order to protect and respect this basic right of every citizen, The Human Aspect (THA) has created its privacy policy based on the new General Data Protection Regulation (GDPR), which aims to protect natural persons with respect to the processing of personal data by means wholly or partially and by unauthorized means, irrespective of nationality and place of residence.” The Human Aspect (THA) is committed to protecting your privacy and the confidentiality of any personal data which you provide to us.
According to General Data Protection Regulation (GDPR), ‘personal data’ means any information relating to a identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (art.4º.1/GDPR)
This Privacy Policy describes The Human Aspect policies and procedures on the collection, use, storage and disclosure of your personal data in connection with the services that The Human Aspect provides to you. By accessing the The Human Aspect website and providing your information you indicate your acceptance of this Privacy Policy, as amended from time to time.
The choice of how much information you provide to The Human Aspect is yours and of course if you want to use The Human Aspect services, make a donation, or otherwise participate in The Human Aspect programs and events, The Human Aspect will require certain information from you in order to provide the services or conduct the programs and events. In order to ensure we adhere to data protection legislation we will only ask for the relevant personal data required to offer you our services.
If you have any questions about this privacy policy or about your personal data, please email us at [email protected] or write to us at the address below:
The Data Controller for The Human Aspect Europe is based in Oslo, Norway
Address:
The Human Aspect co Mesh Tordenskjoldsgate 3 0127 Oslo
Norway Telephone: + 47 977 80 187
Our Data Protection Officer is:
Catrin Alhaug, Head of
Relations, who can be contacted at
[email protected]
2 - How we collect your personal data
We want to make sure you receive the communications that are most relevant to you, be it through visiting our website or receiving emails, post, phone calls, text, or in person.
We collect your personal data in the following ways:
When you
directly interact with us – this could be if you participate in an Interview, ask about our work;
sign up for our newsletter, fundraise for our campaigns; purchase The
Human Aspect products; apply for a job or when you provide your data
over the phone, by email, via the website, through the post, or in
person e.g. at The Human Aspect events. When you interact with us
through our partners, and have provided your consent for your contact
details to be shared with us.
When you interact with us through other third parties – this could be if you provide a donation through a third party and provide your consent for your personal information to be shared with us.
When you visit our website or our social media channels – we gather information which might include which pages you visit most often and which services, events or information is of most interest to you. We may also track which pages you visit when you click on links in emails from us. We use Cookies to help our website run effectively and to make improvements to ensure we are providing the best service (please see below for further information on the use of Cookies).
From other information that is publicly available – in order to tailor our communications and make contact with potential corporate fundraisers and individual donors, we may collect information about you from publicly available sources, such as Facebook, LinkedIn, social media platforms and web search engines such as Google. We may use third parties who collect publicly accessible data as a service to do this ensuring that they are adhering to data protection law requirements in their collection processes before any such data is shared.
Further detail about how we collect your personal data is provided below in relation to the purposes for processing your personal data.
3 - Our purposes for processing personal data
The following sets out all of the purposes of processing of personal data The Human Aspect undertakes, setting out how we process your personal data to achieve the purpose:
To keep you informed about The Human Aspect fundraising campaigns, our events, and news about the The Human Aspect Foundation, and the incredible impact and project outcomes achieved with the funds raised.
We will ask for your email address to provide this information to you.
You will be required to ‘opt-in’ to receive these emails from us and
can unsubscribe at any time by sending us an email with the title
unsubscribe to
[email protected]
To make a donation
If you purchase products or
make a donation you may provide The Human Aspect with credit card
details and other information which will allow The Human Aspect to
process the transaction. Please note that The Human Aspect does not
store credit card information.
We can provide you with either a personal or business receipt when you make your donation. We will require an email address to provide this to you.
We are legally required to retain donor details for 6 years. We have a retention schedule in place to ensure your data is not held for longer than is necessary for this purpose.
To purchase The Human Aspect products or merchandise
We will require your contact details as well as payment details
when you purchase The Human Aspect products or merchandise to ensure
we are able to send your purchases to the correct address. If you
purchase products or make a donation you may provide The Human Aspect
with credit card details and other information which will allow The
Human Aspect to process the transaction.
To advertise our work through digital ads
We
use external actors and tools to advertise the work of The Human
Aspect through digital ads which is achieved using email addresses and
cookies (please see below for further information about cookies).
If we send your details to Facebook for this purpose they will be hashed before they are sent, and Facebook only briefly uses the data for matching purposes then deletes it: https://www.facebook.com/ads/manage/customaudiences/tos.php
If you wish to opt out of having your details provided to Facebook or other social media platforms for the purpose of targeted advertising, please contact us at [email protected]
Personal data provided to The Human Aspect by fundraising
platforms
The Human Aspect also raises funds via online fundraising
platforms. Personal data provided on these external fundraising
platforms is passed to us to enable us to meet our audit requirements
(see below).
To enable you to using your Facebook page
When
you are using your Facebook page you will be asked to provide your
Facebook Public Profile, which is always publicly visible on Facebook,
and your email address in order to enable this. There is also an
option to provide access to your Friend list and Work History should
you choose to.
To enable you to set up a Facebook Fundraiser to receive
donations.
Once you have done this you will be asked for permission to
‘Manage your Fundraisers’ which enables us to set up a Facebook
Fundraiser on your behalf so that you can then view the combined
fundraising totals from Facebook.
For Audit Purposes
We are required to make all
information available for the purpose of audit but ensure access to
personal data is limited by providing view-only access on-site and by
removing identifiers where applicable when required to disclose data
for this purpose. External auditors are bound by auditing standards
which includes controls to ensure they treat as confidential any
personal data accessed while carrying out audits. We are also subject
to audits by charity regulators in Norway and Europe.
To communicate the performance of The Human Aspect to our Board
Members and Stakeholders
Where supporters have provided their consent to appear in video
clips or to share their personal story, we may present these to our
Board Members and Stakeholders as part of reporting our performance.
Generally, though, any data presented to the Board for performance
reporting purposes will be anonymised.
To enable us to communicate with our corporate fundraisers
We actively search for corporate contacts via publicly
available information from websites such as LinkedIn and Facebook or
by performing Google searches. We will treat corporate email addresses
as personal data for this purpose.
THE HUMAN ASPECT GENERAL PRIVACY POLICY
I - Technical and organisation security measures
The following sets out the technical and organisation security measures employed by The Human Aspect to ensure your personal data is kept confidential and secure by The Human Aspect and our partner organisations / third party suppliers
Lawful basis for processing
For most processing
of personal data we will be asking for your consent, however, some
processing will be based on legitimate interests or for the purposes
of entering into a contract e.g. where we require certain personal
data in order to provide a service you choose to use. We would only
rely on the lawful basis of legitimate interests where we are assured
that we would not be using your data in a way you would not expect
taking into account your rights and interests.
Disclosure of Personal Information:
We may
disclose your personal information to our suppliers or other external
third parties for outsourcing some of the functions and services
relating to the purposes for which your personal information may be
processed by The Human Aspect, for storage and otherwise to enhance
our Services. When we contract external services providers, we may
provide them with your personal information, but only to the extent
required for them to fulfil that contract, or where you would
reasonably expect The Human Aspect to disclose it to a third party for
a particular purpose.
We will not sell your personal information to other parties.
The Human Aspect will not use or disclose your personal information except in accordance with this Privacy Policy unless you have consented to the use or disclosure, or where disclosure is necessary to prevent injury to life or health, to investigate any suspected unlawful activity or where the use or disclosure is required or authorized by law.
Security & storage of your information:
The
Human Aspect takes reasonable steps to ensure the security of all
information it collects, including that the information is protected
from misuse and loss and from unauthorised access, modification or
disclosure. For example, your personal information may be stored and
maintained in a secure cloud-based environment, which can be accessed
only by authorised personnel, as no data transmission over the
internet or information stored on servers accessible through the
internet can be guaranteed to be fully secure, we cannot ensure or
warrant the security of any information you send to us or receive from
us online.
Retaining your personal data.
We will retain
your personal data for as long as necessary to fulfil the purposes we
collected it for, including for the purposes of satisfying any legal,
accounting, audit or reporting requirements. We may also retain your
personal data for a reasonable period afterwards to allow us to
respond to any follow up enquiries or complaints.
II - Your rights in relation to personal information:
Your rights in relation to how organisations process your personal data have been significantly enhanced under the new General Data Protection Regulation 2018 (GDPR). The following sets out how The Human Aspect will ensure we meet all of these increased rights.
1. The right to be informed
Your right to be
informed about the personal data we are processing is set out in this
Privacy Policy which will be regularly reviewed to ensure you are
provided with accurate information.
2. The right of access
You may request access
to your personal information collected by The Human Aspect. Please
send an email to
[email protected]
and we will endeavour to respond as soon as possible and in any event
within one calendar month of receiving your request.
3. The right to rectification
According to the
article 16 of General Data Protection Regulation (GDPR), you have the
right to rectification your personal information. If you believe any
of your personal information held by The Human Aspect is not accurate,
complete or up-to-date, The Human Aspect will take reasonable steps to
correct the information. You can make a request for rectification
verbally or in writing. To request that your personal information be
corrected or updated, please send an email to [email protected]
We will respond to your request within one calendar month.
4. The right to erasure
According to the article
17 of General Data Protection Regulation (GDPR), you have the right to
erasure your personal information. Also known as ‘the right to be
forgotten’, you can now request for your personal data processed and
held by us to be erased, unless there is another legal requirement for
us to continue to process that data, in which case this will be
explained to you in response to your request. You can request for us
to erase your data either verbally or in writing. We will respond to
your request within one calendar month.
5. The right to restrict processing
According
to the article 18 of General Data Protection Regulation (GDPR), you
have the right to obtain from the controller restriction of
processing. Similar to your right to request erasure of your personal
data, you can request we restrict processing where you have issues
with the content of the information we hold or with how we have
processed your data. In these cases we would only apply the
restriction for a certain period of time while we consider your
request for doing so. You can request us to restrict processing either
verbally or in writing. We will respond to your request within one
calendar month.
6. The right to data portability
According to
the article 20 of General Data Protection Regulation (GDPR), you have
the right to receive the personal data that were provided to a
controller, in a structured, commonly used and machine-readable format
and have the right to transmit those data to another controller
without hindrance from the controller to which the personal data have
been provided”.
We will endeavour to provide you with a copy of your personal data in a format that can easily be transferred to another organisation. We will respond to your request within one calendar month. Please note this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
7. The right to object
According to the article
21 of General Data Protection Regulation (GDPR), you have the right to
object to us using your data for marketing purposes or where the
processing is based on legitimate interests or grounds relating to his
or her particular situation.
8. Rights in relation to automated decision making and
profiling
According to the article 22 of General Data Protection
Regulation (GDPR),The Human Aspect does not process any personal data
for automated decision making or for profiling as defined by the
Regulation.
Please contact us at [email protected] to exercise any of your rights as above.
III – Complaints
If you have a complaint about the handling of your personal information, please write to the address provided above or send an email to [email protected].
IV - Website Advertising and Analytics:
Pixels
A pixel is a small amount of code on a
web page or in an email notification which is used by organisations to
learn how users are interacting with certain web content to help us
improve our services and personalize your experience. Pixels use you
online identifiers to do this along with an anonymised version of your
social media site ID. We cannot see any personal data of individual
users, but the collected data are saved and processed by social media
sites. You can amend your preferences or opt-out of website customised
ads through Facebook and Twitter below:
https://www.facebook.com/about/privacy/
https://help.twitter.com/en/rules-and-policies/twitter-cookies
Links to other websites
The Human Aspect is not
responsible for the privacy practices or content of any other website
or service that is linked to a Website, or for the privacy practices
of any third party social media or other service providers that you
can access through a Website. We encourage you to read the privacy
policies of those websites or service providers, including, but not
limited to, Facebook Fundraisers and Facebook donation functionality,
which may require you to provide additional personal information.
IP address
The IP Address (Internet Protocol
Address) is a unique address that computing devices such as personal
computers, tablets, and smartphones use to identify itself and
communicate with other devices in the IP network.
The Human Aspect uses IP addresses to ensure our users are directed to the correct version of our website dependant on the territory you are accessing our website from. We also use web log information provided through the IP address to understand any issues users may experiences while using our website to ensure a seamless service for our users.
Cookies:
What are cookies? Cookies are small
text files that are stored in your computer’s memory and hard drive
when you visit certain web pages. They are used to enable websites to
function or to provide information to the owners of a website.
Why do we use cookies? Cookies help us to provide customised services and information. For example, we use cookies on all our websites to collect anonymous traffic data and also to improve your experience with the Websites (e.g. to keep you logged in if you request this).
In broad terms, we use cookies on our Websites for the following purposes:
- visitors to our Websites. This helps us to improve and develop the way our Websites work, for example, by determining whether site visitors can find information easily, or by identifying the aspects of our Websites that are of the most interest to them. For these purposes, we may store the following:
- the name of the domain from which you accessed the internet
- the date and time you accessed our Websites
- the advert or internet address of the website from which you linked directly to our Websites
- the pages you accessed while visiting our Websites
- the device from which you accessed our Websites
- the location from which you accessed our Websites
In addition, we use a third party service providers, to provide certain analytics services to us in connection with the operation of the Websites, including (without limitation) the collection and tracking of the data and information listed above. We may disclose visitor data, including personally identifiable information, to enable those third party service providers to provide such services. Such data may be sent to those third party service providers and their local overseas suppliers, where the standard of data protection may be lower than the country in which you reside.
- Usage preferences: Some of the cookies on our Websites are activated when visitors to our sites make a choice about their usage of the site. Our Websites then ‘remember’ the settings preferences of the user concerned. This allows us to tailor aspects of our sites to the individual user.
- Session management: The software that runs our Websites uses cookies for technical purposes needed by the internal workings of our servers and application. For instance, we use cookies to keep track of information about a user’s session and determine which options or pages to display in order for the site to function.
- Functional purposes: Functional purpose cookies store information that is needed by our applications to process and operate. For example, where requests within an application involve multiple stages, cookies are used to store the information from each stage temporarily, in order to facilitate completion of the overall request.
Your cookie preferences: To make full use of our Websites, your computer or mobile device will need to accept cookies, as our sites will not function properly without them. In addition, cookies are required in order to provide you with personalised features on our websites.
Third party cookies: When you visit our Websites, you may receive cookies that are set by third parties. For example, you may receive a cookie set by Google. These cookies are used for the purposes described in the “Why Do We Use Cookies?” section of this policy. We do not control the setting of these third party cookies, so we suggest you might wish to check the third party websites for more information about their use of cookies and how to manage them.
Amending cookie preferences: If you wish to remove cookies set by our Websites from your browser in the future, you may delete them. The instructions for removing cookies from your computer or mobile device depend on the operating system and web browser you use. Please note, however, that withdrawing your agreement to the use of cookies on our sites will impair the functionality of the sites.
Google Analytics
Our website uses Google
Analytics who provide reports on website traffic data to help us
understand usage and to ensure we continue to improve your experience
when using our website.You can amend your preferences or opt-out of
Google Analytics here:
https://support.google.com/analytics/answer/6004245?hl=en
Changes to this Privacy Policy:
This privacy
policy may change from time to time particularly as new rules,
regulations and industry codes are introduced. Any changes to the
Privacy Policy will be posted on our Website. If we consider that the
changes are material we will notify you by email.