Controller. Vital Voices Global Partnership is the controller and is responsible for your personal data (collectively referred to as “Vital Voices,” “we” “us” or “our”). We have designated a Data Privacy Manager (DPM) who is responsible for overseeing questions in relation to this privacy notice and your rights. If you have questions about this privacy notice, including any requests to exercise your legal rights under the GDPR, please contact the DPM at:
Vital Voices Global Partnership
Faida Fuller, Chief Operating Officer
1625 Massachusetts Ave NW, #300
Washington, DC 20036
If you are a data subject within the scope of the GDPR, you have a right to make a complaint at any time to the data protection office in the EU Member State of your habitual residence, place of work or place of alleged infringement. A list of supervisor authorities is available here. We would, however, appreciate an opportunity to address your concerns before you approach the data protection office, so please contact us at the above email address in the first instance.
Data Collected. We may collect, use, store and transfer different kinds of personal data about you. The following are examples of the types of information Vital Voices may collect and/or maintain about you:
- Identity data: including name, username, date of birth, and gender.
- Contact data: including home address, billing address, email address, and telephone number.
- Financial data: including credit or debit card number and expiration date.
- Transaction data: including donation history and payment method.
- Technical data: including internet protocol (IP) address, browser type and version, mobile platform type, operating system and platform, language preference and other technology on the device you use to access the website.
- Profile data: including username and password, information you provide on preferences, including email frequency and type, interests, questions and feedback.
- Usage data: including information about your usage of our website, such as which pages were visited within our website.
- Communication data: including preferences for receiving direct mailings, email and other communications on fund-raising appeals, newsletters and other information from Vital Voices.
How Data is Collected. Vital Voices uses different methods to collect data from and about you, including through:
Direct Interaction. Vital Voices obtains your personal data, including Identity, Contact, Financial, Transactional, Profile, and Communications data through your use of this website.
Automated Technologies. As you interact with our website, we may automatically collect Technical and Usage data to help facilitate your use of our website and to improve our website’s performance. We collect this personal data by using “cookies” and other similar technologies. A “cookie” is a small text file that may be used to collect information about your activity on the website. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser, but if you do, you may not be able to take advantage of some of the features of our website.
Vital Voices uses a third party email automation platform. You acknowledge that the information you provide, including Identity data, will be transferred to that platform for processing. See below for information on how to remove your email address from our mailing list. In addition, Vital Voices utilizes payment processing entities to process payment information we obtain from you. Please contact us at email@example.com if you would like additional information on our vendors.
How Personal Data is Used. Vital Voices uses personal data to understand your needs and provide better service to you. Specifically, Vital Voices uses personal data to assist in completing transactions and communicating with donors and subscribers to our email and other communication lists. We may also use personal data to facilitate event attendance or participation. Vital Voices uses Financial information solely for the processing of donation.
In addition, certain parts of our website will require you to register and obtain a password in order to enjoy the services offered on the applicable pages of the website. When access these areas of the website, you may be prompted to input your Profile data, such as username and password.
We will only use your personal data for the purposes for which we collected it, unless we reasonably determine that we need to use it for another purpose that is compatible with the original purpose for which we obtained your consent. If we need to use your personal data for an unrelated purpose, we will notify you and where required by law, we will either obtain your consent or provide an explanation of the legal basis which allows us to do so. Note that we may be required for legal reasons to process your personal data without your knowledge or consent and will only do so where this is required by law.
How Personal Data is Shared. Vital Voices may share your information with third-party service providers when necessary, such as when processing transactions or when required to do so by legal process. Vital Voices will otherwise not sell, lease, or share personal data with unaffiliated third parties unless it receives advance written consent from you.
Certain places within the website, such as online communities, forums, blog pages or other public areas, may allow users to post comments or communications that are publicly accessible and non-confidential. The views expressed in content appearing in discussion forums are entirely those of the originators, and should not be attributed in any manner to Vital Voices, its affiliated organizations, or members of its Board of Directors or the organizations they represent.
Any information shared, including Personal data, that you reveal in these public areas is not maintained as private and will be accessible to the public. Please note that any information you include in a message you post to any chat room, forum or other public posting area is available to anyone with Internet access. If you do not want people to know your e-mail address, for example, do not include it in any message you post publicly. PLEASE BE EXTREMELY CAREFUL WHEN DISCLOSING ANY INFORMATION IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS. WE ARE NOT RESPONSIBLE FOR THE USE BY OTHERS OF THE INFORMATION THAT YOU DISCLOSE IN CHAT ROOMS, FORUMS AND OTHER PUBLIC POSTING AREAS.
How to be Removed from Our Mailing List. You may contact us if you wish to be removed from our mailing list at firstname.lastname@example.org. Additionally, all email correspondence includes the ability to “opt-out” or unsubscribe from future mailings.
Children Under the Age of 13
Neither Vital Voices nor any of its services are designed or intended for children under the age of 13. We do not collect personal data from any person we actually know is under the age of 13 and we do not intentionally collect data from anyone that is under the age of 13. If we determine that a child under the age of 13 has submitted information to Vital Voices, that information will be deleted when we are made aware of it.
Accessing Third Party Sites
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of each website you visit.
How Vital Voices Handles Privacy and Security Internally
No data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information that you transfer to us is done at your own risk.
We take all reasonable measures to ensure that your personally identifiable information remains as secure as reasonably possible. Here are some of the security procedures that Vital Voices uses to protect your privacy:
- Uses firewalls to protect information held in our servers.
- Utilizes Secure Socket Layer (SSL) encryption in transmitting personal data to our servers.
If we learn of a security systems breach we may attempt to notify you electronically so that you can take appropriate protective steps. By using the website or providing personally identifiable information to us you agree that we can communicate with you electronically regarding security, privacy and administrative issues relating to your use of these Site. We may post a notice on our website if a security breach occurs. We may also send an email to you at the email address you have provided to us in these circumstances. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.
Vital Voices is located in the United States. As such, processing of your personal data occurs will involve transferring your data outside the European Economic Area (EEA). Vital Voices also utilizes third-party data processors that are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that we use third party providers that are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
Please contact us at email@example.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Vital Voices has in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed and verified that third party entities with whom we permit access to your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your personal data with us is no longer secure (for example, you believe the security on your account login information has been compromised), please contact us at firstname.lastname@example.org immediately.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your Legal Rights
For data subject within the scope of the GDPR, you have rights in relation to your personal data. Please click on the links below to find out more about these rights:
- Request access to your personal data.
- Requestcorrection of your personal data.
- Requesterasure of your personal data.
- Object to processingof your personal data
- Request restriction of processing your personal data.
- Request transferof your personal data.
- Right to withdrawconsent.
If you wish to exercise any of the rights set out above, please contact us at email@example.com.
No fee usually required
For data subject within the scope of the GDPR, you will not have to pay a fee to access your personal data or to exercise any of your other legal rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
For data subject within the scope of the GDPR, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data or to exercise your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to help facilitate our response.
Time limit to respond
We try to respond to legitimate requests within one month. Occasionally it may take us longer than a month, particularly if your request is complex or you have made multiple requests. In this case, we will notify you and keep you updated.
Contacting Vital Voices
In the event that all or part of our assets are sold or acquired by another party, or in the event of a merger, you grant us the right to assign your personal data.
Effective Date: May 25, 2018
Last Update: May 25, 2018