Last revised on 17/01/2024
CHARITY ORGANIZATION «CHARITY FOUNDATION «DZYGA`S PAW» (hereinafter “the Foundation”, “us,” “our” or “We”) is a controller of the personal data of the users (hereinafter “You”, “User”) of the website https://dzygaspaw.com (hereinafter – “Site”) and benefactors of the Foundation.
In providing Services by the Foundation, as well as collecting and processing data about users of different jurisdictions through the Site, we adhere to the Ukrainian legislation as well as the standards of the General Data Protection Regulation (hereinafter – GDPR) as the toughest privacy and security law in the world. By using these standards, we will be able to ensure high-level security of the data subject rights and their confidentiality while they are using the Services we provide.
We may change this Policy from time to time. Your further use of the Site constitutes your consent with the changes to this Policy. If you disagree with the actual version of this Policy, you should immediately cease your using the Site.
PURPOSES OF THE PERSONAL DATA PROCESSING
The Foundation collects and processes personal data of the Site users to record donations made by benefactors; organize feedback from users; maintain the security of the Foundation’s and users’ interests; comply with legal requirements; and conduct analytical and sociological research.
The Foundation is lawfully processing users’ personal data in the following cases:
- personal data is provided for pre-contractual or contractual relationships;
- the User has given his/her informed consent;
- legal obligations for the processing of personal data of the User.
PRINCIPLES APPLIED TO THE PERSONAL DATA PROVIDED
- Fairness and transparency principle: lawful basis for personal data processing and the information of how it is being processed is always requested.
- Purpose limitation: personal data is collected for specified purposes and not further processed in a manner that is incompatible with those purposes.
- Data minimization: personal data are requested in the scope which is strictly necessary in relation to the purposes for which they are processed.
- Accuracy: only accurate personal data are processed and, where necessary, kept up to date.
- Storage limitation principle: personal data are kept for no longer than necessary.
- Integrity and confidentiality principle: personal data are processed in a manner that ensures appropriate security and confidentiality of the same. We always take all necessary measures against unauthorized or undue use of our users’ personal data by third parties.
- Accountability: the Foundation shall be responsible for, and be able to demonstrate compliance with, principles applied.
TYPES OF PERSONAL DATA WE PROCESS VIA THE SITE
The Foundation does not collect or process special (sensitive) types of personal data of Users, such as medical data, data on racial or ethnic origin, as well as personal data of persons under 18 years of age. If such information is somehow received by the Foundation, it is subject to immediate destruction and deletion.
COMMUNICATION REGARDING PERSONAL DATA
PERIOD OF PERSONAL DATA PROCESSING
The Foundation keeps and processes personal data collected through this Site Personal data for no longer than necessary for the purposes for which they are processed. The personal data collected through this Site will be stored as long as:
- the contractual relationship is maintained or,
- it is necessary for the fulfilment of a legal obligation or for legal exercise of rights,
- it is not requested to be deleted by the User.
The processing of personal data collected through the Site is carried out in accordance with the principle of equality. All our users enjoy equal rights prescribed the standards we adhere in the field of personal data protection, namely:
- right to access: users can send inquiries to the Foundation concerning kind, purpose and duration of their personal data processing and then receive relevant information;
- right to correct: users may contact the Foundation to supplement or change their personal data in order to update them;
- right to delete: users have the right to ask the Foundation to delete their personal information fully or partially;
- right to restrict processing: users have the right to ask the Foundation to stop, in whole or in part, the processing of their personal data;
- right to data transfer: users have the right to receive a copy of their personal data and transfer such data to other owners or administrators;
- right to object to the processing of personal data and to withdraw consent to their collection and processing;
- right to appeal: users have the right to file a complaint to the authorities regarding the protection of personal data if they believe that the Foundation has violated any of their rights.
You can also contact the Foundation at any time with any questions relating to data protection. Preferably by email to: firstname.lastname@example.org
DATA PROTECTION SAFEGUARDS
To ensure the security of users’ personal data and to prevent their loss, misuse, and unauthorized access, disclosure, alteration or destruction, we take appropriate measures to protect them, namely we:
- follow the standards of the GDPR and any other applicable laws and regulations during their processing, in particular in terms of authorization and authentication of access to personal databases, response to threats and risks to personal data security, etc;
- review and update the privacy policies of the Site, our Services and internal information security policies of the Foundation on a regular basis, conduct audits of the personal data protection conditions within the Foundation;
- conduct regular trainings and provide instructions to the Foundation’s employees on personal data protection, check the controllers who obtain access to users’ personal data for compliance with personal data protection standards, but not lower than those we adhere to, include relevant provisions and guarantees in contracts with them;
- use licensed software, including anti-virus, high-level protection, regularly update it and ensure proper maintenance of our information security systems;
- restrict access to users’ personal data only to those employees and managers who need it to perform their duties and provide services and only to the extent necessary for this purpose;
- cooperate with the authorized bodies in the field of personal data protection, inform them and personal data subjects about leaks or risks of personal data no later than 72 hours after receiving information about them.
TRANSFER OF PERSONAL DATA
The Site may contain links to third party websites. We cannot control, and take no responsibility for, the content or privacy practices of such third-party websites. Once you have used these links to leave the Site, any information you provide to these third parties is not covered by this Policy, and we cannot guarantee the safety and privacy of your information. Before visiting and providing any information to any third-party websites, you should inform yourself of the privacy policies and practices (if any) of the third party responsible for that website, and should take those steps necessary to, in your discretion, protect the privacy of your information. We are not responsible for the content or privacy and security practices and policies of any third parties, including other sites, services or applications that may be linked to or from the Site.
MARKETING AND ADVERTISING NEWSLETTERS
We can send you marketing or advertising newsletters following the data protection law requirements, mainly on the basis of your consent or legitimate interest. Should the letters appear unnecessary for you or you are no longer interested in receiving such letters, you can easily unsubscribe from further letters by pressing the proper button at the end of each email. You can also withdraw your consent to your personal data processing for the purpose of marketing at any time by sending us a letter at email@example.com. We delete your data once you we receive it. We delete the data, which we need as proof that you have agreed to having the newsletter sent to you, after the limitation period for the corresponding obligations to provide proof has expired.
hould you have any doubt or inquiry about the processing of personal data by the Foundation, you can contact us using the information below:
Address: Svobody ave., 1/3, 79005, Lviv, Ukraine