1. GENERAL PROVISIONS.

1.1. This Policy is developed to inform the subjects of personal data about the procedure for processing their personal data when visiting/using the Site, as well as to ensure the protection of their personal data during such processing. In order to improve the quality of service and the security of data storage of our users, we inform you about what data we collect and how we use it on our Site. We respect the confidential information of anyone who visits our site, so based on the requirements of current Ukrainian legislation and the regulation of the European Parliament and the Council, this Privacy Policy has been prepared. This Policy does not apply to sites accessed through hyperlinks on our Site.

1.2. This Policy, as well as the activities of the Public Organization related to the collection, processing, storage, and other legitimate actions regarding personal data, are regulated by: the Constitution of Ukraine; the Law of Ukraine “On Personal Data Protection” dated June 01, 2010, No. 2287-VI; other current regulatory legal acts of Ukraine regulating personal data protection issues; international legal acts ratified in Ukraine.

For legal relations arising in the Public Organization in connection with the processing of personal data of residents of foreign jurisdictions, the law (including international law), national and international regulatory legal acts regulating the protection of personal data of residents of such countries, also apply.

1.3. In this Policy, the terms are used in the following meaning:

• personal data – information or a set of information about an individual who is identified or can be specifically identified;
• consent of the subject of personal data – the voluntary expression of the will of a natural person (provided he/she is informed) regarding the permission to process his/her personal data in accordance with the formulated purpose of their processing, expressed in a form that allows a conclusion to be drawn about the consent;
• processing of personal data – any action or set of actions performed entirely or partially in an information (automated) system and/or in personal data files related to the collection, registration, accumulation, storage, adaptation, change, renewal, use, and distribution (distribution, implementation, transfer), depersonalization, destruction of information about an individual (distribution, implementation, transfer), depersonalization, destruction of personal data, including using information (automated) systems;
• subject of personal data – an individual whose personal data is processed;
• third party – any person, except the subject of personal data, owner or administrator of personal data;
• all other terms in the Policy are used in the meaning defined by current legislation of Ukraine, including ratified international legal acts in Ukraine.

1.4. The owner of personal data processed in connection with visiting/using the Site is the Public Organization. The Public organization has the right to fully or partially entrust the processing of personal data to third parties based on an agreement concluded in accordance with the requirements of current legislation.

1.5. A natural person is a subject of personal data under this Policy if he/she is a visitor to the Site, including if he/she uses any options available on the Website.

The placement of this Policy by the link specified in clause 6.1. of this Policy is a notification of the subjects of personal data about the Owner, composition and content of personal data collected in connection with the visit/use of the Site, about the rights of such subjects, the purpose of collecting their personal data, and third parties to whom such personal data may be transferred.

1.6. The Public Organization guarantees that:

• it adheres to proper practices and regulatory requirements for the protection of personal data;
• protects the rights of subjects of personal data;
• prevents the risk of violation of the security of personal data processing.

1.7. The purpose of processing personal data obtained in the process of the Site’s operation is to carry out the statutory activities of the Public Organization:

• administration of our Site and conducting social and community activities;
• providing an opportunity to receive feedback through the form on the Site;
• sending you non-marketing communications;
• sending you marketing communications related to our community activities, from which you can unsubscribe at any time;
• providing third parties with statistical information about our users (in this case, third parties will not be able to identify any individual user from this information);
• consideration of requests and complaints made by you or about you regarding our Site;
• keeping our Site safe and preventing fraud;
• checking compliance with the terms governing the use of our Site (including monitoring private messages sent through our Site’s private messaging service).

 

2. COLLECTION AND PROCESSING OF PERSONAL DATA.

2.1. The processing and storage of the provided personal data are carried out in data centers where equipment ensuring the operation of the Site’s services is located. The provided personal data is processed and may be stored in the Personal Data Database or a separate table of the Site’s Database.

2.2. The Public Organization may collect and process the following information about you:

Information you provide to the Public Organization: This is information about you that you provide by using the Site and its options, subscribing to receive updates by email, making charitable donations through the Site’s options, communicating with the Public Organization through the options available on the Site, etc.

Information about you collected by the Site and other systems: If you visit the Site, third parties may collect certain information about you and your visits, such as the type and version of your browser, pages on the Site you visit, internet protocol (IP) address. If you contact the employees of the Public Organization through the Site or other means of electronic communication.

Information collected by third parties about you on the Site by taking certain actions: This is information about you that you provide to third parties (such as Facebook, Google, Twitter) using options for social media sharing available on the Site, when transitioning from one page to another, or by viewing materials that have links (open) to other platforms (websites).

2.3. How the Public Organization processes your personal data depends on how you use the Site and interact with it. Some information may be provided directly by you when using the Site or in another way, while other information may be collected and processed by the Public Organization using automated technologies on the Site.

2.4. Legal grounds for data processing: when visiting the Site, the Public Organization processes your personal data if

• The Public Organization has obtained your consent for such processing;
• Your personal data is necessary for the Public Organization to conclude and execute a legal transaction with you or to take measures preceding the conclusion of a legal transaction;
• In cases where the Public Organization has a legitimate interest in processing your personal data, and this legitimate interest does not override your interests in data protection or your fundamental rights and freedoms;
• In other cases defined by applicable law. In some cases, the Public Organization may have a legal obligation to process your personal data to form, exercise, or protect legal claims.

2.5. The Public Organization uses your personal data only for the purposes defined by this Policy and applicable law, including (but not limited to),

• Processing your requests (appeals) to the Public Organization made through the Site;
• Facilitating the exchange of information, relations in the field of advertising and communication in accordance with the Laws of Ukraine “On the Protection of Personal Data,” “On Information,” “On Advertising,” “On Telecommunications,” “On the Protection of Information in Information and Telecommunication Systems,” “On Public Associations”;
• Implementing other statutory purposes of the Public Organization as defined by applicable law.

2.6. The dissemination of your personal data is carried out exclusively with your consent or in cases specified in this Policy and applicable law.

Personal data may be transferred to third parties in the following cases:

• If you give your unequivocal consent to such transfer;
• If it is necessary to conclude or perform a legal transaction between us and a third party for your benefit;
• If necessary for the formation and implementation of legal procedures (claims, lawsuits, legal processes, etc.);
• In the presence of significant reasons of public interest;
• At the justified requests of state authorities that have the right to demand and receive such data and information.

Except as provided in this Policy, we undertake not to provide your personal information to third parties.

2.7. Period of personal data storage.

Your consent to the processing of personal data is valid for an indefinite period. The storage period for your personal data is not limited. Your personal data is processed for a period not exceeding what is necessary according to their legal purpose and the purposes defined by this Policy.

Your personal data shall be deleted or destroyed in case of:

• The expiration of the 2-year storage period or another period determined by applicable law;
• Termination of legal relations between the data subject and the Fund, unless otherwise provided by law;
• In other cases defined by applicable laws in the field of personal data protection.

2.8. The Public Organization does not process personal data regarding racial or ethnic origin, political opinions, religious or philosophical beliefs, membership in political parties and professional unions, convictions of criminal offenses, as well as data related to health, sexual life, biometric or genetic data, except as provided by law.

•  

3. RIGHTS OF PERSONAL DATA SUBJECTS.

3.1. When visiting/using the website, you have the right to:

• Receive information from the Public Organization not specified in this Policy regarding the processing and conditions of providing access to your personal data, or give relevant authorization for obtaining this information by your authorized persons, except in cases defined by legislation;

• Know the location of personal data containing your personal information, its purpose and name, the location and/or residence (stay) of the owner of this database, or give the corresponding authorization to obtain this information by authorized persons, except in cases established by law;

• Receive information about the conditions of access to personal data, including information about third parties to whom your personal data is transferred, contained in the relevant personal data database;

• Present a reasoned demand to object to the processing of your personal data by government authorities, local self-government bodies in the exercise of their powers provided by law;

• Present a reasoned request for the modification or destruction of your personal data by any owner and manager of this database if such data is processed unlawfully or is inaccurate;

• Have the right to protect your personal data from illegal processing and accidental loss, destruction, damage due to intentional concealment, non-provision, or untimely provision, as well as protection from the provision of information that is inaccurate or tarnishes the honor, dignity, and business reputation of a natural person;

• Contact authorities of state power, local self-government bodies, whose powers include the protection of personal data, for questions regarding the protection of your rights regarding personal data;

• Apply legal remedies in case of violation of legislation on the protection of personal data.

3.2. You have the right to address questions related to the collection, use, storage, and other processing of your personal data to the Authorized Representative of the Verkhovna Rada of Ukraine for Human Rights, whom you can contact at the email address hotline@ombudsman.gov.ua. If you have any questions about this Policy or if you have received any unwanted electronic notifications sent by the Public Organization or allegedly sent on behalf of the Public Organization, please contact us directly at the email address in.touch.ukraine.foundation@gmail.com.