Definition of Data Protection Terms
Data means any representation of information (including an expression of opinion) in any document, and includes any personal identifier.
Data Subject means an individual who is the subject of Personal Data.
Personal Data means any Data:
- relating directly or indirectly to a living individual;
- from which it is practicable for the identity of the individual to be directly or indirectly ascertained; and
- in a form in which access to or Processing of the Data is practicable.
Data User means an individual who, either alone or jointly or in common with other persons, controls the collection, holding, Processing or use of Personal Data.
Data Processor means a person, whether within or outside of the RP, who processes Personal Data on our behalf and does not process the Personal Data for any of the person’s own purposes.
RP means the Republic of Poland.
Processing includes, in relation to Personal Data, amending, augmenting, deleting or rearranging the Data, whether by automated means or otherwise.
Data Protection Principles
Any Data User collecting and using Personal Data must comply with the following principles of good practice:
- Personal Data must be collected for a lawful purpose directly related to a function or activity of the Data User;
- Personal Data must be collected by means which are lawful and fair in the circumstances;
- Personal Data must be adequate and not excessive for the purpose for which it was collected;
- Personal Data must be accurate;
- Personal Data must not be kept longer than necessary for the purpose for which it was collected;
- Personal Data must be used only for the purpose for which it was collected;
- Personal Data must be secure from any unauthorised or accidental access, Processing, erasure, loss or use;
- Personal Data must not be transferred to Data Processors without contractual or other safeguards for the security of, and proper retention practices in relation to, the transferred Personal Data;
- Personal Data must be accessible by the Data Subject to whom it relates; and
- Data Users must maintain transparency in their practices for handling Personal Data.
Pursuant to compliance with the principles of good practice, we require that:
- any Data Processor Processing Personal Data on our behalf are contractually responsible for following good Data protection practice;
- any Data Processor Processing Personal Data on our behalf is appropriately trained to do so;
- any Data Processor Processing Personal Data on our behalf is appropriately supervised;
- any enquiries relating to the Processing of Personal Data are promptly dealt with;
- appropriate methods of Processing Personal Data are clearly communicated to any Data Processor who is Processing Personal Data on our behalf;
- any Data Processor maintains retention practices which ensure that Personal Data is not retained for longer than is necessary;
- any Data Processor maintains adequate security measures to prevent unauthorised or accidental access, Processing, erasure, loss or use of Personal Data; and
- regular reviews and audits are made of the way Personal Data is collected, stored and processed by us or on our behalf.
Collection of Personal Data
Personal Data collected by us
From time to time, we may ask you to provide us with your Personal Data in the course of your relationship with us as a donor, supporter or fundraiser. You are not obliged to provide your information to us, but if you do not, we may not be able to contact you or to process your donation, application or request. We will collect such Personal Data from you to the extent permissible under the applicable law and regulations, including the GDPR.
Typically, we collect your Personal Data in the following ways:
- from your completion of donation forms;
- from your completion of our donor surveys;
- during our street fundraising activities;
- during our fundraising telemarketing calls;
- when you make a donation;
- when you apply for all positions in the NeuroLandscape office;
- when you enrol to our fundraising events;
- when you email us your comments, feedback, opinion or suggestions;
- when you register to participate in a discussion on our bulletin boards, forums or social media on our website; and/or
- in the course of your establishing or maintaining a donor/supporter relationship with us.
- when you subscribe to our newsletter
- when you register an account for set-up of a fundraising web page for NeuroLandscape
- when you update your information by post, fax, email, phone or through our website.
Personal Data that we may collect from you include:
- Your name;
- You mailing address;
- Your email address;
- Your phone number;
- Your fax number,
- Your gender
- Your title
- Your date of birth;
- Your bank account information (when you make a donation).
- The name of your organization
Personal Data collected from third parties
From time to time, we may engage third party service providers to conduct some of its fundraising activities on our behalf, and in doing so, to collect Personal Data of donors and/or supporters on our behalf. These activities include:
- direct dialogue or street fundraising where the agent, contractor or third party service provider may invite people on the street to sign up to NeuroLandscape as donors;
- telemarketing where the agent, contractor or third party service provider may take donation orders over the phone;
- direct marketing by post or email where the agent, contractor or third party service provider may send direct marketing materials to individuals.
Use of Personal Data
Specific purposes will be notified to you when we collect your Personal Data. Any Processing of your Personal Data will be only for those specified purposes or for other purposes specifically permitted under the GDPR. If it becomes necessary to change the purpose(s) for which the Data is processed, we will inform you of the new purpose(s) and obtain your consent before any Processing occurs.
Typically, we collect your Personal Data for the following purposes:
- to conduct fundraising activities;
- to process any donations made by you;
- to conduct donor surveys;
- to issue receipts for your donation;
- to foster communications between you and NeuroLandscape;
- for any purposes in connection with any claims made by or against or otherwise involving you in respect of any fundraising activities organised or held by us including, without limitation, to make, defend, analyse, investigate, process, assess, determine or respond to such claims;
- to exercise any rights we may have in connection with our fundraising activities from time to time;
- to comply, where reasonably necessary, with any court orders, law, rules, regulations, codes of practice, guidelines or requests binding on us, including without limitation to make disclosures of your Personal Data to regulators, governmental bodies, tax authorities or industry recognized bodies, all of which may be within or outside the RP; and/or
- for any purposes relating to the above or any other purposes in accordance with this Policy and other policies in relation to our fundraising activities as set out in any notices or other terms and conditions made available by us to you from time to time.
Transfer of Your Personal Data
Your Personal Data will not be sold or transferred to any third parties.
Our website utilizes StatsCounter (cookies) to collect information about how our website is used. Cookies are widely used in order to provide information about users’ browsing preferences to the owners of the website. Cookies allow us to improve our website and your browsing experience. You may opt-out of cookies by disabling cookie support in your browser, but doing so may prevent our website from functioning properly (for example, banner displays may not function properly) and you may not be able to utilize fully all of the website features.
What is a Cookie? A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit a website, that website’s computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies. Each website can send its own cookie to your browser if your browser’s preferences allow it, but (to protect your privacy) your browser only permits a website to access the cookies it has already sent to you, not the cookies sent to you by other websites. A cookie cannot retrieve any other Data from your hard drive or pass on computer viruses.
The cookies we store on our websites are used to:
- track the number, and type of visits to the websites and their pages, and compile anonymous, aggregated statistics on the number of users and their usage patterns, in order for us to evaluate and enhance the performance of our websites, and
- personalize the content of our websites and facilitate user movement within the websites (including without limitation by storing your preferences for screen layouts and language, and remembering passwords during a session and the country you may have elected as your country of residence).
This information is not shared with any third parties.
Disabling Cookies. Browsers are usually set to accept cookies. However, if you would prefer not to receive cookies, you may opt out of being tracked by any website using StatCounter by visiting https://statcounter.com/about/set-refusal-cookie/.
To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
Social Media Plugins
Our website also uses social plugins of social networking sites including facebook.com (“Facebook”), twitter.com (“Twitter”), youtube.com (“Youtube”). The plugins can be identified by the websites’ logos (e.g. a white “f” on a blue tile or a “thumbs-up” icon for Facebook, or a blue bird for Twitter), or the phrase “Social Plugin”.
You can deactivate social plugins at any time by changing your browser preferences.
Accuracy of Your Personal Data
We will take all practicable steps to ensure that the Personal Data we hold is accurate and kept up-to-date. We will therefore take reasonable and appropriate steps to check the accuracy of any Personal Data at the point of collection and at regular intervals afterwards. Personal Data which is found to be inaccurate or out of date will be destroyed. Please see the “Access and Correction Requests” section below to find out how to make a correction request.
Retention of Your Personal Data
All practicable steps will be taken to ensure that your Personal Data is not kept longer than is necessary. We will therefore destroy or erase from our systems Personal Data when it is no longer required.
Security of Your Personal Data
Once we receive your Personal Data, we will make our best efforts to ensure its security on our systems and we will take all practicable and reasonable steps to protect your Personal Data from unauthorised or accidental access, processing, erasure, loss or use.
Links to other websites
Our website contains links to other websites that are not under our control, even though they may use our name or logo on their website through an agreement with us. These other websites do not necessarily follow our privacy policies, and we recommend that you read their privacy policies carefully. We cannot control, and do not accept any liability for, the content of linked sites.
Access and Correction Requests
Under and in accordance with the terms of the GDPR
, you have the right to:
- access your Personal Data stored with us,
- erasure (right to be forgotten)
- restriction of processing
- data portability
- automated individual decision-making
Requests for the access and/or correction of Personal Data held by us may be made in writing to:
ul Suwalska 8/78, 03-252 Warsaw, Poland or firstname.lastname@example.org
This Policy shall be deemed an integral part of forms and applications you may submit to us.
Last Update: 1 September 2018