This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
In this policy, "we", "us" and "our" refer to Hear the World Foundation.
Please note that the information or services provided here by us are directed at adults only and not at children under the age of 16. We do not knowingly collect Personal Data from anyone under the age of 16 online. Any person who provides their Personal Data here represents that they are 16 years of age or older. If you learn that your child has provided us with Personal Data without your consent, you may alert us as described in the “How to contact us” section below. If we learn that we have collected any Personal Data from children under the age of 16, we will promptly take steps to delete such information and delete the child’s profile.
How we use your personal data
In this Section we have set out:
(a) the general categories of personal data that we may process;
(b) in the case of personal data that we did not obtain directly from you, the source and specific categories of that data;
(c) the purposes for which we may process personal data; and
(d) the legal bases of the processing.
We may process data about your use of our website and services ("usage data"). The usage data may include your geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system Google Analytics. This usage data may be processed for the purposes of analyzing the use of the website and services. The legal basis for this processing is your consent and our legitimate interests, namely monitoring and improving our website and services. You may opt-out of this at any point by visiting our cookie preference center.
We may process information relating to donations that you do through our website ("transaction data"). The transaction data may include the amount, the currency, the transaction ID, and your PayPal username. For the payment of the donation our payment provider will ask for your login details or your credit card data. The transaction data may be processed for the purpose of keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us, at your request and our legitimate interests, namely the proper administration of our website and business.
We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletter ("notification data"). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent and you can opt-out at any time.
We may process information contained in or relating to any communication that you send to us ("correspondence data"). The correspondence data may include the communication content and metadata associated with the communication. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
In addition to the specific purposes for which we may process your personal data set out in this Section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Please do not supply any other person's personal data to us, unless we prompt you to do so.
Please do not enter any personal data in the site search box.
Providing your personal data to others
We may disclose your personal data to any member of our foundation (this includes Sonova AG and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.
We may disclose your personal data to professional advisers insofar as reasonably necessary for the purposes of obtaining professional advice or defense of legal claims.
We may disclose ("usage Data") to our advertising, analytics and social media providers insofar as is reasonably necessary to measure the success of and improve our advertising and social media efforts. This personal data may include IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. These advertising providers include Facebook, Google, DoubleClick, and YouTube. The legal basis for this processing and provision is consent. You may opt-out of this at any point by visiting our cookie notice and cookie preference center.
Financial transactions ("transaction data") relating to our website and services are handled by our payment services provider, PayPal Inc. (USA). We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments and dealing with complaints and queries relating to such payments. You can find information about the payment services providers' privacy policies and practices at https://www.paypal.com/EN/webapps/mpp/ua/privacy-full
We may disclose ("notification Data") to our newsletter service provider. The legal basis for this processing is consent. You may opt-out of this at any time by clicking the unsubscribe link the newsletter.
In addition to the specific disclosures of personal data set out in this Section 3, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
International transfers of your personal data
Please note that the above-mentioned third parties to whom we may disclose your personal data may be located outside of your country of domicile and the European Economic Area (EEA), potentially including countries such as the United States, whose data protection laws may differ from those in the country in which you are located. In such cases, we will ensure that appropriate safeguards are in place to protect your Personal Data by implementing appropriate legal mechanisms, such as EU Standard Contractual Clauses. Your explicit consent is obtained for the transfer of your data to the USA before the corresponding service on the website is activated.
Retaining and deleting personal data
We will store your Personal Data as long as required to fulfill the purposes outlined in this Statement, unless a longer or shorter retention period is required or permitted by applicable law.
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy.
In this Section 7, we have summarized the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summary. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
You have the right to know and inquire what Personal Data we hold about you and to request that the correction or deletion of your Personal Data held by us or by a third party with whom we conduct business. In addition, you have the right to object to or to request the restriction of the processing of your Personal Data and you may contact your local data protection authority and file a complaint regarding the processing of your Personal Data.
If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
If you would like to make such a request, please contact us as described in the section “How to contact us” below. After you have provided satisfactory proof of identity, we will respond within a reasonable time.
How to contact us?
If you have any questions, comments, or concerns about this Statement, or want to request access to your Personal Data or exercise your privacy rights, please contact us using the contact information below. You may also reach out to our Data Protection Officer at firstname.lastname@example.org.
17 May 2018
Hear the World Foundation