We’ve updated our Privacy & Cookies Policy as of 24/05/2018
INTRODUCTION AND GENERAL TERMS
The DA Abroad are committed to protecting any personal information we obtain about you, whether you are just visiting our website at www.da-abroad.org, or are a supporter, member or volunteer, or engage with the DA Abroad on social media (including our Facebook and Twitter pages).
- what information the DA Abroad may collect about you;
- how and why the DA Abroad will use the information we collect about you;
- when the DA Abroad may use your details to contact you;
- whether the DA Abroad will disclose your details to anyone else;
- your rights regarding the personal information you provide to us;
The DA Abroad is committed to safeguarding your personal information. Whenever you provide such information, we are legally obliged to use your information in line with all laws concerning the protection of personal information.
We keep our privacy practices under review and may change this Privacy & Cookies Policy from time to time by posting changes on the Services or otherwise notifying them to you.
We are a “controller” under the General Data Protection Regulation (the GDPR) and other applicable data protection legislation (Data Protection Law). This means we are responsible for deciding how we use the personal data that we collect about you and, in accordance with the Data Protection Law, we will ensure that the personal data we hold about you is, at all times:
- used fairly, lawfully, and transparently;
- collected for limited, specific purposes only;
- adequate, relevant to and limited to what is necessary for those purposes;
- kept accurate and up-to-date;
- not kept for longer than is necessary; and
- held securely.
We shall be accountable for and able to demonstrate our compliance with our obligations under the Data Protection Law, and this Privacy & Cookies Policy is one of the ways in which we do that.
PERSONAL DATA WE COLLECT ABOUT YOU
Personal data means any information about an individual from which that person can be identified. When you contact DA Abroad to make a donation, become a member, or sign up to any of DA Abroad’s activities or online content, such as newsletters, petitions, or message boards, or you telephone, email, write to or text DA Abroad, or engage with DA Abroad via social media channels, we may receive and retain personal information about you.
We may collect and use various types of your personal data:
- “Identity Data”, which comprises information such as your first name, last name, marital status, title, date of birth and gender.
- “Contact Data”, which comprises information such as your address, delivery address, email address and telephone number(s).
- “Technical Data”, which comprises information such as your IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the device(s) you use to access our website.
- “Profile Data”, which comprises information such as your interests, preferences, feedback and survey responses.
- “Usage Data”, which comprises information such as about how you use our website, products and services.
- “Marketing and Communications Data”, which comprises your preferences in receiving marketing from us and third parties, and your communication preferences.
Not all of the list above will necessarily apply to you – it depends on your use of the Services and your particular interaction and communications with us.
We do not usually collect “sensitive personal data” about our supporters, e.g. health status, unless there is a clear reason for doing so – such as where we need this to ensure that we provide appropriate facilities or support to enable you to participate in an event. Clear notices will be provided on applications for such events so that it is clear what information we need and why we need it. If you are simply browsing our website as an anonymous visitor, DA Abroad may still collect certain information from you, such as your IP addresses (an IP address is a number that can uniquely identify a specific computer or other network device on the internet).
HOW WE COLLECT YOUR PERSONAL DATA
You provide us with your personal data when you:
- access or use the Services;
- request information, marketing and other communications to be sent to you;
- sign a petition or survey, or provide us with your feedback; and
- otherwise interact or correspond with us (including via email, social media or telephone).
We collect the Technical Data automatically as you interact with our Services by using cookies and other similar web technologies.
We use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to certain parts of the Services. This information is only used by us in a way which does not identify you. We do not make, and do not allow Google to make, any attempt to find out the identities of anyone visiting our website.
HOW AND WHY WE USE YOUR PERSONAL DATA
We will only use your personal data where Data Protection Law allows us to. Data Protection Law says we can collect and use personal data on the following bases:
- it is necessary for us to be able to perform an agreement with you.
- it is necessary for our legitimate interests (and your interests and fundamental rights do not override those interests);
- if we have your consent (which you can withdraw at any time); or
- to comply with a legal obligation i.e. rules laid down by courts, statute or regulation.
Accordingly, we lawfully use your personal data in the following ways:
Delivering the Services: We use the User Data and Communications Data so that we can deliver the Services to you in an effective, efficient and accurate way. Without it we would not be able to deliver a tailored service to you or respond to issues with these Services that are identified by us or you, or ensure you get the most out of your experience. Therefore, we use this data on the basis that it is necessary for us to be able to perform our agreement with you (i.e. the terms and conditions of the relevant Services) and for our legitimate interests of delivering the Services in this way.
Operating the Services: We use the Technical Data in order to operate and administer the Services including as necessary for testing, analysis, maintenance, support, reporting and hosting of data. Therefore we use this data on the basis that it is necessary for our legitimate interests of operating the Services in this way. We also use Technical Data together with certain Identity Data and Contact Data to assist in security and fraud prevention, system integrity (such as preventing hacking, cheats and spam) and/ or to facilitate our response to a legal process. Therefore we use this data on the basis that it is necessary both for our legitimate interests in protecting the Services in this way and in order that we can comply with a legal obligation.
Marketing Communications: We use the Identity Data and Contact Data to inform you of news, campaigns, events and voting procedures by specified media (including, if requested, by way of calendar notifications) which may be of interest to you. We give you the option of providing opt-in consent to receive different kinds of direct marketing communications from us or the DA or deciding not to do so.
OPT-ING OUT: You can withdraw your consent and opt-out of marketing communications from us at any time by updating your Email Preferences or by following the instructions provided to you in the relevant communication (for example, the ‘unsubscribe’ or ’email preferences’ link in an email). Alternatively, you may contact us at firstname.lastname@example.org. We may still need to send service emails to you from time to time.
Other purposes: We could have to use your personal data which we hold to protect your or someone else’s vital interests for example to make contact in rare emergency situations. We could also have to use your personal data in connection with legal and regulatory matters such as our maintenance of business records, compliance with external reporting requirements and internal policies and procedures and responses to requests by government, law enforcement, regulators, courts, rights holders or other third parties including in respect of the use or misuse of intellectual property, such as our brand or media rights, or those of our licensees/commercial partners or their parties. Therefore we use this data on the basis that it is necessary both for our legitimate interests in protecting, defending and enforcing rights and interests in this way and also so that we can comply with legal obligations.
We will only use your personal data for the purposes for which we collected it as described above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
What if you do not want to share your personal data?
Unless otherwise specified above, generally we collect your personal data on a voluntary basis. However, please note that if you decline to provide certain mandatory personal data, you may not be able to access certain Services and we may be unable to fully respond to any inquiries you makes
DISCLOSURE OF YOUR PERSONAL DATA
We will only use your information within the DA Abroad and the Democratic Alliance for the purposes for which it was obtained. DA Abroad and the Democratic Alliance will not, under any circumstances, share or sell your personal data with any third party for marketing purposes and you will not receive offers from other companies or organisations as a result of giving your details to us.
We may need to share your information with “data processors” such as our service providers, associated organisations and agents who help us to prepare and send the materials relating to our projects and fundraising activities. These “data processors” will only act under our instruction and we will not allow these organisations to use your data for their own purposes and will take care to ensure that they keep your data secure.
We will also comply with legal requests where disclosure is required or permitted by law (for example to government bodies for tax purposes or law enforcement agencies for the prevention and detection of crime, subject to such bodies providing us with a relevant request in writing).
TRANSFERRING YOUR PERSONAL DATA OUTSIDE THE EU
Some countries outside of the European Union (EU) do not have laws that protect privacy rights and personal data as extensively as the UK and other countries within the EU. We do routinely transfer personal data to the DA in South Africa, and if we do transfer your personal data outside of the EU, we will ensure that it is protected to a similar degree, in accordance with Data Protection Law. We do this by ensuring one of the specific safeguards approved by the European Commission is in place. You can find further information about these safeguards at https://ec.europa.eu/info/law/law-topic/data-protection_en.
SECURITY OF YOUR PERSONAL DATA
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed (a Data Security Breach). In addition, we limit access to your personal data to those employees, volunteers, contractors and other third parties who have a business need to know. They will only use your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected Data Security Breach and will notify you and any applicable regulator where we are legally required to do so.
Where we have given you or you have chosen a password which enables you to access certain Services, you are responsible for using reasonable care in keeping this password confidential.
LINKS TO OTHER SITES
We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any accounting, reporting or other legal requirements, in accordance with our Data Retention Policy.
To determine the appropriate retention period, we review – in addition to the purposes of use and how we can achieve them – other relevant factors such as the nature and scope of the personal data, the potential risks to data subjects from a Data Security Breach, and the applicable legal requirements, for example the limitation period for which legal claims can be made in court.
Under Data Protection Law, you have certain rights (depending on the circumstances) in connection with your personal data, which include:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are using it lawfully, provided always that this does not adversely affect the rights and freedoms of other people;
- Request correction of the personal data that we hold about you. Where any of the information we hold about you is incorrect or incomplete we will act promptly to rectify this, including where you have requested us to do so. Users of the DA Abroad Website can update their information any time via their account preferences;
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to use it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to our use (see below);
- Object to use of your personal data where we are relying on our legitimate interests (see above) and there is something about your particular situation which makes you want to object to our use on this ground;
- Withdraw your consent to our use of your personal data where we do so in reliance on your consent. Once we have received notification that you have withdrawn your consent, we will no longer use your personal data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law;
- Request the restriction of use of your personal data. This enables you to ask us to suspend the use of personal data about you, for example if you want us to establish its accuracy or the reason for using it; and
- Request the transfer of the personal data you have provided, on the basis of consent or for a contract with us, to you or a third party where technically feasible.
We are committed to respecting your rights. You may action your rights (as may be applicable) by contacting us using the details provided below and we will comply with your requests within a reasonable period unless we have a lawful reason not to do so.
Requests should be made in writing and to ensure that personal data is dealt with carefully and confidentially we will require the requestor to provide verification of their identity and all applications must be accompanied by copies of at least two official documents, which show your name, date of birth and current address (for example, driving licence, birth/ adoption certificate, passport, recent utility bill).
In responding to such requests, we will explain the impact of any objections, restrictions or deletions requested.
We will not charge you a fee to exercise your rights unless your request is clearly unfounded or excessive, in which case we may charge you a reasonable fee. Alternatively, we may refuse to comply with the request in such circumstances.
If you would like further information on the specific mechanism used by us when transferring your personal data out of the EU you can contact us using the details provided below.
What is a cookie?
Cookies are small text files on your device. They are made by your web-browser when you visit a website. Every time you go back to that website, your browser will send the cookie file back to the website’s server. Cookies are useful because they allow a website to recognise a user’s device. You can find more information about cookies at: www.allaboutcookies.org and www.youronlinechoices.eu. For more information, visit https://ico.org.uk/global/cookies/or https://policies.google.com/technologies/cookies
Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving the user experience.
They can also help to ensure that adverts you see online are more relevant to you and your interests.
Further information on DA Abroad cookies and how to control your cookie preferences
A list of the main cookies that we use and what each is used for, together with ways to control your cookie preferences are listed here:
The DA Abroad website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of the website and compile reports for us on activity on the site.
Google stores the information collected by the cookie on servers in the United States of America. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using the DA Abroad website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
How to reject or delete this cookie: https://www.google.com/intl/en/privacypolicy.html
Cookies set by Third Party sites
To enrich our content, we sometimes embed photos and video content from websites such as YouTube, Facebook or Twitter. As a result, when you visit a page with content embedded from, for example, YouTube, Facebook or Twitter, these sites may set a cookie.
The DA Abroad website also carries embedded ‘share’ buttons to enable users of the site to easily share articles with their friends through a number of popular social networks, for example, Facebook, Twitter or Google+. These sites may set a cookie when you are also logged in to their service.
DA Abroad does not control the dissemination of these cookies and you should check the relevant third party website for more information about these.