Women in Voice (WiV) respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how WiV looks after your personal data when you visit our website (regardless of where you visit it from, or how you visit it), and tell you about your privacy rights and how the law protects you, as well as what data we collect, how we collect it and how we process data received from you on our site.
This privacy notice aims to give you information on how WiV collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, attend an event or take part in a competition.
This policy covers the collection, processing and other use of personal data under the Data Protection Act 1998 (“DPA”) and the General Data Protection Regulations (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We strive for complete transparency and data protection by design and by default.
By using the Website, you consent to this policy. For further information, queries or concerns please contact us.
Who We Are
Women and Voice is referred to as “We”, “Our”, “WiV” throughout this document. “You” and “Your” is the user
Maddy Apple is the Data Controller.
Romina Pankoke is the EAA representive.
Our website address is womeninvoice.org.
What We Collect
Personal data, or personal information, means any information about an individual from which that person can be identified. When able we anonymize data, however there is occasions where we need personal data to achieve specific functions of our service. When this is the case you will be pointed again to this document to be made aware of your rights connected to your data and how we look after it. You will also be asked to opt in again to submitting your data.
Automatically collected data for use with Google Analytics, to improve the experience of our users and gain insights to the wants and needs of our community. We use anonymisation settings within Google Analytics so that your personal data is not connected to this data.
Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your membership profile or emailing us at email@example.com.
How We Collect Data
We use different methods to collect data from and about you including through:
You may give us your Identity, Contact and Financial Data by filling out forms or by corresponding directly with us by post, phone, email or otherwise. This includes personal data you provide when you:
- apply for our products or services;
- create an account on our website;
- subscribe to our service or publications;
- request marketing to be sent to you;
- enter a competition, promotion or survey; or
- give us some feedback.
In such situations we will get you to “opt in” and point you again to this document, to give you oppitunity to understand your rights in relation to your own data.
Automated technologies or interactions.
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. This data is anonymized.
The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 20 days before being purged.
How We Use What We Collect
We may hold and process personal data that you provide to us in accordance with the DPA and GDPR.
The information that we collect and store relating to you is primarily used to enable us to provide our services to you, such as participation in an intiative/meetup or survey group.
In addition, we may use the information for the following purposes:
- To notify you about any changes to our website, such as improvements or service/product changes, that may affect our service
- Present site content effectively to you
- Provide information, products and services that you request, or (with your consent) which we think may interest you
- Carry out our contracts with you
- Allow you to use our interactive services if you want to
- Where you have consented to receive our e-newsletters
- To Provide you with Support
- To dectect prevent and address technical issues
- To improve our Website and services we provide to the WiV community
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. In any event, we will conduct an annual review to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it, or you request it to be deleted.
Where Is My Data
As part of the services offered to you, for example through our Website, the information you provide to us may be transferred to and stored in countries outside of the European Economic Area (EEA) as we use remote website server hosts to provide the website and some aspects of our service, which may be based outside of the EEA, or use servers based outside of the EEA – this is generally the nature of data stored in “the Cloud”. It may also be processed by staff operating outside the EEA who work for one of our suppliers, e.g. our website server host, or work for us when temporarily outside of the EEA.
Otherwise, we will process, disclose or share your personal data only if required to do so by law or in the good faith belief that such action is necessary to comply with legal requirements or legal process served on us or the website.
By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.
You have the right to opt out of our processing your personal data for marketing purposes by contacting us at firstname.lastname@example.org.
Disclosing Your Data
Disclosure For Law Enforcement
Under certain circumstances, WiV may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
WiV may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
Third Parties – Transfering Data
We use Google Analytics (GA) for aggregated, anonymized website traffic analysis. In order to track your session usage, Google drops a cookie (_ga) with a randomly-generated ClientID in your browser. This ID is anonymized and contains no identifiable information like email, phone number, name, etc. We also send Google your IP Address. We use GA to track aggregated website behavior, such as what pages you looked at, for how long, and so on. This information is important to us for improving the user experience and determining site effectiveness. If you would like to access what browsing information we have – or ask us to delete any GA data – please delete your _ga cookies, reach out to us via this form, and/or install the Google Analytics Opt-Out Browser Add-On.
In connection with Google Analytics, including tags and cookies, your Personal Data will be transferred to the USA. In the case of the USA, the EU Commission has not decided that an adequate level of data protection within the meaning of the GDPR exists; such an adequacy decision (Art. 45 GDPR) has not been taken. However, Google LLC is EU-U.S. Privacy Shield certified. This ensures an adequate protection of your Personal Data. The complete text of the US Privacy Shield Framework can be accessed under the following link: https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg
When asked for information via google forms we follow GDPR requirements ensuring that you are aware of why we are directly collection personal information. We by process only collect data required to preform the service that you are opting into. The G-Suite statement on GDPR compliance can be found here https://cloud.google.com/security/gdpr G-Suite and it’s associated services fall under Googles status as a Privacy Shield certified company.
Word Fence – Security by Sucuri
In connection with the dispatch of our newsletters, your Personal Data will be trans-mitted to our newsletter dispatch company Mailchimp in the USA. In the case of the USA, the EU Commission has not decided that an adequate level of data protection within the meaning of the GDPR exists; such an adequacy decision (Art. 45 GDPR) has not been taken. However, MailChimp (Intuit) is EU-U.S. Privacy Shield certified. This ensures an adequate protection of your Personal Data. The complete text of the US Privacy Shield Framework can be accessed under the following link: https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg
More information about Intuit: https://www.intuit.com/privacy/statement/shield-certification/
Links To Other Sites – Including Social Media Links and Event Signups
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our site. These websites should have their own privacy policies. We do not control these third-party websites and do not accept any responsibility or liability for their policies whatsoever as we have no control over them. When you leave our website, we encourage you to read the privacy notice of every website you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services. In addition, we transfer your Personal Data only and insofar as there is a legal obligation to do so (legal base: Art. 6 I 1 c) GDPR) (e.g. to the police authorities in the context of criminal investigations or to the data protection supervisory authorities).
This website and other online WiV activities are not intended for children and we do not knowingly collect data relating to children.
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
Updates And Changes
We may update these policies to reflect changes to the website or our services and customer feedback as well as adapting changes to laws regarding data privacy.
Your data security is very important to us. We have put in place internal secutrity policies to make sure that we do everything we can to keep your data safe.
We make sure that we don’t collect any data that we don’t need and only collect data with your knowledge.
The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Your Legal Rights
We want to make sure that you have complete access to the rights that you have under the GDPR.
You have the right to:
- request access to, deletion of or correction of, your personal data held by us at no cost to you;
- request that your personal data be transferred to another person (data portability);
- be informed of what data processing is taking place;
- restrict processing;
- to object to processing of your personal data; and
- complain to a supervisory authority.
If you would like to act on any of the above please contact email@example.com
Please note that we may ask you to verify your identity before responding to such requests.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).