WiV Privacy Policy

Introduction

Women in Voice (WiV) respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how WiV looks after your personal data when you visit our website (regardless of where you visit it from, or how you visit it), and tell you about your privacy rights and how the law protects you, as well as what data we collect, how we collect it and how we process data received from you on our site.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. Additional Privacy notes and policies may be posted and used in conjunction with this privacy policy.

This privacy notice aims to give you information on how WiV collects and processes your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, attend an event or take part in a competition. 

This policy covers the collection, processing and other use of personal data under the Data Protection Act 1998 (“DPA”) and the General Data Protection Regulations (“GDPR”) and the California Consumer Privacy Act (“CCPA”). We strive for complete transparency and data protection by design and by default. 

By using the Website, you consent to this policy. For further information, queries or concerns please contact us.

Who We Are | What We Collect  | How We Collect Data | Cookies | How We Use What We Collect | Where Is My Data? | Disclosing Your Data | Third Parties | Children | Updates And Changes  | Security | Your Legal Rights |

Who We Are

Women and Voice is referred to as “We”, “Our”, “WiV” throughout this document. “You” and “Your” is the user

Maddy Apple is the Data Controller.

Romina Pankoke is the EAA representive.

Our website address is womeninvoice.org.

Our nominated representative or Data Protection Officer is Maddy Apple, CEO of Women in Voice. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact Maddy at admin@womeninvoice.org.

What We Collect

Personal data, or personal information, means any information about an individual from which that person can be identified.  When able we anonymize data,  however there is occasions where we need personal data to achieve specific functions of our service. When this is the case you will be pointed again to this document to be made aware of  your rights connected to your data and how we look after it. You will also be asked to opt in again to submitting your data. 

Automatically collected data for use with Google Analytics, to improve the experience of our users and gain insights to the wants and needs of our community. We use anonymisation settings within Google Analytics so that your personal data is not connected to this data.

Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. 

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by updating your membership profile or emailing us at admin@womeninvoice.org.

How We Collect Data

We use different methods to collect data from and about you including through:

Direct interactions.

You may give us your Identity, Contact and Financial Data by filling out forms or by corresponding directly with us by post, phone, email or otherwise. This includes personal data you provide when you:

• apply for our products or services;
• create an account on our website;
• subscribe to our service or publications;
• request marketing to be sent to you;
• enter a competition, promotion or survey; or
• give us some feedback.

In such situations we will get you to “opt in” and point you again to this document, to give you oppitunity to understand your rights in relation to your own data.

Automated technologies or interactions.

As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. This data is anonymized. 

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 20 days before being purged.

Cookies

Our Website uses cookies. All Cookies used by and on our website are used in accordance with current English and EU Cookie Law. Cookies are pieces of information that include a unique reference code that a website transfers to your device to store and sometimes track information about you.

A few of the cookies we use last only for the duration of your web session and expire when you close your browser. Other cookies are used to remember you when you return to the site and will last for longer.

All cookies used on our site are set by us.

We use cookies to gather information about your computer for our services and to provide statistical information regarding the use of our Website. Such information will not identify you personally – it is statistical data about our visitors and their use of our Website. This statistical data does not identify any personal details whatsoever.

We may also gather information about your general Internet use by using a cookie file. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer, as cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Website and the service that we provide to you.

All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our Website. 

Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can prevent the setting of cookies by adjusting the settings on your browser. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of the site.

Our cookies will be used for:

Essential session management

• creating a specific log-in session for a user of the site in order that the site remembers that a user is logged in and that their page requests are delivered in an effective, secure and consistent manner;
• recognising when a user of the site has visited before allowing us to identify the number of unique users we receive to the site and make sure we have enough capacity for the number of users that we get;
• recognising if a visitor to the site is registered with us in any way;
• we may also log information from your computer including the existence of cookies, your IP address and information about your browser program in order to allow us to diagnose problems, administer and track your usage of our site.

Functionality

• customising elements of the promotional layout and/or content of the pages of the site

Performance and measurement

• collecting statistical information about how our users use the site so that we can improve

How We Use What We Collect

We may hold and process personal data that you provide to us in accordance with the DPA and GDPR.

The information that we collect and store relating to you is primarily used to enable us to provide our services to you, such as participation in an intiative/meetup or survey group. 

In addition, we may use the information for the following purposes:

• To notify you about any changes to our website, such as improvements or service/product changes, that may affect our service
• Present site content effectively to you
• Provide information, products and services that you request, or (with your consent) which we think may interest you
• Carry out our contracts with you
• Allow you to use our interactive services if you want to
• Where you have consented to receive our e-newsletters
• To Provide you with Support 
• To dectect prevent and address technical issues
• To improve our Website and services we provide to the WiV community

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. In any event, we will conduct an annual review to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it, or you request it to be deleted.

Where Is My Data

As part of the services offered to you, for example through our Website, the information you provide to us may be transferred to and stored in countries outside of the European Economic Area (EEA) as we use remote website server hosts to provide the website and some aspects of our service, which may be based outside of the EEA, or use servers based outside of the EEA – this is generally the nature of data stored in “the Cloud”.  It may also be processed by staff operating outside the EEA who work for one of our suppliers, e.g. our website server host, or work for us when temporarily outside of the EEA.

A transfer of your personal data may happen if any of our servers are located in a country outside of the EEA or one of our service providers is located in a country outside of the EEA. If we transfer or store your personal data outside the EEA in this way, we will take steps with the aim of ensuring that your privacy rights continue to be protected, as outlined in this privacy policy and in accordance with the DPA and GDPR. If you use our service while you are outside the EEA, your personal data may be transferred outside the EEA in order to provide you with these services.

Otherwise, we will process, disclose or share your personal data only if required to do so by law or in the good faith belief that such action is necessary to comply with legal requirements or legal process served on us or the website.

By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.

You have the right to opt out of our processing your personal data for marketing purposes by contacting us at hello@womenofwearables.com.

Disclosing Your Data

Disclosure For Law Enforcement

Under certain circumstances, WiV may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Legal Requirements

WiV may disclose your Personal Data in the good faith belief that such action is necessary to:

• To comply with a legal obligation
• To prevent or investigate possible wrongdoing in connection with the Service
• To protect the personal safety of users of the Service or the public
• To protect against legal liability

Third Parties – Transfering Data

Google Analytics

We use Google Analytics (GA) for aggregated, anonymized website traffic analysis. In order to track your session usage, Google drops a cookie (_ga) with a randomly-generated ClientID in your browser. This ID is anonymized and contains no identifiable information like email, phone number, name, etc. We also send Google your IP Address. We use GA to track aggregated website behavior, such as what pages you looked at, for how long, and so on. This information is important to us for improving the user experience and determining site effectiveness. If you would like to access what browsing information we have – or ask us to delete any GA data – please delete your _ga cookies, reach out to us via this form, and/or install the Google Analytics Opt-Out Browser Add-On.

In connection with Google Analytics, including tags and cookies, your Personal Data will be transferred to the USA. In the case of the USA, the EU Commission has not decided that an adequate level of data protection within the meaning of the GDPR exists; such an adequacy decision (Art. 45 GDPR) has not been taken. However, Google LLC is EU-U.S. Privacy Shield certified. This ensures an adequate protection of your Personal Data. The complete text of the US Privacy Shield Framework can be accessed under the following link: https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg

Google Forms

 When asked for information via google forms we follow GDPR requirements ensuring that you are aware of why we are directly collection personal information. We by process only collect data required to preform the service that you are opting into.  The G-Suite statement on GDPR compliance can be found here https://cloud.google.com/security/gdpr   G-Suite and it’s associated services fall under Googles status as a Privacy Shield certified company. 

Word Fence –  Security by Sucuri

This site is scanned for potential malware and vulnerabilities by Sucuri’s SiteCheck. We do not send personal information to Sucuri; however, Sucuri could find personal information posted publicly (such as in comments) during their scan. For more details, please see Sucuri’s privacy policy.

Mail Chimp

In connection with the dispatch of our newsletters, your Personal Data will be trans-mitted to our newsletter dispatch company Mailchimp in the USA. In the case of the USA, the EU Commission has not decided that an adequate level of data protection within the meaning of the GDPR exists; such an adequacy decision (Art. 45 GDPR) has not been taken. However, MailChimp (Intuit) is EU-U.S. Privacy Shield certified. This ensures an adequate protection of your Personal Data. The complete text of the US Privacy Shield Framework can be accessed under the following link: https://www.privacyshield.gov/servlet/servlet.FileDownload?file=015t00000004qAg 

More information about Intuit: https://www.intuit.com/privacy/statement/shield-certification/ 

More information about Mailchimp: https://mailchimp.com/help/mailchimp-intuit-privacy-faq/#Does_Mailchimp_agree_to_the_EU_standard_contractual_clauses_or_the_equivalent_UK_clauses%3F

Links To Other Sites – Including Social Media Links and Event Signups

Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.

Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our site. These websites should have their own privacy policies. We do not control these third-party websites and do not accept any responsibility or liability for their policies whatsoever as we have no control over them. When you leave our website, we encourage you to read the privacy notice of every website you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services. In addition, we transfer your Personal Data only and insofar as there is a legal obligation to do so (legal base: Art. 6 I 1 c) GDPR) (e.g. to the police authorities in the context of criminal investigations or to the data protection supervisory authorities).

Children

This website and other online WiV activities are not intended for children and we do not knowingly collect data relating to children.

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Updates And Changes

We may update these policies to reflect changes to the website or our services and customer feedback as well as adapting changes to laws regarding data privacy.

Please regularly review these policies to be informed of how we are protecting your personal data. If we change our Privacy Policy, we will post the changes on this page. If this at all impacts the overall use of your data we will make effort to contact you directly. 

For events there may be additions to this privacy policy. When signing up for events please remember to consider the privacy policys attached to these events. 

Security

Your data security is very important to us. We have put in place internal secutrity policies to make sure that we do everything we can to keep your data safe.

We make sure that we don’t collect any data that we don’t need and only collect data with your knowledge.

We will take all the steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of your data and other personal information.

The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Your Legal Rights

We want to make sure that you have complete access to the rights that you have under the GDPR.

You have the right to:

• request access to, deletion of or correction of, your personal data held by us at no cost to you;
• request that your personal data be transferred to another person (data portability);
• be informed of what data processing is taking place;
• restrict processing;
• to object to processing of your personal data; and
• complain to a supervisory authority.

If you would like to act on any of the above please contact hello@womeninvoice.org

Please note that we may ask you to verify your identity before responding to such requests.

You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).