Which personal data do we keep and why?
At Backup Uganda we only collect data that are reasonable or necessary to achieve the goal of interaction with the organization. This only includes basic personal information. We only keep your personal data when you have shared these with us yourself. For example, this happens when you sign up for our newsletter through the website. We also receive and keep your data when you make a donation to us, directly to our bank account or through GlobalGiving. If you make an anonymous donation through GlobalGiving, of course we will not receive and keep your personal data. In addition, our website does not collect any data from visitors through cookies.
When you subscribe to our newsletter, we save your name (if you filled it out) and your email address, so we can share our newsletter with you every month. When you make a donation to us on our bank account, we save – if possible – your name and email address, so we can send you a message to thank you. We also use these data to keep you updated on possible new campaigns. When you set up an ANBI agreement with us, we keep this written agreement for administrative purposes. When you donate through GlobalGiving, your data (name and email address) are saved for one extra purpose: to send you a quarterly update on the project you donated to.
Of course you are always welcome to request us to share with you your personal data, to adjust them, to stop using them and/or to no longer keep them. The simplest way to do this is by sending an email to firstname.lastname@example.org. Please keep in mind that we need at least your email address to share the newsletter with you. If you no longer want to receive it, you can unsubscribe through the link at the bottom of the newsletter in your inbox.
Who are keeping and protecting your data?
All personal data that we keep are only accessible for the Treasurer to our Board and partly for the Uganda Country Director. They are responsible for protecting these data on the computers and external storage devices that they use. At the moment, we do not have a specific officer responsible for data protection within the organization. Backup Uganda is still a relatively small organization, which means this is not yet necessary and possible.
How do you know which data we keep?
This privacy statement is available for everyone on our website. This way, you can find out exactly which personal data we keep and how we handle these. When you subscribe for our monthly newsletter, you will automatically receive a confirmation email with a link to this privacy statement. We also send you an email with a link to this statement when you make a donation to a bank account – provided we have received your email address. When you make a donation through GlobalGiving, this platform also receives and saves your personal data. If you want to know how they use and protect your data, you can take a look at their website.
How do we save and protect your data?
When we save your personal data, we intend to do this in the safest way possible. That is why we only save your data in encrypted files that are not accessible for anyone who is unauthorized to do this. We also make sure that we keep these files on encrypted external storage devices, just in case something happens to our computers. We do not store any data on servers other than our own computers. We choose our passwords with care and change them regularly.
Since we use MailChimp and GlobalGiving, we are not always the only ones who save your data when you are having an interaction with us. MailChimp and GlobalGiving have their own privacy policies that you can access on their websites. In addition, we have signed a data processing agreement with MailChimp, which states exactly who is responsible for what. Know that your data are not just there to be found by anyone; they are always stored within a safe online environment. Your data are not used by other third parties.
Generally, we do not print the documents that contain your personal data. If we do need a printed version, we make sure we keep these in files that are only accessible to the authorized team members. Since ANBI agreements are processed through hard copy documents, we save the related forms in files that are only accessible to the Treasurer of our Board.
We keep your data as long as necessary to continue a specific interaction with us. When this interaction ends, we will keep your data for a maximum of 5 years, unless you request us to remove these earlier.
Of course we are doing the best we can to prevent data breaches – like we mentioned, by encrypting files with personal data. In the unfortunate event of a data breach that includes the likelihood of unauthorized individuals being able to access personal data, we will report this to the Dutch Data Protection Authority within 72 hours. We will also inform all individuals who are possibly involved.
If you are not happy with the way we handle your personal data, we would love to hear this immediately through email@example.com. In addition, you have the right to file a complaint with any authority that is authorized to receive complaints like this. The Dutch Data Protection Authority is an example.