―Privacy Policy
Ashoka spain privacy policy
Effective: June 10, 2020
1. INTRODUCTION
This privacy policy (the "Privacy Policy") describes how Ashoka España ("Ashoka", "our ", "we" or other related variations) collects, uses, stores, shares and protects your personal information ("Personal Data") arising from your use of the Ashoka website, including any sub-domains thereof, as well as any other website through which Ashoka offers its services (collectively, the "Website").
Please read this Privacy Policy carefully to understand your rights in relation to your Personal Data and how we will collect, use, treat and process your Personal Data. If you do not agree with this Privacy Policy in whole or in part, you should not access our Website. This Privacy Policy is effective from the "Effective Date" posted at the top of this page, and is subject to change as set forth below in the section "Changes to the Ashoka Privacy Policy".
2. DATA CONTROLLER
DATA CONTROLLER
Pursuant to the General Data Protection Regulation (the "GDPR"), the Data Controllers are Fundación Ashoka Emprendedores Sociales (Registered Number 28 / 1923 G83698084) and Ashoka: Innovators for the Public (1700 North Moore Street, Suite 2000, Arlington, Virginia, 22209) who assume joint responsibility as joint data controllers.
We use your Personal Data only in accordance with the principles set out in this Privacy Policy and in accordance with applicable laws in force at any given time regarding data protection.
To ensure that your personal data is protected and that its export complies with European data protection laws, Fundación Ashoka Emprendedores Sociales (Ashoka España) and Ashoka: Innovators for the Public (Ashoka Global) signed on May 25, 2018, a "Data Export Agreement" that covers the following points:
Obligations of the data exporter
Obligations of the data importer
Applicable law
Termination
Data processing principles
Categories of data
Purposes of the transfer(s)
The Data Export Agreement is a confidential document of which we have prepared a summary where you can read the most important points. To read the summary of the "Data Export Agreement" click on the link below:
COLLECTED DATA
Data you provide voluntarily.
3. COLLECTED DATA
Data you provide voluntarily.
We will collect the Personal Data provided by the users who request information, contract our services or in any other way contact us through the various web forms on our Website, or who contact us by e-mail or telephone. This includes, i.e., the Personal Data you provide to register, make a donation, contact us, request news and updates, apply for a job through the Ashoka employment board, or perform other transactions through the Website.
Through these web forms, e-mail or telephone contact, we will request the data necessary to provide the requested service or, where appropriate, manage your query.
Profile information: name, surname and e-mail.
You may also provide us with personal data relating to other persons, for instance, to appoint a candidate. As part of this process, you will be required to provide us with third party personal data, such as their name, contact information, location, company, position and other related information. You are responsible for having informed and obtained their consent, or where appropriate the consent of their legal guardians, so that we use this data for the purposes described in this Privacy Policy, and for the provision of our services. Ashoka may ask the user for proof of consent given by these third parties at any time.
Data we collect automatically when you use our Website.
When you use our Website, we automatically collect Personal Data about your use of the Website. This information is necessary for the proper compliance with this Privacy Policy and the Terms of Services entered into between you and us, for the fulfilment of our legal obligations and our legitimate interest in providing and improving the performance and security of our Website.
Cookies and Other Similar Technologies: we use cookies and other similar technologies when you use our Website. We may collect information by automated means using technologies such as cookies, web beacons, pixels, browser analysis tools or server logs. Cookies are designed to collect and store small pieces of information about your Website activity and browsing and are generally used to enable a range of functionality including session management, media playback and Website performance monitoring. For more information about the operation and purpose of the cookies we use, please read our Cookie Policy.
Categories of collected Personal Data: The cookies collected on our websites are organized into four categories (strictly necessary, statistics, marketing and unclassified) and three types (HTTP Cookie, Pixel Tracker and HTML local storage).
PERSONAL DATA PROCESSING PURPOSES
Ashoka uses your Personal Data in accordance with this Privacy Policy to provide, develop and improve the supply of services offered to our users through the Website. The precise way in which we will use your Personal Data will ultimately depend on the use and configuration of the Website by each user.
The purposes will be as follows, based on the resources you use:
Process the registration of users on the Website.
Process donations.
Provide information requested about our organization and respond to inquiries made through the Website, via telephone or email, regarding the services and activities offered on the Website.
Evaluate candidates.
Process answers to the query you submit.
Improve the Website: to ensure that the content of the Website is presented in the most effective manner for you and your device, to administer the Website and for internal operations including troubleshooting, data analysis, testing, research, statistics and surveys, or to keep our Website safe and secure.
Furthermore, by accepting this Privacy Policy, you acknowledge that we may use your Personal Data to send you information that we believe will be relevant to you, including newsletters and marketing data. You may withdraw this consent at any time by using the links provided to "unsubscribe" or by contacting us at privacy@ashoka.org.
4. LEGAL BASIS FOR THE PROCESSING OF YOUR PERSONAL DATA
The legal basis for the processing of personal data is the consent of the users by accepting this Privacy Policy at the time of the data collection and registration in the Website. This includes the provision of the services or information requested by the user in each case and the legitimate interest of Ashoka in improving its services and sending information about products and services similar to those provided to the user.
5. HOW WE SHARE YOUR PERSONAL INFORMATION
We may share your Personal Data with our partners, affiliates, consultants and suppliers. Our agreements with these entities require that they keep your Personal Data confidential and only use your Personal Data to the extent necessary to perform their functions and not for any other purpose. In addition, we engage other companies and individuals (collectively "Service Providers") to perform functions on our behalf, as described below:
Accelevents and Stripe: we use these Service Providers to process credit card transactions securely. For more information about Accelevents’ and Stripe's privacy practices, please refer to Accelevents Privacy Policy and Stripe Privacy Policy.
Google Analytics: We use it to collect standard Internet log files as well as to analyse details of users' usage patterns on the Website. For example, we use it to identify the number of users who visit various parts of the Website. This information is only processed in a manner that does not identify anyone. We do not and will not allow Google to make any attempt to discover the identities of those who visit our Website. For more information about Google Analytics privacy practices, see the Google Analytics Privacy Policy.
Form Assembly: We use it to process form data submitted securely through the Website. For more information about Form Assembly's privacy practices, please see Form Assembly Privacy Policy.
Salesforce: We use it to administer the identifying information used to facilitate our communications, register donations and process designations. For more information about Salesforce's privacy practices, please see Salesforce Privacy Policy.
DotMailer: We use it to deliver our e-mail communications. We collect statistics on email openness and clicks using standard and marketplace technologies to help us monitor and improve our communications. For more information about DotMailer's privacy practices, please see DotMailer Privacy Policy.
Amazon Web Services: we use it to host our Website. We collect standard Internet log files to enable us to troubleshoot the Website's infrastructure. For more information about the privacy practices of Amazon Web Services, see Amazon Web Services Privacy Policy.
Cloudflare: we use it to protect our Website and improve its performance. For more information about Cloudflare's privacy practices, please see Cloudflare Privacy Policy.
We will take appropriate steps to ensure that these Service Providers maintain the confidentiality of your Personal Data and only use your Personal Data to the extent necessary for the performance of their functions and for no other purpose.
Donations made to Ashoka on the Website are processed through a third party payment system. The party providing the payment services and its affiliated bank will retain detailed credit/debit card details when it deems it necessary to process payment for the donation you make. The processor will retain your credit/debit card details for future transactions only with your authorization. If you later decide that you do not want this information to be stored, you can contact us at [privacy@ashoka.org] and we will coordinate with the processor to delete this information.
For users who submit Personal Data as part of a job application through our Website, we will share your Personal Data with staff responsible for hiring new employees, in order to identify you as a candidate.
6. INTERNATIONAL TRANSFERS
Ashoka operates worldwide and your Personal Data will be transferred to Service Providers located in jurisdictions other than your jurisdiction of residence, specifically the United States, in order to provide you with the services you request. We share your Personal Data with our Service Providers so that they can provide you with services on our behalf. We require our Service Providers to take appropriate technical and organizational measures in accordance with applicable and current data protection legislation to prevent your Personal Data from being lost, stolen or used, accessed or modified without authorization.
When we transfer Personal Data to the United States or any other country outside the European Economic Area, we ensure that adequate safeguards are in place in accordance with the GDPR.
Namely, data transfers to such Service Providers are made under the EU-US Privacy Shield agreement. You can find a list of companies adhering to the EU-US Privacy Shield agreement as well as further information on this subject at the following link: https://www.privacyshield.gov/list
We will also share your information with the competent supervisory authorities, public authorities or other organizations if there is a legal requirement to do so or if we believe, in good faith, that such use is reasonably necessary to:
Fulfil a legal obligation, judicial process or request.
Enforce our Terms of Service, and other agreements, including investigation of any actual or potential violations of such agreements.
Detect, prevent or address security, fraud or technical issues on the Website.
Protect our rights, property or safety, or those of our users, a third party or the public as required or permitted by applicable law (including exchanging information with other companies and organizations for the purpose of fraud protection and credit risk reduction).
We will also disclose your data to third parties:
If we sell or buy a business or asset, in which case we will disclose your data to the prospective seller or buyer of such business or asset.
If our company or, substantially all of our assets, are acquired by a third party, in which case the assets transferred will include information we have about you.
Ashoka will comply with the corresponding applicable laws regarding your Personal Data and, in any case, will endeavour its best efforts to guarantee the confidentiality and security of your Personal Data.
7. HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We will retain your Personal Data for as long as it is necessary to provide the services and fulfil the purposes described in this Privacy Policy. If the user has registered on our Website or has given its consent to any specific request, for as long as the relationship between Ashoka and the user is in effect and the user does not express its opposition to the processing of its Personal Data.
In any case, once the contractual relationship has ended, we will keep your Personal Data as long as it is necessary to respond to possible responsibilities arising from the provision of our services. This will be in order to maintain the security of the Website, to defend or present legal claims, and to avoid cases of fraud or abuse or that is legally required in any other way.
8. MINORS
Our Services are not intended for children under the age of 18, and we do not knowingly collect Personal Data from minors. If we become aware that we have unknowingly collected Personal Data from persons under the age of 18, we will make all reasonable attempts to delete such information from our database. If you become aware that we have unknowingly collected Personal Information from persons under the age of 18, please contact us immediately at privacy@ashoka.org.
9. SECURITY
The security of your Personal Data is important to us. We take appropriate technical and organizational measures to ensure the confidentiality of your Personal Data in compliance with applicable law in force at all times regarding data protection and prevent them from being lost, stolen or used, accessed or modified without your authorization.
We encrypt the information sent and presented by the Website with Transport Layer Security (TLS) technology. By encrypting this data, TLS attempts to prevent someone from reading it while it is being transferred over the Internet. Unfortunately, data transfer via the Internet or e-mail is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your information transmitted through our Website or by e-mail; any transmission is at your own risk.
10. YOUR RIGHTS
In accordance with the applicable legislation, we inform you that users have the right to enforce at all times pursuant to the current legislation, their rights of access, rectification or deletion of data, to request that processing be limited, to oppose it, to request the portability of your data, as well as to withdraw any consent given.
Data access. Users may access their Personal Data at any time and request information regarding the processing of their data.
Data rectification. Users will have the right to rectify Personal Data that is inaccurate or incomplete.
Data deletion. Users may request the deletion of their Personal Data when, among other reasons, the data is no longer necessary for the purposes for which it was collected.
Limitation of data processing. Users shall have the right to request the limitation of the processing of their Personal Data when legally established.
Objection. Users may object to the processing of their Personal Data for direct marketing purposes, or when legally established.
Data portability. Users shall have the right to receive their Personal Data in a structured, commonly used and machine-readable format, and to transmit it to another data controller.
Right to withdraw consent. When Moove Cars has obtained your consent to process your Personal Data, you may withdraw your consent at any time.
You may enforce these rights by contacting us at privacy@ashoka.org, expressly indicating the right you wish to enforce by submitting a National Identity Document or similar document proving your identity along with your request. We may refuse your request to rectify or delete your Personal Data when its retention is necessary, i.e., regarding a legal dispute or as required by applicable law.
At any time, you have the right to object to our processing of your Personal Data for the purpose of sending advertisements, including when we create profiles for such purposes, and we will stop processing your Personal Data for this purpose.
11. COMPLAINTS
Please note that you may file a complaint with the competent supervisory authority where you believe we have violated data protection laws. However, without prejudice to your right to make such a complaint, should you wish to make a complaint to the competent supervisory authority about how we process your Personal Data, please contact us first at privacy@ashoka.org and we will endeavour to deal with your request as soon as possible.
12. CHANGES TO THE PRIVACY POLICY
Whenever there is a change in the Privacy Policy that is legally necessary, registered users will be notified of such changes. We will also post the new policy on our Website and update the "Effective Date" at the top of this page, so please review it frequently. Your continued use of the Website following the posting of changes to this Privacy Policy will mean you accept those changes, unless otherwise required by local law.
13. CONTACT
If you have any questions, concerns or complaints about our use of your Personal Data or if you wish to request access for the rectification or deletion of your Personal Data, please send your inquiry to:
Fundación Ashoka Emprendedores Sociales Calle de Méndez Álvaro, 9
28045, Madrid