When processing personal data, we attach great importance to protecting your private sphere and ensuring that your data are secure. This data protection policy tells you about the data we process, why we need them, and how you can lodge an objection to the processing of your data.
We collect, process and store personal data (including IP addresses) only as permitted by law or if you have given your consent, for example when registering for an event or a service.
The personal data we collect are limited to information regarding our relationship with you. This includes contact information, such as name, telephone number, address or email address, as well as information relating to projects and events or to your use of our website. Information that cannot be linked to your identity (e.g. statistical information, such as the number of users of our online services) is not considered to be personal data.
In general, we collect personal data in the following cases: when you apply for a grant from our foundation; when you visit our website; when you communicate with us directly; when you register for our newsletter or an event; when you participate in a survey; when you provide personal data for other purposes; or when you apply for a job with us. In all cases, we process your data only for a specific purpose, and that purpose is known to you.
As a matter of principle, we pass your personal data on to third parties only if we are authorized by law to do so or if you have given your consent. This is the case, for example, when we conduct external project evaluations in agreement with you. Further information on this topic can be found in the relevant grant agreement. When data are transmitted abroad, we comply with the relevant legal provisions (guaranteeing appropriate protection).
External service providers that process data on our behalf are contractually obliged to comply fully with the Federal Act on Data Protection. We make sure that such external service providers are capable of safeguarding data. Our prior consent is required before they are permitted to transfer responsibility for processing personal data to a third party.
We retain your data as long as necessary for our business relationship with you, or as long as we have a legitimate interest in continuing to store the information. We delete your personal data in all other cases, except when continued storage is required under the law (for example, we are legally obligated to retain documents such as contracts and invoices for a period of 10 years).
In general, you may visit our website without providing personal information. When you visit the site, our servers make a temporary record of each access in a log file. The following technical data are collected and stored until they are automatically deleted after no more than seven months:
By collecting and processing these data, we promote system security and stability, allow for error and performance analysis, and serve internal statistical needs. This also enables us to optimize our online services. In addition, IP addresses are used to preset the website language. Finally, we insert cookies and use cookie-based applications and tools when users access our website. More detailed information can be found in the next section.
Cookies are small text files that are placed on your computer when you visit our website. When you return to the website, your browser transmits the information contained in the cookies back to us, and this allows the system to recognize your terminal device. With the help of cookies, we are able to optimize our website and facilitate its use.
We need statistical information about the use of our online services (in particular our website and newsletter) to make them more user-friendly, measure their range and conduct market research. We use web analytics tools for this purpose, specifically Google Analytics or social media pixel. The user profiles we create using these tools and cookies are not linked to personal data. The tools do not use visitors’ IP addresses, or they abbreviate them immediately after the information is collected.
In addition to the data listed above (see “What data are processed when you use our websites?”), we gather the following information:
This information is used to analyze website use. If you want to deactivate Google Analytics, you will find the necessary browser add-on at http://tools.google.com/dlpage/gaoptout?hl=de. As explained in the previous section, you can avoid the creation of a user profile by deactivating the use of all cookies.
Our website contains plugins and links to several social networks (Facebook, Twitter, LinkedIn, Google+, Xing etc.). The links are marked with the logos of the providers. Clicking on a link takes you to the relevant social media platform, where this data protection policy does not apply. The provisions that apply there can be found in the data protection policy posted on the respective provider’s website.
Personal information is not transmitted to the social media provider until you click on a link or plugin. By accessing the linked site, you are allowing the provider to process your data. We have no influence over such data processing, nor do we have information about the extent of data collection, the purposes for which the data are processed, or the retention period. We have no information about the deletion of data by the plugin provider
You can subscribe to newsletters through our online services. We use the so-called “double opt-in” method; this means that if you want to receive our email newsletter, you must confirm your request by clicking on a link in a message. If you subsequently decide that you no longer want to receive our newsletter, you can cancel your subscription at any time, effective going forward, by revoking your consent. This can be done by clicking on a link in the email newsletter. Alternatively, you can contact us using the information in the Contact section.
You have the following rights:
You may do so via letter or email. See Contact section.
We use appropriate technical and organizational security measures to protect stored personal data against manipulation, partial or total loss, and unauthorized access by third parties. Our security measures are continually upgraded as technology advances.
We reserve the right to amend or supplement this policy at any time, as we see fit and in accordance with data protection law. Please consult this policy on a regular basis.
If you have questions about your rights concerning your personal data or related issues, please contact:
Head of Operations
Post Office Box
Tel. +41 (0)44 388 61 23
Theory of Change