Earthbanc AB, a company incorporated in Sweden whose registered office is at Kruthornsvägen 56, 192 32 Stockholm, is committed to protecting your privacy. We act as data controller according to applicable data protection laws. At all times we aim to respect any personal information you share with us, or that we receive from other organizations, and keep it safe.
Earthbanc collects and uses personal data on a strictly legal basis. In most cases the basis is that you have given us permission to hold and use your data. We use the data to keep you informed of our work - we aim to send you the information that you have told us that you would like. This statement summarises the key points about how Earthbanc collects and uses personal data and how we ensure compliance with the relevant laws and regulations, including the new General Data Protection Regulation (GDPR).
We use up-to-date procedures to keep personal data as safe and secure as possible and to protect against unauthorised access, disclosure or loss. Where data is transferred electronically by Earthbanc we will do our best to keep the data secure and try to prevent unauthorised access. Earthbanc will not lease, distribute or sell personal information to third parties other than distribution to other Earthbanc branches for administration purposes, unless required by law. Responsibilities
Earthbanc AB is the data controller of the personal data we process and therefore is responsible for ensuring its systems, processes, suppliers and its employees comply with data protection laws in relation to the information it handles.
Any individuals involved in the management and administration of Earthbanc must abide by this policy when handling personal data and must ensure they are fully informed as to the relevant data protection requirements.
Personal Data collected
The personal information we collect may include: your name, your email address(es), your telephone number(s), your address, your family members (if you wish us to show you as one & household), your donations (if any).
We do not collect or store any sensitive personal data (for example, religion or ethnicity). We assume that any information you supply to us is accurate and up-to-date, and that you will inform us if any such information requires removal or updating.
How we use your personal information
Earthbanc collects personal data in order to communicate with those who wish to receive communications, to attend events and/or to support us financially. We will never process your personal data for any purpose other than for the communications you have chosen to receive. However, please note that we retain the right to contact you on an individual basis where there is a legitimate reason for doing so.
We collect Device Information using the following technologies:
- “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. You can find more information about cookies and how to disable them here. - “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps. - “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
HOW WE USE YOUR PERSONAL INFORMATION
When you make a donation or purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, and email address.
We save this information in order to have a record of who has made donations or purchases, to aggregate total donations per person, and so that we can send out receipts as needed.
We will never trade, share, or sell your personal data with anyone, it will only be used within the organization and its parent or associated companies relevant to Earthbanc. Should we become aware of any kind of breach in our data systems where your personal information may be compromised, we will immediately notify you.
When you browse our site, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
We also use the Device Information mentioned above to help us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the the success of our marketing and advertising campaigns).
We also use Google Analytics to help us understand how our donors use the Site. You can read more about how Google uses your Personal Information here. You can also opt-out of Google Analytics here.
Additionally, we may use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page here. You can opt-out of some of these services by visiting the Digital Advertising Alliance’s opt- out portal here.
When visiting our site, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. You can object to this analysis.
You may ask us to verify, update and delete the information Earthbanc holds by contacting us. We will act upon your request in a timely manner (not more than 40 days).
When you provide us with personal information to complete a donation or transaction, sign up for our newsletter, sign up to become a business partner or tree ambassador, or join our network of planting partners, your information will be stored in our email platform so that we can send you project updates, news, or other messages via email. When you take certain actions, such as submitting your first donation as a new business partner, you will be tagged in our system to receive some automated communications based on those actions. This helps ensure that you get only the most appropriate emails, and that we can properly categorize individuals to receive content relevant to you.
Our emails are generally sparse and we take care not to bombard you with too much information or marketing. You can unsubscribe at any time at the bottom of any email, or simply contact us at email@example.com in order to be removed from these lists.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards. Where a Data Subject is located in the European Economic Area, that Data Subject’s Personal Data may be processed by Shopify’s Irish affiliate, Shopify International Ltd. As part of providing the Services, this Personal Data may be transferred to other regions, including to Canada and the United States. Such transfers will be completed in compliance with relevant Data Protection Legislation. We will always hold your information securely. To prevent unauthorized disclosure or access to your information, we have implemented strong physical and electronic security safeguards. Any personal information we hold about you is stored and processed under our data protection policy, in line with the Data Protection Act 1998 and related legislation. We also follow stringent procedures to ensure that any work that involves processing personal data is carried out in line with the Act.
We also have in place robust procedures for notifying the authorities, and you, in the unlikely event of a data breach.
When you provide us with personal information to make a donation or complete a transaction, verify your credit card, or use a web form to receive information, we imply that you consent to our collecting it and using it for that specific reason. If you would like to withdraw your consent or request that we delete your personal information at any time, you may contact us at firstname.lastname@example.org to let us know. If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States for processing. When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
REQUEST PERSONAL DATA You can request your personal data by filling this form. Contact form
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission. We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1)(a) DSGVO. You may revoke your consent at any time. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed. We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
If you would like to receive a newsletter, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not pass it on to third parties. We will, therefore, process any data you enter onto the contact form only with your consent per Art. 6 (1) (a) DSGVO. You can revoke consent to the storage of your data and email address as well as their use for sending the newsletter at any time, e.g. through the unsubscribe link in the newsletter. The data processed before we receive your request may still be legally processed. The data provided when registering for the newsletter will be used to distribute the newsletter until you cancel your subscription when said data will be deleted. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
The site provider automatically collects and stores information that your browser automatically transmits to us in server log files. These are browser type and browser version, operating system used, referrer URL, host name of the accessing computer, Time of the server request and IP address. These data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (b) DSGVO, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service. We will never disclose your personal information publicly.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service. If using Stripe payment, it adheres to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard etc.
This site uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that allow an analysis of the use of the site by you. The information generated by the cookie about your use of this site is usually transmitted to a Google server in the USA and stored there. Google Analytics cookies are stored based on Art. 6 (1) (f) DSGVO. The site operator has a legitimate interest in analyzing user behavior to optimize its site. We have activated the IP anonymization feature on this site. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases is the full IP address sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this site to evaluate your use of the site, to compile reports on site activity, and to provide other services regarding site activity and Internet usage for the site operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this site. You can also prevent the data generated by cookies about your use of the site (incl. your IP address) from being passed to Google, and the processing of these data by Google,
by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. You can prevent the collection of your data by Google Analytics by clicking on this link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site: Disable Google Analytics
Google Web Fonts
links: https://www.google.com/intl/de/policies/privacy/ and https://www.google.com/recaptcha/int ro/android.html
Facebook plugins (Like & Share buttons)
Our pages use Google+ functions. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Collection and disclosure of information: Using the Google +1 button allows you to publish information worldwide. By means of the Google+ button, you and other users can receive custom content from Google and our partners. Google stores both the fact that you have +1'd a piece of content and information about the page you were viewing when you clicked +1. Your +1 can be displayed together with your profile name and photo in Google services, for example in search results or in your Google profile, or in other places on sites and advertisements on the Internet. Google records information about your +1 activities to improve Google services for you and others. To use the Google + button, you need a globally visible, public Google profile that must contain at least the name chosen for the profile. This name is used by all Google services. In some cases, this name may also replace a different name that you have used to share content via your Google account. The identity of your Google profile can be shown to users who know your email address or other information that can identify you.
Use of collected data: In addition to the uses mentioned above, the information you provide is used in accordance with the applicable Google data protection policies. Google may publish summary statistics about users' +1 activity or share it with users and partners, such as publishers, advertisers, or affiliate sites.
Our site uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you're logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our site appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy. Vimeo Our site uses features provided by the Vimeo video portal. This service is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you visit one of our pages featuring a Vimeo plugin, a connection to the Vimeo servers is established. Here the Vimeo server is informed about which of our pages you have visited. In addition, Vimeo will receive your IP address. This also applies if you are not logged in to Vimeo when
AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
QUESTIONS AND CONTACT INFORMATION
It's important to us at Earthbanc to hear what users have to say about our services, and our policies. If you as site user have any questions, concerns, or complaints, or want to let us know what you think about any of our on-line products and services, you can contact us through e-mail at: email@example.com. If you would like to access, correct, amend, or delete any personal information we have about you, register a complaint, or simply want more information, contact our Privacy Compliance Officer: firstname.lastname@example.org