The Global White Lion Protection Trust understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, www.whitelions.org (“Our Site”) and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
1. Definitions and Interpretation
In this Policy the following terms shall have the following meanings:
“Account” means an account required to access and/or use certain areas and features of our Site;
“Cookie” means a small text file placed on your computer or device by our Site when you visit certain parts of our Site and/or when you use certain features of our Site. Details of the Cookies used by our Site are set out in Part 14, below; and
“Cookie Law” means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;
2. Information About Us
Our Site is owned and operated by The Global White Lion Protection Trust. A registered charity in South with registered charirty numbers:- IT 8575/02; 048-299 NPO; 930019129 PBO
Registered and Operating Address: Tsau! Conservancy, Guernsey 81 KU, Portion 21, Greater Timbavati, South Africa
Email address: firstname.lastname@example.org
Telephone number: +27 15 793 0657
Postal Address: PO Box 858, Hoedspruit, Limpopo Province, South Africa, 1380
3. What Does This Policy Cover?
4. What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
5. How do we collect your Personal Data?
We obtain information about you in the following ways:
- Information you give us directly
For example, we may request/obtain information about you when you visit the Heartlands, attend or take part in one of our events, make a donation, apply to volunteer with us, purchase products and services or when you register to receive our email newsletters.
- Information you give us indirectly
Your information may be shared with us by third parties, which might include: Subcontractors acting on our behalf who provide us with technical, payment or delivery services, our partners, website analytics providers and search information providers.
- When you visit this website
We automatically collect the following information:
- Technical information, your IP address, the browser and operating system being used to connect to the internet, and the type of device you’re using. We will use this information to improve your experience on our Site.
- Information about your visit to our website, for example we collect information about pages you visit and how you navigate the website, i.e. length of visits to certain pages, products and services you viewed and any referral sources (e.g. external links that brought you to our website).
We collect and use your personal information by using cookies on our website – more information on cookies can be found under Part 14.
- Social Media
When you interact with us on social media platforms such as Facebook and Twitter we may obtain information about you. The information we receive will depend on the privacy preferences you have set on each of the social media platforms.
6. What Are My Rights?
As a global leadership organisation we have chosen to follow the Privacy Regulations as stipulated by the European GDPR legislation, you have the following rights, which we will always work to uphold:
b) The right to access the personal data we hold about you. Part 13 will tell you how to do this.
c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 15 to find out more.
d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have. Please contact us using the details in Part 15 to find out more.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us using your personal data for a particular purpose or purposes. If you want to exercise any of the above rights, please email us at email@example.com.
g) The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 15.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
7. What Data Do We Collect?
- Email address;
- Telephone number;
- Information about your preferences and interests;
- IP address;
- Web browser type and version;
- Operating system;
- A list of URLs starting with a referring site, your activity on our Site, and the site you exit to;
- Any other personal information you choose to share with us, when you for example, leave a comment on our website.
8. How do you use my Personal Data?
Under the EU GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. Your personal data may be used for one of the following purposes:
- Providing and managing your access to our Site;
- Personalising and tailoring your experience on our Site;
- Supplying our services to you. Your personal details are required in order for us to enter into a contract with you.
- Personalising and tailoring our services for you.
- Keeping a record of your relationship with us;
- Communicating with you. This may include responding to an enquiry, emails or calls from you.
- Sending you communications by email or post which you have requested or have opted-in to and that may be of interest to you. These may include information about campaigns, fundraising appeals and activities such as competitions and promotions of goods and services. You may unsubscribe or opt-out at any time by emailing firstname.lastname@example.org.
- Conducting analysis and market research for your input of feedback so we can understand how we can improve our services, products or information;
- Checking for updated contact details against third party sources so we can stay in touch if you move;
- Analysing your use of our Site and gathering feedback to enable us to continually improve our Site and your user experience
Fundraising and Marketing Communications
We may use your contact details to provide you with information about the vital work we do, our fundraising appeals and opportunities to support us, as well as the products and services you can buy, if we think it may be of interest to you. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.
We will only send you marketing and fundraising communications by email, if you have explicitly provided your prior consent. You may opt out of our marketing communications at any time by emailing email@example.com or clicking the ‘unsubscribe’ link at the end of our marketing emails.
9. How long will you keep my Personal Data?
We will not keep your personal data for any longer than is necessary for the purpose(s) for which it was first collected. We will review your data periodically and then;
- consider the purpose or purposes we hold the information in deciding whether (and for how long) to retain it;
- securely delete information that is no longer needed for this purpose or these purposes; and
- update, archive or securely delete information if it goes out of date.
10. How and where do you store or transfer my Personal Data?
We will only store or transfer your personal data on fully secured servers. This means that it will be fully protected under the EU GDPR.
11. Do you share my Personal Data?
We will not share any of your personal data with any third parties for any purposes, subject to one important exception.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
12. How can I control my Personal Data?
In addition to your rights under the GDPR, set out in Part 5, when you submit personal data via our Site, you may be given options to restrict our use of your personal data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of providing your details and by managing your Account).
When you give us personal information, we take steps to ensure that appropriate technical and organisational controls are in place to protect it.
Any sensitive information (such as credit or debit card details) is encrypted and protected with 128 Bit encryption on SSL. When you are on a secure page, a lock icon will appear on the web browsers.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
13. How can I access my Personal Data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 15. Please also send a description of the information you want to see and proof of your identity.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 7 days and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
15. How Do I Contact You?
To contact us about anything to do with your personal data and data protection, please use the following details:-
Email address: firstname.lastname@example.org.
Telephone number: +27 15 793 0657
Postal Address: PO Box 858, Hoedspruit, Limpopo Province, South Africa, 1380.
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
This policy was last updated in June 2018.