Overview
This Website Privacy Policy (hereinafter referred to as the “Policy”)
describes how the Foundation in support of WHO (hereinafter referred to
as the “Foundation”) as data controller, collects, manages,
uses and protects your Personal Data received in compliance with applicable
privacy laws and regulations, including the EU General Data Protection
Regulation and the Swiss Federal Act on Data Protection. The regulations
cover all aspects of Personal Data and the obligations on the Foundation
to clearly identify what Personal Data the Foundation has, where it is
obtained, why the Foundation has it, how the Foundation may use it, how
your Personal Data is stored and with whom it may be shared and under what
circumstances. By visiting our website, you agree to the collection and
use of information in accordance with this Policy.
Personal Data types and sources of Personal Data
In essence, “Personal Data” is any information relating
to an identifiable individual or from which an individual can be identified.
The Foundation may collect your Personal Data that is limited to the kind
of information that is necessary as part of the Foundation activities such
as for example but not exclusively:
− when visiting our website, your Device’s Internet Protocol
address (e.g. IP address), browser type, browser version, the pages of
our Service that you visit, the time and date of your visit, the time spent
on those pages, unique device identifiers and other diagnostic data;
− when you access our website by or through a mobile device, the
type of mobile device you use, your mobile device unique ID, the IP address
of your mobile device, your mobile operating system, the type of mobile
Internet browser you use, unique device identifiers and other diagnostic
data;
− any Personal Data you provided voluntarily or upon request to
the Foundation in the course of visiting the “contact” and
“donate”, sections of our website, including, but not limited
to, your name, email address and any other Personal Data requested by the
Foundation such as date and place of birth, nationality, postal address,
phone number, relevant charitable foundation or private office contact
details, newsletter format preference, preference for vacancy alerts necessary
to issue a tax exempt receipt or for any other purpose.
We use third-party services for example for payment processing. We have
no access to your credit card data. That information is provided directly
to our third-party payment processors whose use of your personal information
is governed by their Privacy Policy. If you have any questions, do not
hesitate to check and read their Data Privacy Policy directly on their
website.
Personal Data of third parties
If you provide Personal Data to the Foundation about someone else, you
must ensure that you are entitled to disclose that Personal Data to the
Foundation and that the Foundation can legally process such Personal Data
without having to take any further steps.
Cookies
We may use cookies and similar tracking technologies to track the activity
on our website and store certain information. Tracking technologies used
are beacons, tags, and scripts to collect and track information and to
improve and analyze our website.
You can instruct your browser to refuse all cookies or to indicate when
a Cookie is being sent. However, refusing a cookie may in some cases preclude
you from using, or negatively affect the display or function of, the website
or certain areas or features of the website.
Use of Google Analytics
Our website uses Google Analytics, a web analytics service provided by
Google Inc., a third party located in the USA. Google Analytics employs
cookies that are stored to your computer in order to facilitate an analysis
of your use of the site. The information generated by these cookies, such
as time, place and frequency of your visits to our site, including your
IP address, is normally transmitted to us and Google and stored at Google’s
location. Google uses this information to analyze your use of our site,
to compile reports for us on internet activity and to provide other services
relating to our website.
We have activated IP anonymisation on this website. In doing so, Google
abbreviates and thereby anonymizes your IP address. Google Analytics also
offers a deactivation add-on for most current browsers that provides you
with more control over the collection of the data generated by the cookie
with regard to their use of our website (including your IP address) for
Google and the processing of these data by Google.
Purpose of the processing of Personal Data
The Foundation processes Personal Data in the conduct of its activities
as a foundation as described in its Statutes and for the achievement of
its statutory purpose or the performance of a contract.
Safeguards of Personal Data
Your Personal Data is stored on a Foundation server in Switzerland.
Personal Data held by the Foundation is kept on hard copy files and in
password protected electronic files and record systems. Access at the Foundation
is restricted to a “need-to-know” basis and for the above
mentioned purposes exclusively. The concerned Foundation’s staff
have been made aware of the importance of Personal Data and the Foundation’s
obligations under relevant data protection legislation. These obligations
mean that Personal Data is always securely processed and transmitted, protected
against unlawful processing and accidental loss and uncontrolled change,
amongst other requirements.
Personal Data sharing
Unless disclosure of your Personal Data is required by applicable law
or a competent authority, your Personal Data is held in confidence and
is never provided to any third party outside of the Foundation.
Should the Foundation provide a third party with any of your Personal
Data, the Foundation will conclude written agreements with any such third
party imposing data protection obligations in order to ensure an adequate
level of protection for your Personal Data and compliance with the legal
requirements.
Personal Data transfers outside the EU
This section shall apply to any Personal Data collected by the Foundation
from EU and Swiss residents.
If the Foundation transfers your Personal Data to a State which is not
a Member State of either the European Union or the EEA, or deemed adequate
by the European Commission and/or the Swiss Federal Data Protection and
Information Commissioner, for example to Members of the Foundation Board
located in such State, the Foundation will only conduct such transfer if
there are suitable safeguards in place, such as binding corporate rules,
standard contractual clauses, approved Codes of Conduct, or approved certification
mechanism.
Retention period of Personal Data
As an organisation operating and governed by Swiss Law, the Foundation
is obliged to keep a record of all operational relevant information for
a period of ten (10) years. The Foundation will therefore keep your Personal
Data for a period of ten (10) years from the time your Personal Data is
no longer useful for the performance of its activities, subject to any
potential proceedings, requests or investigations that may extend beyond
that period. The Foundation will however process your Personal Data exclusively
for the abovementioned purposes.
Personal Data owner’s rights and preferences
In addition to the right to be informed about the Personal Data the Foundation
holds and the use the Foundation makes of it (as described in this Policy)
you are also entitled to:
● access your Personal Data;
● rectify inaccurate or incomplete Personal Data;
● request deletion of your Personal Data (subject to the below
mentioned limitation);
● restrict processing of your Personal Data (subject to the below
mentioned limitations);
● obtain and reuse your Personal Data;
● object to particular processing(s) of your Personal Data subject
to the below mentioned limitations).
For further information on these rights, please contact us (see contact
details below).
Please note that your objection or restriction to the processing of your
Personal Data could prevent the Foundation from performing the actions
necessary to achieve the purposes set out above. Please also note that
the above rights can be limited. For example, the Foundation may need your
Personal Data to comply with the law (e.g. see the “Retention period
of Personal Data” section above) or assert or defend against legal
claims. The Foundation may therefore be able to continue processing your
Personal Data even after you have requested, for example, the deletion
of your Personal Data, to the extent required or permitted by law.
Changes to this Policy
We may update our Policy from time to time. We will notify you of any
changes by posting the new Policy on this page. Questions, concerns or
complaints.
If you have any questions, concerns, or complaints about the Foundation’s
Personal Data practices or this Policy, we encourage you to get in touch
with the Foundation by using the contact information below. Also, if you
believe you have suffered harm due to a breach of your rights by the Foundation
under this Policy, and the Foundation has not handled your complaint in
a reasonably sufficient manner, any EU resident may also file a complaint
with the competent supervisory authority.
Contact information:
Benoît Merkt
Route de Chêne 30,
c/o Benoît Merkt,
Lenz & Staehelin avocats,
1208 Genève
+41 (0)22 450 70 00