Privacy Policy
1. Responsible for Data Processing
Responsible in the context of the data protection law:
Stiftung dropforlife
c/o entrepreneurial mindset AG
Räffelstrasse 11
8045 Zürich
Email: admin@dropforlife.org
Website: www.dropforlife.org
If you have any questions, concerns, requests or comments about data protection, please contact us by e-mail or regular mail.
2. General Information and Our Commitment to Data Protection
The following overview informs you about our approach to process personal data information when you visit our website. Personal information is any information that personally identifies you.
It is important for dropforlife that you understand how information about you is used and shared. We appreciate your trust in us that we do this carefully and reasonably. We treat personal data confidentially and in accordance with the data regulations of Switzerland (DSG) and any applicable foreign data protection law, in particular of the EU (DSGVO).
This privacy policy informs you about decisions you can take regarding the approach to your personal data collection and processing.
We would like to emphasize that data transmission over the Internet (e.g. communication by e-mail) can be subject to security gaps. A complete protection of the data against access by third parties is not possible.
3. How We Collect Data
We collect personal data when you voluntarily submit it to us. For example, this may involve data that you enter in a contact or donation form.
Other data is also automatically collected by our IT systems when you visit the website. These are mainly technical data (e.g. Internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our website.
For example, as a donor you can provide us with personal data (such as name, address, e-mail address, telephone numbers and/or credit card information). When a donor or visitor to the Site contacts us by e-mail, they may provide us with their e-mail address and name. This information is necessary in order for us to process your donations or requests.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
4. Using Your Data
Some of the data is collected in order to ensure that the website is free of errors. Other data may be used to analyze your user behavior.
We collect information primarily to receive financial support, make our charitable projects a success, and inform you about our projects and activities. We also use information for analytical purposes (to respond to requests for information and improve our website, support base and reach).
We do not trade, share or sell any information you provide to us with other companies that intend to use it only to market their products or services to you.
5. Newsletter and Electronic Notifications
We send newsletters, e-mails and other electronic notifications (hereinafter referred to as “newsletter”) only with the consent of the recipients or with a legal permission. If the contents of the newsletter are specifically described in the registration, they are decisive for the consent of the user. In addition, our newsletters contain information about our services and us.
In order to subscribe to our newsletters, it is generally sufficient to provide your e-mail address. However, we may ask you to provide a name, for the purpose of a personal address in the newsletter, or other information, if this is necessary for the purposes of the newsletter.
Double opt-in procedure: Registration for our newsletter is always carried out in a so-called double opt-in process. This means that after registration you will receive an e-mail in which you are asked to confirm your registration. This confirmation is necessary so that no one can register with other e-mail addresses. The registrations for the newsletter are logged in order to be able to prove the registration process according to the legal requirements. This includes the storage of the registration and confirmation time as well as the IP address. Changes to your data stored by the shipping service provider are also logged.
Deletion and restriction of data processing: We may store unsubscribed e-mail addresses for up to three years based on our legitimate interests before deleting them in order to be able to prove consent previously given. The processing of this data is limited to the purpose of a possible defense against claims. An individual request for deletion is possible at any time, provided that the former existence of consent is confirmed at the same time. In the event of obligations to permanently observe objections, we reserve the right to store the e-mail address in a block list for this purpose alone (so-called “block list”).
The logging of the registration process takes place on the basis of our legitimate interests for the purpose of proving that it has been carried out properly. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests in an efficient and secure sending system.
Notes on legal basis: The newsletter is sent on the basis of the recipients’ consent or, if consent is not required, on the basis of our legitimate interests in direct marketing, if and to the extent that this is permitted by law, e. g. in the case of existing customer advertising. If we commission a service provider to send e-mails, this is done on the basis of our legitimate interests. The registration process is recorded on the basis of our legitimate interests to prove that it was carried out in accordance with the law.
Content: Information about us, our services, promotions and offers.
Measurement of opening and click-through rates: The newsletters contain a so-called “web beacon”, i. e. a pixel-sized file that is retrieved from our server when the newsletter is opened, or, if we use a shipping service provider, from their server. In the course of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and the time of the retrieval, are initially collected.
This information is used for the technical improvement of our newsletter on the basis of the technical data or the target groups and their reading behavior on the basis of their retrieval locations (which can be determined with the help of the IP address) or the access times. This analysis also includes determining whether the newsletters are opened, when they are opened, and which links are clicked. This information is assigned to the individual newsletter recipients and stored in their profiles until they are deleted. We use the analyses to identify the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
The measurement of open rates and click rates, as well as the storage of the measurement results in the users’ profiles and their further processing, are based on the users’ consent.
A separate revocation of the performance measurement is unfortunately not possible, in this case the entire newsletter subscription must be cancelled, or it must be contradicted. In this case, the stored profile information will be deleted.
Types of data processed: inventory data (e. g. names, addresses), contact data (e. g. e-mail, telephone numbers), meta/communication data (e.g. device information, IP addresses), usage data (e.g. websites visited, interest in content, access times).
Data subjects: Communication partners.
Purposes of processing: direct marketing (e.g., by e-mail or postal mail).
Legal grounds: lawfulness (Art. 6 No. 1 DSG), justification (Art. 13 DSG), consent (Art. 6 para. 1 p. 1 lit. a. DSGVO), legitimate interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).
Possibility of objection / Opt-out: You can cancel the receipt of our newsletter at any time, i. e. revoke your consent or object to further receipt. You will find a link to cancel the newsletter either at the end of each newsletter or you can otherwise use one of the above contact options, preferably e-mail, for this purpose.
Services used and service providers:
Mailchimp: email marketing platform; service provider: “Mailchimp” – Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA; website: https://mailchimp.com; privacy policy: https://mailchimp.com/legal/privacy/; standard contractual clauses as the basis for processing in the USA: https://mailchimp.com/legal/data-processing-addendum/; special security measures: https://mailchimp.com/help/Mailchimp-european-data-transfers/.
6. Cookies
Some of the Internet pages use cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safe. Cookies are small text files that are stored on your computer by your browser.
Most of the cookies we use are “session cookies”. They are automatically deleted at the end of your visit. Other cookies remain stored on your terminal until you delete them. These cookies enable us to recognize your browser during your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, accept cookies for certain cases or generally exclude them and activate the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functionality of this website may be restricted.
7. Your Rights to Your Data
You have the right to receive information about the origin, recipient and purpose of your stored personal data at any time and free of charge. You also have the right to demand that this data be corrected, blocked or deleted. You can contact us at any time via e-mail or postal addresses provided in this policy in case you have any further questions on the subject of data protection. In addition, you have a special right to contact the responsible supervisory authority.
8. Analytical Tools and Advertising, Third-Party Service Providers
Analytical Tools and Tools of Third-Party Service Providers
When you visit our website, your surfing behavior can be evaluated statistically. This is done primarily with cookies and analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You can prevent this analysis by not using certain tools.
Google Analytics
This website uses functions of the web analysis service Google Analytics. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
Google provides a browser plug-in to deactivate Google Analytics https://tools.google.com/dlpage/gaoptout?hl=en.
Google Analytics uses “cookies”. These are small text files that make it possible to store specific user-related information on the user’s terminal device. These cookies enable Google to analyze the use of our website offer. The information collected by the cookie about the use of our pages (including your IP address) is generally transmitted to a Google server in the USA and stored there.
We would like to emphasize that on this website Google Analytics has been extended by the code “gat._anonymizeIp();” in order to guarantee an anonymous recording of IP addresses (IP masking). If anonymization is active, Google shortens IP addresses within member states of the European Union or in other signatory states to the Agreement on the European Economic Area, which means that no conclusions can be drawn about your identity. Only in exceptional cases the full IP address is transmitted to a Google server in the USA and shortened there. Google complies with the privacy provisions of the Privacy Shield Agreement and is registered with the U.S. Department of Commerce’s Privacy Shield program. Google uses the information it collects to evaluate the use of our web sites, compile reports for us about it, and provide other related services to us. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Google.
You can find out more at https://support.google.com/analytics/answer/6004245?hl=en.
This website uses functions of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA . When you access our pages with Facebook plug-ins, a connection is established between your browser and the Facebook servers. Data is already transferred to Facebook. If you have a Facebook account, this data can be linked to it. If you do not wish this data to be assigned to your Facebook account, please log out of Facebook before visiting our page. Interactions, in particular the use of a comment function or clicking on a “Like” or “Share” button, are also passed on to Facebook. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Facebook.
You can find out more at https://www.facebook.com/about/privacy.
This website uses functions of Twitter, Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA. When you access our pages with Twitter plug-ins, a connection is established between your browser and the Twitter servers. Data is already transferred to Twitter. If you have a Twitter account, this data can be linked to it. If you do not wish this data to be assigned to your Twitter account, please log out of Twitter before visiting our site. Interactions, in particular clicking on a “Re-Tweet” button, are also forwarded to Twitter. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Twitter.
You can find out more at https://twitter.com/en/privacy.
Functions of the service Instagram are integrated on our pages. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking the Instagram button. This allows Instagram to associate visiting our pages with your user account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Instagram.
Further information can be found in the Privacy Policy of Instagram.
YouTube
This website uses plugins from the YouTube site operated by Google. The site is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our sites equipped with a YouTube plugin, a connection is established to YouTube’s servers. The Youtube server will be informed about our pages you have visited.
If you are logged in to your YouTube account, you can allow YouTube to directly associate your surfing behavior with your personal profile. You can prevent this by logging out of your YouTube account. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Youtube.
You can find more information about the handling of user data in YouTube’s Privacy Policy: https://policies.google.com/privacy?hl=en&gl=de.
Vimeo
Plugins of the video portal Vimeo operated by Vimeo, LLC, 555 West 18th Street, New York, New York 10011, USA are integrated into our website. Each time you access a page that offers one or more Vimeo video clips, a direct connection is established between your browser and a Vimeo server in the USA. Information about your visit and your IP address is stored there. Through interactions with the Vimeo plugins (e.g. clicking the start button), this information is also transmitted to Vimeo and stored there. The Vimeo Privacy Policy with more information on the collection and use of your data by Vimeo can be found in the Privacy Policy of Vimeo.
If you have a Vimeo user account and do not want Vimeo to collect information about you through this Web site and link it to your Vimeo member information, you must log out of Vimeo before visiting this Web site.
Vimeo also uses an iFrame to view the video and Google Analytics as a tracker. This is Vimeo’s own tracking and we do not have access to it. You can prevent tracking by Google Analytics by using the deactivation tools that Google offers for some Internet browsers. You can also prevent Google from collecting the data generated by Google Analytics and relating to your use of the website (including your IP address) and Google from processing this data by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Vimeo.
Donorbox
Functions of the service Donorbox are integrated on our pages. These functions are offered by Donorbox, a company operated by Rebel Idea-list LLC, 5 3rd St, Suite 900, San Francisco, CA 94103.
If you make a donation on our site, Donorbox acts as a data processor.
For more information on how Donorbox handles user data, please refer to Donorbox’s privacy policy at https://donorbox.org/privacy. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Donorbox.
Stripe
Your donations will be processed through the Stripe payment portal (510 Townsend Street, San Francisco, CA 94103, USA). Stripe processes payments from Visa, Mastercard, Amex, Discover, JCB and Diners Club credit cards and checks the validity of the credit card entered. We, or Donorbox, will share this information with you in accordance with Stripe’s privacy policy, which can be found at https://stripe.com/de-ch/privacy. We would like to point out that, as the provider of the pages, we do not have any knowledge of the content of the transmitted data or its use by Stripe.
External Payment Service Providers
This website uses external payment service providers whose platforms enable users and us to make payment transactions. For example
- Donorbox (https://donorbox.org/privacy)
- Visa https://usa.visa.com/legal/privacy-policy.html
- Mastercard https://www.mastercard.us/en-us/about-mastercard/what-we-do/privacy.html
- American Express https://www.americanexpress.com/us/legal-disclosures/privacy-center.html?inav=footer_privacy_statement
- Discover https://www.discover.com/privacy-statement/credit-cards-privacy-policy.html
- JCB http://www.jcbeurope.eu/privacy/
- Diners Club https://www.dinersclub.com/privacy-policy
- Stripe https://stripe.com/de-ch/privacy
Within the framework of the performance of contracts, we use payment service providers on the basis of the Swiss Data Protection Law and, where necessary, Art. 6 Para. 1 lit. b. EU-DSGVO. In addition, we use external payment service providers on the basis of our legitimate interests pursuant to the Swiss Data Protection Law and, if necessary, pursuant to Art. 6 Para. 1 lit. f. EU-DSGVO in order to offer our users effective and secure payment options.
The data processed by the payment service providers include data such as name and address, bank data such as account numbers or credit card numbers, passwords, TANs and control sums as well as contract, sum and receiver-related data. The information is required to complete the transactions. However, the data entered will only be processed and stored by the payment service providers. As the operator, we do not receive any information about (bank) accounts or credit cards, but only information confirming (accepting) or refusing payment. Under certain circumstances, the data may be transmitted by the payment service provider to credit agencies. The purpose of this transmission is to check identity and creditworthiness. Please refer to the general terms and conditions and data protection information of the payment service providers.
For payment transactions, the terms and conditions and the data protection policies of the respective payment service providers apply, which can be accessed within the respective website or transaction applications. We also refer to these for the purpose of further information and assertion of revocation, information and other affected rights.
9. Additional Information
Links. Our website may contain links to other websites. Please note that if you click on any of these links you will be visiting another website that is governed by that website’s privacy policy.
We may change this Privacy Policy from time to time without notice. The current version published on our website applies.
10. Applicable Law and Place of Jurisdiction
dropforlife is a foundation registered in Switzerland. This privacy policy and the services offered by dropforlife are governed exclusively by Swiss law and, where applicable, by mandatory provisions of foreign law. Any legal disputes between you and dropforlife shall be subject to the exclusive jurisdiction of the courts at dropforlife’s Swiss domicile.
Effective: 26th August 2019
Last Update: 1st June 2021