PRIVACY POLICY
Introduction
This privacy policy provides information on how My Survival Story Foundation ("MSS") will process your personal data when visiting and/or using our website mysurvivalstory.org or to order products (the "Merchandise"). Our processing of personal data is based on the Swiss Federal Data Protection Act (DPA) and the (EU) General Data Protection Regulation (starting to apply on 25 May 2018), which both aim to protect individuals from violations of their personal privacy in connection with processing of their personal data. MSS is committed to protecting your privacy at all times. Please take the time to read and understand this privacy policy since it is important that you are informed about what personal data we hold about you and in what ways we will process your personal data.
'Personal data' means any information relating to an identified or identifiable natural person where an identifiable natural person is one who can be identified directly or indirectly.
'Processing of personal data' means any operation or set of operations which is performed on personal data, such as collection, recording, organisation, structuring, storage, disclosure or erasure.
Who is responsible for processing your personal data?
My Survival Story Foundation (CHE-158.532.102) is the data controller for your personal data, i.e. determines the purposes and means of the processing of your personal data.
If you have any questions or concerns regarding the processing of your personal data, please contact us by email: info@mysurvivalstory.org, or by post to: My Survival Story, Martin Inderbitzin, Zurlindenstrasse 218, 8003 Zürich, Switzerland.
What personal data is being processed?
We process personal data about the following categories of data subjects: visitors to our website (" Visitors"), subscribers to our newsletter (" Subscribers") and webshop customers ("Customers"). We collect the following categories of personal data:
Visitors: Cookies (please see Clause 8 below).
Customers: Name, shipping and billing address, e-mail address, phone number and credit card details.
Subscribers: The email address at which you would like to receive the newsletter. The time and IP address at which you carried out the registration so that the misuse of the email address of a person affected can subsequently be traced.
Technical information which is important for the presentation (e.g. browser) as well as data to improve the service (e.g. time of access).
Why is the personal data being processed and what is the legal basis?
The purposes for processing Visitor personal data are to analyse our visitors' activity online and to improve our website to create the best visitor experience. The legal basis for processing this personal data is consent.
The purposes for processing Customer personal data are to deliver the ordered product and to send newsletters regarding MSS’ similar products and operations. The legal basis for processing this personal data is performance of contract and for any newsletters, legitimate interest.
The purposes for processing Subscribers data is to be able to deliver newsletters with information about updates and things we deem to be of relevance to the subscriber.
How long will the personal data be KEPT?
Visitor personal data will be kept in browser local storage until user login session is valid (one hour) or until removed through browser settings.
Customer personal data will be kept until the product has been delivered and one year thereafter for newsletter purposes or as long as required by law.
To whom is personal data DISCLOSED?
MSS has website hosting parties and other parties who assist us in operations our website, conducting our business or serving our Customers. (" Service Providers"). Our Service Providers and Partners may be located in countries outside the EU/EEA which do not have an adequacy decision by the Swiss Government or the EU Commission, and the transfers may not be protected by appropriate safeguards. However, we will use our best efforts to protect your personal data at all times, inter alia by entering into confidentiality agreements with all third parties and by ensuring that the third parties have appropriate technical and organisational security measures in place to protect the personal data.
You can subscribe to our newsletter through which we inform you of our latest interesting offerings. The goods and services advertised are specified in the declaration of consent. We use the "Mailchimp" newsletter delivery platform to send our newsletter. Mailchimp is operated by The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA.
We explicitly do not give your email address to any third party. Mailchimp is certified under the "Privacy Shield" US-EU data protection agreement and undertakes to uphold the EU data protection provisions.
Your email address is saved for as long as the subscription to the newsletter is active. The other data gathered as part of your registration are generally deleted within a seven-day period.
You may unsubscribe from the newsletter at any time. This can be carried out using the link provided in each newsletter. This link also enables you to withdraw your consent to saving of the personal data gathered during the registration process.
We also refer you to the refusal options in data gathering for advertising purposes on the websites http:// www.aboutads.info/choices/ and http://www.youronlinechoices.com/ (for the European area).
What are my rights?
As data subject, you have the following rights which you may exercise:
Right to access: Your data is and shall remain easy accessible. You always have the right to access your personal data by logging into your account or by contacting us.
Right to rectification and deletion: At any time, you may amend, update or delete the personal data we hold about you through logging into your account or by contacting us. The deletion right includes a right to be forgotten where we will delete all your personal data without undue delay.
Right to restriction of personal data processing: You may request restriction of our processing of your personal data in accordance with applicable data protection legislation.
Cookies
Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognise your browser and capture and remember certain information. We use cookies, for instance to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. If you do not consent to the use of cookies, some features will be disabled and some of our services will not function properly. However, you would still be able to place orders. Our platform does not use cookies for internal use, however, external tools such as Google Analytics, Facebook, Zendesk, Amplitude and Stripe are using cookies.
Can this policy change?
We may change this privacy policy at any time and from time to time. The most recent version of the privacy policy is reflected by the version date located at the top of this privacy policy. All updates and amendments are effective immediately upon notice, which we may give by any means, including, but not limited to, by posting a revised version of this privacy policy or other notice on the website. We encourage you to review this privacy policy often to stay informed of changes that may affect you.