The International Coalition to Ban Depleted Uranium (ICBUW) is committed to maintaining all personal data of its supporters, suppliers, and associate organisations and individuals working in partnership in a secure manner, in line with current legislation.
It does not apply to pages hosted by other organisations to which we may link and whose privacy policies may differ.
Last revision: 25 May 2018
What data do we collect and how do we use it?
ICBUW collects supporters’ data in order to keep records of campaigning or donating activity and to update followers and supporters with information about our projects and outputs via our newsletter. This includes personal data such as names, addresses, email addresses and phone numbers. Your data is held on either our secure server or encrypted in the cloud. Personal data linked to donations via our website is processed by Paypal (see below), while personal data linked to newsletter subscriptions is held on Mailchimp (see below).
ICBUW does not:
- sell nor buy any marketing lists;
- employ any cold calling techniques asking for donations;
- keep records longer than legally necessary.
Supporters, suppliers, press, funders, interested organisations and associates are strictly only contacted by phone or post if they have requested that we do so.
Financial data security
Online credit or debit card donations are processed through Paypal, via a secure transaction system using encryption. Every transaction is encrypted using SSL advanced encryption technology with an encryption key length of 168 bits (the highest level commercially available) and 3D-Secure secure protocols to verify users’ bank details. You can find more information on how Paypal stores your data here. Paypal’s privacy and data collection policy is available here.
ICBUW does not get access to any personal financial data during transactions: our records are limited to your name, address, email address and Paypal’s unique transaction ID. This data is held by Paypal and on our secure server. Should it ever be necessary to process personal data linked to financial transactions in hardcopy, it will be shredded before disposal.
Mailing list security
The database used for our newsletter is managed using MailChimp and includes an opt-in checkbox that clearly states how your data is being used by ICBUW. MailChimp is a marketing automation service provided by the Rocket Science Group, based in Atlanta, USA. Servers and offices are located in the United States. Although your information may be transferred to, stored, or processed in the United States, MailChimp participates in and is compliant with the EU-U.S. Privacy Shield Framework, which will qualify as one of the available cross-border transfer mechanisms (Art. 46 of the GDPR legislation).
We do not send out random, untargeted emails (spam).
Data collected by bandepleteduranium.org
ICBUW collects data to monitor and analyse traffic on our website and to improve the experience of visitors. The data necessary for this is held for 26 months and is collected by Google Analytics. We collect the bare minimum of data required, for example we do not collect data for advertising or remarketing purposes or share it with Google. Data used simply to track the number of visitors and their locations by Google Analytics does not require the storage of personally identifiable information.
Furthermore, we maintain our own server and monitor its security regularly. The server is installed behind a locked door with access restricted to individuals known to us. The server collects information about the date and time in which our web site was accessed and the internet address of the server from which you linked to our site. This may be linked to personal data you have volunteered to give us.
A cookie is a tiny element of data that our site can send to your browser, which may then be stored on your hard drive. We may sometimes enable "cookies" on our web site to allow users to customise certain options, and to allow us to set the site to reflect your previous choices on the site. If we do this you will not see any less of the site than anyone else visiting the site, we will just make areas that reflect your previous choices more prominent. You may set your web browser to notify you when you receive a cookie. Our cookies are only seen by our server.
We us social plugins and show links to social networking applications like Facebook, Twitter, Youtube or Vimeo. These social plugins may send personal data to the US-based providers. We do not take responsibility for the content and data protection of linked websites.
Action in case of data security breach
Personal data breaches are defined as where:
- data is lost, destroyed, corrupted or disclosed;
- data is accessed by an unauthorised person, or passed on without proper authorisation;
- data is made unavailable and this unavailability has a significant negative effect on individuals.
In case of a security breach, ICBUW is committed to following the procedure described in the GDPR legislation, namely documenting all breaches, notifying the Information Commissioner’s Office of a breach within 72 hours of becoming aware of it, and notifying and advising affected individuals in compliance with relevant legislation.
Supporters can opt in or out of ICBUW mailing lists and can unsubscribe themselves from mailing lists at any time by clicking on the unsubscribe link on our newsletter or on emails.
- replying to an email we’ve sent you;
- emailing us at firstname.lastname@example.org;
- writing to ICBUW, Marienstraße 19-20, 10117 Berlin, Germany.