2. INFORMATION WE COLLECT
Personal Data is information that directly or indirectly identifies you, such as your name, email address, date of birth and telephone number.
Other Information is information that, by itself does not individually identify you, such as browser type, operating system, the webpages you viewed and how long you viewed them.
Vortex-projects generally does not treat Other Information as Personal Data unless required by applicable law. If Vortex-projects links together different types of Other Information or links Other Information to Personal Data, Vortex-projects treats the linked information as Personal Data when it directly or indirectly identifies you or another person.
3. HOW WE COLLECT INFORMATION
You may choose not to provide Vortex-projects with your Personal Data. If you choose not to provide your Personal Data, you may not be able to enjoy the full range of the Services.
Vortex-projects collects information:
When you register for the Services: When you register for the Services, we collect Personal Data, including your name, email address, mobile telephone number, date of birth and password. If you are a member of Vortex-projects, we also collect your Member ID, which may be Personal Data under certain laws.
When you use the Services: We collect information about the Services that you use and how you use them. We may also ask for information, some of which is Personal Data, so that we may keep you informed about Vortex-projects, provide you with information on upcoming events in your area or inform you of opportunities to support Vortex-projects’s mission.
We provide areas in the Services where registered users can post information (such as Connections, Activities and Badges), submit reviews, communicate with other users or upload content (such as photographs) (collectively, your “Submissions”). If you choose to submit a Submission, your Submission may appear on other websites or when searches are executed on the subject of your Submission. When you voluntarily disclose Personal Data in your Submissions, others can collect and use your Personal Data. For example, if you post your email address, you may receive unsolicited messages. We encourage you to exercise caution because we cannot control what other users may do with the information in your Submissions. Please see the Terms of Service for additional terms that apply to your Submissions.
From Your Device: We collect information about your computer, tablet or mobile telephone (“Device”), such as model, operating system version, mobile network information, telephone number, internet service provider and similar identifiers. Vortex-projects may associate your Device information with your Vortex-projects account. We may collect and store information (including your Personal Data) on your Device through browser web and web application data caches.
We also may collect your geolocation information (“Location Data”) from your wireless carrier, through a wearable or other device you have connected (for example, wirelessly) to our Services, and/or directly from the Device on which you use our Services.
If you are accessing the Services through the MyLion App, how Vortex-projects collects Location Data will differ depending on your Device’s operating system. We do not collect Location Data unless you have “allowed” its collection in your Device’s operating system settings. If you decline to allow Location Data collection in the app, we will not collect your Location Data unless you manually enter it.
Vortex-projects may collect information from sensors that provide Vortex-projects with information on nearby devices, including Bluetooth address, Wi-Fi access points, and information made available by you or others that indicates your current or prior location.
Through Server Logs: A server log is a list of the activities that a server performs. Vortex-projects’s servers automatically collect and store in server logs your search queries, hardware settings, browser type, browser language, the date and time of your request and referral URL and certain cookies that identify your browser or Vortex-projects account. Sone of this information is collected through Data Collection Technology.
4. DATA COLLECTION TECHNOLOGY
Data Collection Technology collects all sorts of information, such as how long you engage with the Services, the content you view, your search queries, error and performance reports, as well as Device identifier or IP address, browser type, time zone and language settings and operating system.
Data Collection Technology deployed through the Services includes cookies.
Cookies: Cookies are small text files that are sent to or accessed from your web browser or your computer’s hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier. A cookie also may contain information about your Device, such as user settings, browsing history and activities conducted while using the Services.
The Services use the following cookies:
Vortex-projects also uses analytics services, such as Google Analytics, to collect information. Generally, analytics services do not identify individual users. Many analytics services allow you to opt out of data collection.
How Vortex-projects Uses Data Collection Technology: Some Data Collection Technology is deployed by Vortex-projects when you visit the Services. Other Data Collection Technology is deployed by third parties with which Vortex-projects partners to deliver the Services.
Data Collection Technology helps us improve your experience of the Services by compiling statistics about use of the Services and helping us analyze technical and navigational information about the Services.
We also may use Data Collection Technology to collect information from the Device that you use to access the Services, such as your operating system type, browser type, domain and other system settings, as well as the language your system uses and the country and time zone in which your Device is located.
Do Not Track: Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, many website operators, including Vortex-projects, do not respond to DNT signals.
5. HOW WE PROCESS PERSONAL DATA
Vortex-projects processes Personal Data:
Vortex-projects processes Other Information:
6. HOW WE SHARE INFORMATION
We may share your Personal Data collected via the Services as follows:
Vortex-projects may aggregate information collected though the Services and remove identifiers so that the information no longer identifies or can be used to identify an individual (“Anonymized Information”). Vortex-projects shares Anonymized Information with third parties and does not limit third parties' use of the Anonymized Information because it is no longer Personal Data.
7. CHILDREN’S PRIVACY
The Services are not directed to or intended for use by children under the age of 13 (“Minors”). Consistent with the requirements of applicable law, if we learn that we have received any information directly from a Minor without his or her parent’s verified consent, we will use that information only to respond directly to that Minor (or his or her parent or legal guardian) to inform the Minor that he or she cannot use the Services and subsequently will delete that information.
Children below the age of 16: For children under the age of 16 to use the Services consent must be provided by the holder of parental responsibility over the child. We shall make reasonable efforts to verify in such cases that consent is given by the holder of parental responsibility over the child.
8. SECURITY OF YOUR PERSONAL DATA
Vortex-projects takes precautions intended to help protect information that we process but no system or electronic data transmission is completely secure. Any transmission of your Personal Data is at your own risk and we expect that you will use appropriate security measures to protect your Personal Data.
You are responsible for maintaining the security of your account credentials for the Services. Vortex-projects will treat access to the Services through your account credentials as authorized by you. Unauthorized access to password-protected or secure areas is prohibited and may lead to criminal prosecution. We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below.
If we become aware of a breach that affects the security of your Personal Data, we will provide you with notice as required by applicable law. To the extent permitted by applicable law, Vortex-projects will provide any such notice that Vortex-projects must provide to you at your account’s email address. By using the Services, you agree to accept notice electronically.
9. RETENTION OF YOUR PERSONAL DATA
Vortex-projects retains Personal Data in identifiable form only for as long as necessary to fulfill the purposes for which the Personal Data was provided to Vortex-projects or, if longer, to (i) comply with law legal obligations, (ii) detect and prevent fraud, (iii) resolve disputes, (iv) enforce agreements, (v) take actions we deem necessary to protect the integrity of the Service or our users, and (vi) similar essential legal purposes.
10. YOUR CHOICES ABOUT YOUR PERSONAL DATA
Your Privacy Preferences. When you register for the Services, you consent to receive email messages from us. You may modify this consent later by visiting your account settings. You also may opt out of receiving marketing emails by clicking the opt-out request in each marketing email. (It may take up to 10 days for us to process an opt-out request.) You may not opt out of transactional emails, such as service announcements, administrative notices and surveys.
Vortex-projects also may deliver notifications to your Device. You can disable some of these notifications through your Device’s operating system, through your account settings or by disabling the applicable Service.
Changing information in your account or otherwise opting out of promotional email communications will only affect future activities or communications from Vortex-projects. If Vortex-projects already provided your information to a third party (such as a service provider) before you have changed your account settings or updated your information, you may have to change your preferences directly with that third party.
Your Right to Review Your Personal Data: If you would like to review the Personal Data that Vortex-projects maintains about you, please contact us in writing using the contact information below. If you are a registered user, you can review certain Personal Data that you provided to Vortex-projects by logging in to your account. If you are not a registered user, Vortex-projects may take reasonable steps to verify your identity before providing access to Personal Data. Inquiries to review personal data can be sent to Vortex-projects by email at firstname.lastname@example.org.
Your Right to Correct or Delete Your Personal Data: The easiest way to correct or delete certain Personal Data that you have provided to the Services is to log in to your account and enter the necessary changes to your user profile. If you have additional questions regarding the correction or deletion of your Personal Data, please contact Vortex-projects at email@example.com.
Vortex-projects will review your request but may not be able to grant access to or change or delete certain of your Personal Data. We will respond to your requests within the time allowed by all applicable data protection laws and will make every effort to respond as accurately and completely as possible. If Vortex-projects cannot provide access or correct or delete your Personal Data, then Vortex-projects will notify you within 30 days.
11. ONWARD TRANSFER AND CONSENT TO INTERNATIONAL PROCESSING
If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your Personal Data by Vortex-projects from your region to countries in which privacy laws might not provide the same level of protection. By providing your Personal Data, you consent to any transfer and processing in accordance with this Policy.
12. COMPLAINTS ABOUT HOW Vortex-projects PROCESSES YOUR PERSONAL DATA
If you have any complaints regarding how Vortex-projects processes your Personal Data, please contact Vortex-projects at firstname.lastname@example.org with a detailed description of the complaint. Vortex-projects responds to complaints as soon as practicable, and in any event, within the time limits prescribed by law.
14. APPLICABLE LAW
HOW TO CONTACT US
If you have any questions, comments, or concerns about how we handle your Personal Data, then please contact us as follows:
15. EU Privacy Notice
For residents of the European Union (EU) and European Economic Area (EEA) whose information has been knowingly collected by Vortex-projects, the following information applies to you:
If you are an EU or EEA resident and Vortex-projects knowingly collects your personal information (also called 'personal data'), we will do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) ('GDPR') and EU member state national laws that implement or regulate the collection, processing and privacy of your personal data (together, 'EU Data Protection Law').
This Privacy Notice also provides information on your legal rights under EU Data Protection Law and how you can exercise them.
When personal data is collected
When you register for the Services, join a Lions club or make a donation, we collect Personal Data, including your name, email address, mobile telephone number, date of birth and password. If you are a member of Vortex-projects, we also collect your Member ID, which may be Personal Data under certain laws.
Because of the global nature of our organization and its structure of clubs, districts and multiple districts, Vortex-projects may hold and process personal data that is collected from clubs, districts and partner organizations around the world, including within the EU/EEA.
This also means that if you are a member or individual contact of this network resident in the EU/EEA, your personal data may be transferred from the EU/EEA to Vortex-projects headquarters in the United States.
BE data privacy laws are currently not considered to meet the same legal standards of protection for personal data as set out under EU Data Protection Law. However, in order to safeguard personal data received from the EU/EEA, we only allow such a transfer of personal data to BE or other third countries under an approved contract or another appropriate mechanism which is legally authorized under EU Data Protection Law.
This is to make sure that the personal data that Vortex-projects receives and processes (so far as it relates to residents of the EU/EEA) is properly safeguarded in accordance with similar legal standards of privacy you would enjoy under EU Data Protection Law.
The lawful grounds on which we collect and process personal data
We process your personal data for the above purposes, relying on one or more of the following lawful grounds under EU Data Protection Law:
(a) where you have freely provided your specific, informed and unambiguous consent for Vortex-projects to process your personal data for particular purposes:
(b) where we agree to provide services to you as a member of a Lions club, donor or other lawful purpose, in order to set up and perform our contractual obligations to you and/or enforce our rights:
(c) where we need to process and use your personal data in connection with our legitimate interests as a global network and being able to effectively manage and operate our organization in a consistent manner across all territories. We will always seek to pursue these legitimate interests in a way that does not unduly infringe on your legal rights and freedoms and, in particular, your right to privacy: and/or
(d) where we need to comply with a legal obligation or for the purpose of us being able to establish, exercise or defend legal claims.
Please also note that some of the personal data we may unintentionally receive and may include what is known as 'sensitive' or 'special category' personal data about you, for example, information regarding your ethnic origin or political, philosophical and religious beliefs. This is not the type of data that Vortex-projects or chartered Lions clubs would routinely collect, but if we process such sensitive or special category data we will only do this in specific situations where:
(a) you have provided this with your explicit consent for us to use it: or,
(b) there is a legal obligation on us to process such data in accordance with EU Data Protection Law
(c) it is needed to protect your vital interests (or those of someone else) such as in a medical emergency: or,
(d) where you have clearly chosen to publicize such information: or,
(e) where needed in connection with a legal claim that we have or may be subject to.
If Vortex-projects provides direct marketing communications to individuals in the EU/EEA regarding services and/or events which may be of interest, this will be done in accordance with EU Data Protection Law, and in particular where we contact individuals for direct marketing purposes by SMS, email, fax, social media and/or any other electronic communication channels, this will only be with the individual's explicit consent or in relation to similar services to services that the individual has purchased (or made direct enquiries about purchasing) from Vortex-projects before.
Individuals are also free to object or withdraw consent to receive direct marketing from us at any time, by contacting us at email@example.com or by selecting “unsubscribe” at the bottom of any marketing email received.
Disclosing vour personal data to third parties
We may disclose your personal data to certain third party organizations who are processing data solely in accordance with our instructions (called 'data processors') such as companies and/or organizations that support our business and operations (for example providers of web or database hosting, IT support, payment providers, event organizers, agencies we use to conduct fraud checks or mail management service providers) as well as professionals we use such as lawyers, insurers, auditors or accountants. We only use those data processors who can guarantee to us that adequate safeguards are put in place by them to protect the personal data they process on our behalf.
We may also disclose your personal data to third parties who make their own determination as to how they process your personal data and for what purpose(s) (called “data controllers”). The external third party data controllers identified above may handle your personal data in accordance with their own chosen procedures and you should check the relevant privacy policies of these companies or organizations to understand how they may use your personal data.
Other than as described above, we will treat your personal data as private and will not routinely disclose it to third parties without you knowing about it. The exceptions are in relation to legal proceedings or where we are legally required to do so and cannot tell you (such as a criminal investigation). We always aim to ensure that your personal data is only used by third parties we deal with for lawful purposes and who observe the principles of EU Data Protection Law.
Your personal data rights
In accordance with your legal rights under EU Data Protection Law, you have a 'subject access request' right under which can request information about the personal data that we hold about you, what we use that personal data for and who it may be disclosed to as well as certain other information.
Usually we will have one month to respond to a subject access request. However, we reserve the right to verify your identity and we may, in case of complex requests, require a further two months to respond. We may also charge for administrative time in dealing with any manifestly unreasonable or excessive requests. We may also require further information to locate the specific information you seek and certain legal exemptions under EU Data Protection Law may apply when responding to your subject access request.
Under EU Data Protection Law. EU/EEA residents also have the following rights, which can be enforced by making a request in writing:
(a) that we correct personal data that we hold about you which is inaccurate or incomplete:
(b) that we erase your personal data without undue delay if we no longer need to hold or process it:
(c) to object to any automated processing (if applicable) that we carry out in relation to your personal data. for example if we conduct any automated credit scoring:
(d) to object to our use of your personal data for direct marketing:
(e) to object and/or to restrict the use of your personal data for purpose other than those set out above unless we have a compelling legitimate reason: or
(f) that we transfer personal data to another party where the personal data has been collected with your consent or is being used to perform contract with you and is being processed by automated means.
So we can fully comply, please note that these requests may also be forwarded on to third party data processors who are involved in the processing of your personal data on our behalf.
If you would like to exercise any of the rights set out above, please contact us at the address below.
If you make a request and are not satisfied with our response, or believe that we are illegally processing your personal data, you have the right to complain to the Office of the Information Commissioner in the United Kingdom.
How long we retain your personal data
Vortex-projects retains personal data identifying you for as long as necessary in the circumstances - for instance, as long you are a member of a club or have a relationship with our network: for a reasonable period to send you marketing where we have regular contact with you, or as may be needed to enforce or defend contract claims or as is required by applicable law.
Vortex-projects retains Personal Data in identifiable form only for as long as necessary to fulfill the purposes for which the Personal Data was provided to Vortex-projects or, if longer, to (i) comply with law legal obligations, (ii) detect and prevent fraud, (iii) resolve disputes, (iv) enforce agreements, (v) take actions we deem necessary to protect the integrity of the Service or our users, and (vi) similar essential legal purposes. This criteria takes in to consideration the reasonable expectations of those whose personal data we collect in these circumstances, taking into account various legislative requirements and guidance issued by relevant EU regulatory authorities.
In accordance with the above retention policy, the personal data that we no longer need will be disposed of and/or anonymized so you can no longer be identified from it.
If you have any questions about Vortex-projects’s privacy protection practices or believe we have not adhered to this Policy, please contact us at firstname.lastname@example.org.