At the EDMILSON Foundation we are committed to the protection of your personal data.
We care about your privacy and we think it is important that you always know what information we obtain about you in the context of your use of the EDMILSON Foundation’s website (available at EDMILSON.org/en) (the "Website") and what that information is used for.
Personal data is all information relating to an identified or an identifiable natural person. A person is identified when the identity of a specific person can be deduced from the information itself. A person is identifiable when we can make a connection to a specific person using information available to us.
If you do not agree with our policies and practices, we ask you to not visit our Website.
Who We Are
We are the EDMILSON Foundation, a private foundation registered in Singapore (registration number: 202133018R) ("EDMILSON" "we" or "us").
We are the provider of the Website and the organization responsible for the personal data collected about you as part of your use of the Website within the meaning of applicable data protection and privacy laws.
EDMILSON’s regional subsidiaries are the following:
- EDMILSON Funds Brazil
- registered charity in Brazil
(registration number 07.783.192/0004-41)
- EDMILSON Funds Asia
- registered charity in Singapor
(registration number 202133018R)
- EDMILSON Funds Japan
- registered charity in Japan
(registration number 0104-05-020212)
- Singapore Personal Data Protection Act 2012, its regulations and subsidiary legislation;
- Japan Data Protection Laws and Regulations 2020, its regulations and subsidiary legislation; and
- Brazilian General Data Protection Act 2018, its regulations and subsidiary legislation
only and does not consider the data protection obligations required by any other data protection regimes.
When Do We Collect Personal Data About You?
We collect personal data about you:
- When you give it to us directly
- You may give your personal data to us when you donate, sign up to one of our newsletters, sign up to an event, communicate with us, volunteer for us or join one of our student associations, each through the use of our Websites.
- When you give it to us indirectly
- We may obtain your personal data via a fundraising organization or platform (third parties such as GlobalGiving) if you have given them your consent to do so. The terms on which these third parties share your personal data are set out in their privacy policies and we recommend that you review their privacy notices to understand how they process your personal data.
- When you access EDMILSON’s social media
- We might also obtain your personal data through your interaction with us through social media such as Facebook, Instagram, Line, WhatsApp, Twitter, LinkedIn, depending on your privacy settings on these platforms, for example when you send a message to one of EDMILSON’s official accounts.
Cookies on our Website
We use "cookies" (access data files) on our Website which save certain personal information in order to provide a specialized service that is customized and personalized, as well as for analytics and tracking purposes. Cookies are small pieces of data (text files) that are sent by the website server to the user's browser or app and saved on the user's computer and other devices. With respect to its operation, our cookies distinguish between the users' computer or mobile phones but do not differentiate the individual users.
You have a right to choose whether the cookies are installed or not. You may choose to refuse all cookies, confirm each time a cookie is saved, or permit all cookies by going to [Tools] > [Internet Option] > [Security] > [Custom Setting], or by using the Settings or Options function on mobile devices. If you reject cookies or delete our cookies, you may still use our Website, but you may have reduced functionality.
We use the following cookies on the Website:
|Name||Type of Cookie||Purpose||Cookie Duration|
|Google Analytics||Analytical / performance||Analyse website performance||90 days|
|Google Form||Enquiry||Obtain the detail of enquiry||90 days|
What Personal Data We Collect
The personal data we collect about you differs depending on the kind of interaction you have with EDMILSON when you use our Website:
If you contact EDMILSON through the "Contact Us" page, we may collect:
- Phone number
If you donate or start a fundraiser, we may also collect:
- Your Donation history
- Where you heard of EDMILSON
- Reason why you decided to donate
- The cause you wish to donate to
- Your payment method
- Your bank details
- Taxpayer status for claiming Gift Aid
EDMILSON does not store your credit card or similar information. This information is stored by the payment gateway that we use to process your donation.
If you start a fundraiser, in addition to the above, you may provide a report on your campaign, insights on fundraising methods, or the type of network you have used. This information will be used exclusively to inform and improve our marketing and fundraising strategies.
Why We Collect Your Personal Data
EDMILSON uses your personal data for the following purposes:
- Administrative reasons
- To improve our communication with you, ensuring our messages are relevant to you.
- To process your donations and acknowledge them with a thank you message.
- To keep a record of the communication we have with donors, supporters and beneficiaries.
- Understand how we can improve our services and information.
- To contact you for reasons related to the administration of your donation.
- Marketing and Fundraising reasons
- To send you updates, marketing and fundraising communications.
- To understand how we can improve our outreach to new donors and supporters.
- To analyze our fundraising activities.
- To identify where our users are located and to understand the demographic information of our traffic.
- To update you on EDMILSON’s activities globally and how your contribution has been used.
- To contact you in case of an emergency fundraising.
- Research reasons
- To invite you to participate in surveys about us or our activities.
- To analyze your interface experience to improve our websites and provide you with a more user-friendly experience.
Who Has Access To Your Personal Data And Who We Share It With
In general, your personal data is processed exclusively by us.
We might share your information with third-party providers that are contracted to deliver a specific service on our behalf (including IT service providers, email service providers, or professional training providers). These providers will only act upon the instructions we have given them in accordance with appropriate data processing agreements (or similar protections) and will not share the information with other parties. Third-party services ensure the effective delivery of our activities and the efficient execution of our projects and Website. Under no circumstances will EDMILSON share your personal data with third parties for their marketing purposes. The information you have given us will not result in marketing communication from any external party. We will never sell your personal information.
Your personal data will be shared with members of the EDMILSON group of charities to help us centralize data storage, coordinate global marketing and fundraising strategies, and to better implement our projects and activities.
In case of a request from a government body such as a data protection regulatory authority or other regulatory authorities having jurisdiction over our activities, we might have to comply with data sharing requests and disclose your personal information.
We may also disclose your personal data to professional advisors (such as legal advisors and accountants) or auditors for the purpose of providing professional services to us.
How We Keep Your Personal Data Safe
We have established physical, organizational and technical measures to ensure your data is secured and protected and data transmission encrypted. This process is regularly monitored and tested to ensure that no data is lost or misappropriated.
Any donation submitted by credit card is processed by our payment processing provider, which complies with security payment regulations in Japan or Singapore is routinely reviewed.
We take appropriate security measures which are designed to prevent any misuse of the data that you provide to us, including:
- Organisational controls on who within the EDMILSON Foundation can access your personal data, including training our staff and implementing procedures around data handling.
- Our cloud services are certified protected and are only accessible by designated staff with designated hardware.
We take all necessary steps to protect your personal data.
How Long Your Is Personal Data Stored For?
EDMILSON stores your personal data for as long as this is considered necessary. However, we do our best to delete personal data that is no longer needed about inactive users. If you would like us to know what personal data we have which relates to you, and would like to request its deletion,
please write to us at firstname.lastname@example.org
Our Legal Basis For Processing Personal Information
We process your personal data on the basis of the following four grounds:
- you have given consent to the processing of your personal data for one or more specific purposes. In order for this consent to be valid it has to be given freely (without putting you under any type of pressure), you have to know what you are consenting to so we’ll make sure we give you enough information, you should only be asked to consent to one thing at a time and you need to take a positive and affirmative action in giving us your consent;
- the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. For example, we need to collect and store your email address in order to provide you with our newsletter if you have requested it;
- the processing is necessary for compliance with a legal obligation to which the controller is subject;
- processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
EDMILSON’s "legitimate interest" includes actions that are directed to the fulfillment of our mission and vision or are necessary to effectively deliver our communication to stakeholders and supporters.
When acting on the basis of our legitimate interest, we will always take into account what impact our action might have on you. We don’t think that any of the activities set out above will prejudice you in any way. However, you do have the right to object to us processing your personal data on this basis and we have set out details on how you can do this in "Your Rights" section.
You have various rights in relation to the personal data which we hold about you as described below.
To get in touch with us about any of your rights under applicable data protection laws, please use the contact details set out below. We will seek to deal with your request without undue delay, and in any event within any time limits provided for in applicable data protection law (subject to any extensions to which we are lawfully entitled). Please note that we may keep a record of your communications to help us resolve any issues which you raise.
- Right to object
This right enables you to object to us processing your personal data where we do so for one of the following reasons:
- because it is in our legitimate interests to do so (for further information please see the section on our legal bases for processing above);
- to enable us to perform a task in the public interest or exercise official authority;
- to send you direct marketing materials; or
- for scientific, historical, research, or statistical purposes.
- Right to withdraw consent
- If we obtain your consent to process your personal data for any activities, you may withdraw this consent at any time and we will cease to use your data for that purpose unless we consider that there is an alternative legal basis to justify our continued processing of your data for this purpose, in which case we will inform you of this condition. You can withdraw your consent by contacting us directly on the details given above, or, if provided by us in the context of your involvement with us, via a website link or unsubscribe link on emails or other marketing messages.
- Right to access a copy of your data
- You may ask us for a copy of the information we hold about you at any time, and request us to modify, update or delete such information. If we provide you with access to the information we hold about you, we will not charge you for this unless permitted by law. If you request further copies of this information from us, we may charge you a reasonable administrative cost. Where we are legally permitted to do so, we may refuse your request. If we refuse your request we will always tell you the reasons for doing so.
- Right to erasure
You have the right to request that we "erase" your personal data in certain circumstances. Normally, this right exists where:
- The data are no longer necessary;
- You have withdrawn your consent to us using your data, and there is no other valid reason for us to continue;
- The data has been processed unlawfully;
- It is necessary for the data to be erased in order for us to comply with our obligations under law; or
- You object to the processing and we are unable to demonstrate overriding legitimate grounds for our continued processing.
If you have unsubscribed from our communication, we might keep your basic information such as name and email address to ensure that no communication is sent to you in the future.
- Right to restrict processing
- You have the right to request that we restrict our processing of your personal data in certain circumstances, for example if you dispute the accuracy of the personal data that we hold about you or you object to our processing of your personal data for our legitimate interests. If we have shared your personal data with third parties, we will notify them about the restricted processing unless this is impossible or involves disproportionate effort. We will, of course, notify you before lifting any restriction on processing your personal data.
- Right to rectification
- You have the right to request that we rectify any inaccurate or incomplete personal data that we hold about you. If we have shared this personal data with third parties, we will notify them about the rectification unless this is impossible or involves disproportionate effort. You may also request details of the third parties that we have disclosed the inaccurate or incomplete personal data to. Where we think that it is reasonable for us not to comply with your request, we will explain our reasons for this decision.
- Right of data portability
- If you wish, you have the right to transfer your personal data between service providers. In effect, this means that you are able to transfer the details we hold on you to another third party. To allow you to do so, we will provide you with your data in a commonly used machine-readable format so that you can transfer the data. Alternatively, we may directly transfer the data for you.
- Right to complain
- You also have the right to complain to your applicable data protection authority. Contact details for data protection authorities in Singapore is the Personal Data Protection Commission. Contact details are available at: https://www.pdpc.gov.sg/Contact-Us
Contact Us About Your Privacy
You have the right to access your data, edit it, and delete it. You also have the right to withdraw your consent to process your data.
To do so, please contact us at email@example.com
TEL: (+65) 6395 6940
Last update: 1st Oct 2021