Author: Frank Dengler
Last updated: 4th May 2018
Die Ofenmacher e.V. is a non-profit organisation which has the goal of replacing open cooking fires in developing countries with stoves. In the scope of our work we collect data from members, donors and other people, clubs, foundations companies and authorities for the purposes of communication and completion of financial transactions. Data which allow conclusions to be drawn about the owner of the data whether a real or a legal person are called personal data.
This data-protection declaration gives information on which personal data are recorded; how they are collected, stored and processed and what we do to protect the data.
We commit ourselves to only use and store personal data as required for the functioning of our organisation. We do not provide personal data to third parties.
Both we and law-makers routinely update data-protection rules. Therefore we reserve the right to update this data-protection declaration from time to time, always in line with the relevant data-protection laws.
If you have questions which are not answered by this document please use our contact form or write us an e-mail to firstname.lastname@example.org.
According to the German law (Datenschutz-Grundverordnung) you have the right to information about, corrections to and deletion of your stored data. We will keep you informed at all times which data we have stored about you. You can request information via our contact form or by e-mail to email@example.com.
Which Data Do We Collect?
For the purpose of communication (newsletters, letters written information, internal notifications, confirmations of donations) we store your address data:
- Name, forename, middle-name, title
- Street, postcode, city / town, telephone-number, E-mail
For members who have approved use of direct debit we store the IBAN and BIC of the relevant bank account.
When we receive donations we store the date, the sum and the stipulation of the donation and assign it to a donor. If you donate via the online form of HelpMundo by SEPA-debit, we store your bank data until completion of the transfer of funds. For donations via PayPal we store the relevant e-mail address.
Note: the online-donation form on our website is impended using HelpMundo. Your data are also stored by HelpMundo. Information to HelpMundos data-protection policy can be found here.
Using PayPal as a payment method
If, while completing your order, you decide to use PayPal as an online payment service, your contact details will be sent to PayPal during the order process. This information needs to be transferred to process your order using your chosen payment method.
The personal data transmitted to PayPal usually includes your first name, last name, address, telephone number, IP address, e-mail address, or other data required to process your order, such as the quantity of articles ordered, the article number, invoice amount, percentage taxes and invoice details, etc.
Please note the following: PayPal may also pass on your personal data to subcontractors or other affiliates, to the extent necessary for fulfilling the contractual obligations arising from your order or for processing personal data in your order.
When are Which Data Registered?
Personal data are registered based on the data you provide when you:
- Subscribe to our newsletter(the subscription can be cancelled at any time via the form on our internet pages)
- Fill the donation form in the internet
- Make a donation by bank transfer
- Send us an e-mail
- Complete the contact form on our homepage
- Register yourself as a user of our blog blog.ofenmacher.org
How Do We Use Personal Data?
We use your personal data to:
- Provide you with confirmations of donation and to contact you by post
- Distribute our newsletter by E-Mail
- Invite members to members meetings
- Collect membership fees
- Collect donations via direct-debit
- Answer questions received via our contact form
Furthermore we use data in anonymised form to analyse cash inflows and outflows and donor behaviour. Conclusions about individual people can not be drawn from these evaluations. These evaluations are only used within our organisation.
Where And For How Long Do We Store Personal Data?
We store personal data in a database denoted as the „contact database“ which is stored with the cloud provider SugarSync (SugarSync’s data-protection declaration can be found here). Entries about people are deleted when a member ends their membership, cancels their subscription to our newsletter or explicitly requests data deletion. Bank information provided for SEPA-debits are deleted when the transaction is complete.
Our newsletter is prepared and distributed using tools of the provider Mailchimp. To this end a list of e-mail addresses for the newsletter recipients is stored by Mailchimp When a subscription is cancelled the relevant e-mail address is removed from the list. Mailchimp’s data-protection declaration can be found here.
We are legally bound to store documents containing personal data for 10 years. These include confirmations of donations and membership fees including the name, address of the donor or member and sum received.
Donors to the climate protection project receive certificates for the CO2-saved, which include the name and the sum of the donation.
The data are stored as PDF-files in a SugarSync-directory which can only be accessed by the treasurer and the managing-committee. When the storage period ends the files are deleted.
How Do We Protect Personal Data?
Access to the contact database in SugarSync is only provided to a few people in the organisation as required for their work. They receive special instructions on the special nature of these data. The same is true of some permanent and temporary files containing personal data.
All data stored in the SugarSync cloud are encrypted. The transfer of data to and from the cloud is also encrypted.
In addition the encryption by SugarSync the contact database is encrypted with a password. The password is only known to people who need access to the database in conjunction with organisation activities.