‍Privacy Policy

‍

Effective Date: January 01, 2024

This Privacy Policy (hereinafter referred to as the “Policy”) regulates relationships in the field of personal data protection for visitors of the website https://geothermalukraine.org/    (hereinafter referred to as the “Site”), owned by the NON-GOVERNMENTAL ORGANIZATION “GEOTHERMAL UKRAINE” (EDRPOU code 44900467, registered office: 76000, Ukraine, Ivano-Frankivsk Karpatska st., 15), registered according to the current legislation of Ukraine (hereinafter referred to as the “Organization”).

1. GENERAL PROVISIONS.

1.1. This Policy is developed to inform the subjects of personal data about the procedure for processing their personal data when visiting/using the Site, as well as to ensure the protection of their personal data during such processing. In order to improve the quality of service and the security of data storage of our users, we inform you about what data we collect and how we use it on our Site. We respect the confidential information of anyone who visits our site, so based on the requirements of current Ukrainian legislation and the regulation of the European Parliament and the Council, this Privacy Policy has been prepared. This Policy does not apply to sites accessed through hyperlinks on our Site.

1.2. This Policy, as well as the activities of the Organization related to the collection, processing, storage, and other legitimate actions regarding personal data, are regulated by: the Constitution of Ukraine; the Law of Ukraine “On Personal Data Protection” dated June 01, 2010, No. 2287-VI; other current regulatory legal acts of Ukraine regulating personal data protection issues; international legal acts ratified in Ukraine.

For legal relations arising in the Organization in connection with the processing of personal data of residents of foreign jurisdictions, the law (including international law), national and international regulatory legal acts regulating the protection of personal data of residents of such countries, also apply.

1.3. In this Policy, the terms are used in the following meaning:

• personal data – information or a set of information about an individual who is identified or can be specifically identified;
• consent of the subject of personal data – the voluntary expression of the will of a natural person (provided he/she is informed) regarding the permission to process his/her personal data in accordance with the formulated purpose of their processing, expressed in a form that allows a conclusion to be drawn about the consent;
• processing of personal data – any action or set of actions performed entirely or partially in an information (automated) system and/or in personal data files related to the collection, registration, accumulation, storage, adaptation, change, renewal, use, and distribution (distribution, implementation, transfer), depersonalization, destruction of information about an individual (distribution, implementation, transfer), depersonalization, destruction of personal data, including using information (automated) systems;
• subject of personal data – an individual whose personal data is processed;
• third party – any person, except the subject of personal data, owner or administrator of personal data;
• all other terms in the Policy are used in the meaning defined by current legislation of Ukraine, including ratified international legal acts in Ukraine.

1.4. The owner of personal data processed in connection with visiting/using the Site is the Organization. The Organization has the right to fully or partially entrust the processing of personal data to third parties based on an agreement concluded in accordance with the requirements of current legislation.

1.5. A natural person is a subject of personal data under this Policy if he/she is a visitor to the Site, including if he/she uses any options available on the Website.

The placement of this Policy by the link specified in clause 6.1. of this Policy is a notification of the subjects of personal data about the Owner, composition and content of personal data collected in connection with the visit/use of the Site, about the rights of such subjects, the purpose of collecting their personal data, and third parties to whom such personal data may be transferred.

1.6. The Organization guarantees that:

• it adheres to proper practices and regulatory requirements for the protection of personal data;
• protects the rights of subjects of personal data;
• prevents the risk of violation of the security of personal data processing.

1.7. The purpose of processing personal data obtained in the process of the Site’s operation is to carry out the statutory activities of the Organization:

• administration of our Site and conducting social and community activities;
• providing an opportunity to receive feedback through the form on the Site;
• sending you non-marketing communications;
• sending you marketing communications related to our community activities, from which you can unsubscribe at any time;
• providing third parties with statistical information about our users (in this case, third parties will not be able to identify any individual user from this information);
• consideration of requests and complaints made by you or about you regarding our Site;
• keeping our Site safe and preventing fraud;
• checking compliance with the terms governing the use of our Site (including monitoring private messages sent through our Site’s private messaging service).

2. COLLECTION AND PROCESSING OF PERSONAL DATA.

2.1. The processing and storage of the provided personal data are carried out in data centers where equipment ensuring the operation of the Site’s services is located. The provided personal data is processed and may be stored in the Personal Data Database or a separate table of the Site’s Database.

2.2. The Organization may collect and process the following information about you:

Information you provide to the Organization: This is information about you that you provide by using the Site and its options, subscribing to receive updates by email, making charitable donations through the Site’s options, communicating with the Organization through the options available on the Site, etc.

Information about you collected by the Site and other systems: If you visit the Site, third parties may collect certain information about you and your visits, such as the type and version of your browser, pages on the Site you visit, internet protocol (IP) address. If you contact the employees of the Organization through the Site or other means of electronic communication.

Information collected by third parties about you on the Site by taking certain actions: This is information about you that you provide to third parties (such as Facebook, Google, Twitter) using options for social media sharing available on the Site, when transitioning from one page to another, or by viewing materials that have links (open) to other platforms (websites).

2.3. How the Organization processes your personal data depends on how you use the Site and interact with it. Some information may be provided directly by you when using the Site or in another way, while other information may be collected and processed by the Organization using automated technologies on the Site.

2.4. Legal grounds for data processing: when visiting the Site, the Organization processes your personal data if

• The Organization has obtained your consent for such processing;
• Your personal data is necessary for the Organization to conclude and execute a legal transaction with you or to take measures preceding the conclusion of a legal transaction;
• In cases where the Organization has a legitimate interest in processing your personal data, and this legitimate interest does not override your interests in data protection or your fundamental rights and freedoms;
• In other cases defined by applicable law. In some cases, the Organization may have a legal obligation to process your personal data to form, exercise, or protect legal claims.

2.5. The Organization uses your personal data only for the purposes defined by this Policy and applicable law, including (but not limited to),

• Processing your requests (appeals) to the Organization made through the Site;
• Facilitating the exchange of information, relations in the field of advertising and communication in accordance with the Laws of Ukraine “On the Protection of Personal Data,” “On Information,” “On Advertising,” “On Telecommunications,” “On the Protection of Information in Information and Telecommunication Systems,” “On Public Associations”;
• Implementing other statutory purposes of the Organization as defined by applicable law.

2.6. The dissemination of your personal data is carried out exclusively with your consent or in cases specified in this Policy and applicable law.

Personal data may be transferred to third parties in the following cases:

• If you give your unequivocal consent to such transfer;
• If it is necessary to conclude or perform a legal transaction between us and a third party for your benefit;
• If necessary for the formation and implementation of legal procedures (claims, lawsuits, legal processes, etc.);
• In the presence of significant reasons of public interest;
• At the justified requests of state authorities that have the right to demand and receive such data and information.

Except as provided in this Policy, we undertake not to provide your personal information to third parties.

2.7. Period of personal data storage.

Your consent to the processing of personal data is valid for an indefinite period. The storage period for your personal data is not limited. Your personal data is processed for a period not exceeding what is necessary according to their legal purpose and the purposes defined by this Policy.

Your personal data shall be deleted or destroyed in case of:

• The expiration of the 2-year storage period or another period determined by applicable law;
• Termination of legal relations between the data subject and the Fund, unless otherwise provided by law;
• In other cases defined by applicable laws in the field of personal data protection.

2.8. The Organization does not process personal data regarding racial or ethnic origin, political opinions, religious or philosophical beliefs, membership in political parties and professional unions, convictions of criminal offenses, as well as data related to health, sexual life, biometric or genetic data, except as provided by law.

‍

3. RIGHTS OF PERSONAL DATA SUBJECTS.

3.1. When visiting/using the website, you have the right to:

• Receive information from the Organization not specified in this Policy regarding the processing and conditions of providing access to your personal data, or give relevant authorization for obtaining this information by your authorized persons, except in cases defined by legislation;
• Receive information about the conditions of access to personal data, including information about third parties to whom your personal data is transferred, contained in the relevant personal data database;
• Present a reasoned request for the modification or destruction of your personal data by any owner and manager of this database if such data is processed unlawfully or is inaccurate;
• Have the right to protect your personal data from illegal processing and accidental loss, destruction, damage due to intentional concealment, non-provision, or untimely provision, as well as protection from the provision of information that is inaccurate or tarnishes the honor, dignity, and business reputation of a natural person;
• Contact authorities of state power, local self-government bodies, whose powers include the protection of personal data, for questions regarding the protection of your rights regarding personal data;
• Apply legal remedies in case of violation of legislation on the protection of personal data.

3.2. You have the right to address questions related to the collection, use, storage, and other processing of your personal data to the Authorized Representative of the Verkhovna Rada of Ukraine for Human Rights, whom you can contact at the email address hotline@ombudsman.gov.ua . If you have any questions about this Policy or if you have received any unwanted electronic notifications sent by the Organization or allegedly sent on behalf of the Organization, please contact us directly at the email address info@geothermalukraine.org  

4. DATA PROTECTION

4.1. All employees and members of the Organization must ensure the protection of personal data of users of the Organization’s website.

4.2. The Organization employs widely accepted standards of technological and operational information and personal data protection against loss, misuse, alteration, or destruction. However, it does not guarantee absolute protection against any threats that may arise beyond the regulation of the Organization.

4.3. The Organization ensures the implementation of all relevant obligations regarding confidentiality, as well as technical and organizational security measures to prevent unauthorized or unlawful disclosure or processing of such information and data, their accidental loss, destruction, or damage.

4.4. In case of complaints from users of the Organization’s website regarding the violation of the confidentiality of their data, such complaints are considered at the meeting of the Organization’s Board. Further steps to resolve the situation are determined by the decision of the Board. In case of inability to settle the dispute through negotiations, the dispute is resolved in accordance with the current legislation of Ukraine.

5. INTERACTION OF THE OWNER WITH THIRD PARTIES REGARDING PERSONAL DATA

5.1. We do not transfer personal data to third parties except in cases where such transfer is required by the current legislation of Ukraine, at the request of the data subject, or in other cases outlined in this Policy.

5.2. Our authorized employees who have agreed to ensure the confidentiality of user personal data, as well as third parties providing us with services related to the support and administration of the website and other services related to the implementation of the Owner’s non-profit activities, may have access to your personal data. Our authorized employees and/or third parties, based on contracts concluded with us, undertake to comply with all requirements of the current legislation of Ukraine regarding the protection of user personal data and their confidentiality.

5.3. The Organization provides access to personal information to other legal and private entities not related to the Organization only under such limited circumstances:

• With the user’s permission. To transfer any confidential information, the explicit consent of the user is required.
• If there are grounds to believe that access, use, storage, or disclosure of such information is necessary to: comply with any applicable laws, regulations, or valid requests from government authorities;
• Investigate potential violations;
• Detect and prevent fraudulent activities;
• Resolve security issues and address technical malfunctions.

6. CHANGES TO THE PRIVACY POLICY

6.1. The Organization reserves the right to review and change the provisions of this Policy. The current version of this Policy is posted on the website at https://geothermalukraine.org/     

6.2. Amendments to the Privacy Policy. Changes and additions to this Policy may be made periodically and without prior notice to Users, including, but not limited to, changes in legislation.

6.3. In case of significant changes to this Policy, a notice will be posted on the website, specifying the effective date of these changes. If users do not reject them within the specified period in the appropriate written form, this means that users agree to the respective changes in the Policy.