- What we do
- What we say
- Who we are
- Get involved
- Finding help
We are not permitted to use your data for any purposes other than those stated here or permitted by law.
Unless otherwise stated in individual cases, Caritas Switzerland is responsible for the forms of data processing described here. If you have any queries about data protection law, you can contact us as follows:
E-mail: spendenservice@caritas .ch
We will not forward your data to third parties. We work with external service providers for particular tasks, for example, putting addresses on shipments. These service providers are obliged to comply fully with data protection regulations, are not permitted to use your data for any other purposes whatsoever and must delete it after 30 days. Your address details may be transferred to CRIF Ltd. in Zurich for the purpose of updating your postal address, for example if you move house. This helps us to prevent mail being returned and reduces unnecessary postage costs. You can find more detailed information at: www.mycrifdata.ch/#/dsg. All Caritas Switzerland employees who handle your data are obliged to comply with data protection regulations.
We will not misuse any data that you provide to us about yourself. In order to send you a newsletter you are subscribed to, respond to your queries, process your donations, ensure your participation in petitions, campaign promotions or competitions or complete your order in the online shop, we require some information from you. We will use the information that you provide via a form on the website or by other means to achieve these ends and process the resulting communication. If you make a donation via our website, we will notify you about some of Caritas Switzerland’s ongoing projects.
Just like any online provider, we collect user data in order to optimise our service. We collect and store information in such a way that it is not personally identifiable. We therefore cannot check which user has accessed which data. In particular, we do not collect any names, postal addresses, telephone numbers or e-mail addresses when you visit our website, nor any details about your personal interests or donations.
If you have given us consent to process your personal data for particular purposes (for example when you subscribe to newsletters), we will process your personal data on the basis of this consent. You can revoke your consent at any time.
Within the scope of the data protection legislation applicable to you and in so far as this legislation provides (as in the case of the GDPR, for instance), you have the right to rectification and erasure, as well as the right to restrict data processing, object to our data processing and publish certain personal data for the purpose of transferring it to another authority (known as data portability). Please note, however, that we reserve the right to enforce the legally prescribed restrictions, for example if we are obliged to store or process your data or need it to assert claims. If this incurs any costs for you, we will notify you in advance. We have already explained the option of revoking your consent in the “Use of data” section.
If you send a written request to Caritas Switzerland, we will inform you about the data we have stored about you. When requesting this data, please send us your full name, e-mail address and a copy of an official identification document (ID card, passport). This is necessary to prevent any unauthorised persons gaining access to your data. You may exercise the rights indicated above with regard to the data stored about you.
Furthermore, every data subject is entitled to assert their claims in court or file a complaint with the competent data protection authority. The competent data protection authority in Switzerland is the Federal Data Protection and Information Commissioner (http://www.edoeb.admin.ch/edoeb/en/home.html).
We occasionally use Google Analytics or similar services on our website. This is a service provided by third parties that may be located in any country in the world (in the case of Google Analytics, it is Google LLC in the USA, www.google.com), which allows us to measure and evaluate the use of the website (in such a way that it is not personally identifiable). For this purpose, we also use permanent cookies set by the service provider. The service provider will not receive any personal data from us or retain any IP addresses. It may, however, track your use of the website, combine this information with data from other websites you have visited that are also tracked by the service provider, and use these findings for its own purposes (for example, managing advertising). If you have registered with the service provider yourself, it will also know you. In this case, the service provider is responsible for processing your personal data in accordance with its own data protection provisions. The service provider will only tell us how our respective website is being used. We will not receive any information that identifies you personally.
We use services from other providers on our websites and mobile applications. For example, videos are embedded via the YouTube platform. Content may be shared or recommended via Facebook, Twitter or Google+. Clicking an element from one of these third party providers (e.g. the “Like” plug-in from Facebook), may automatically connect you to this third-party provider’s servers. Data relating to your visit to the website may then be transferred to the third-party provider and possibly associated with the user account you have created with them. You can find out how these platforms collect and use data in their respective privacy policies, where you will also be given the option to adjust the settings to restrict the use of your personal data.
All data that you provide to us on our website, when ordering a newsletter or making contact enquiries, is transferred to us via a secure connection in encrypted form. We use a state-of-the-art security procedure (SSL Secure Sockets Layer) to do this.
We also place links on our website to external services that we think you might like. Of course, we only provide links to pages that did not appear to contain any misleading or illegal content when the link was created. We have no control over the way these pages will be set up in future, however. We cannot therefore be held responsible for recommended pages that have been changed after the link was created. Liability for illegal, incorrect or incomplete content and, in particular, for any damage or loss suffered as a result of using this information lies solely with the provider of the page in question.
On our website, you can easily and securely make a donation or process a payment online using debit or credit cards. The company RaiseNow’s certified e-payment platform was designed specifically for non-profit and aid organisations. We will store the data you provide when making a donation, i.e. the amount, the specific purpose of your donation and your address, in our donor database.
If you subscribe to one of the newsletters we offer, we will use your data exclusively to send our newsletter as it is defined when you subscribe. You only need to provide your e-mail address to subscribe to our newsletter. You subscribe to newsletters via what is known as a double opt-in procedure. After subscribing, you will receive an e-mail prompting you to confirm your subscription. This confirmation is necessary to prevent anybody from subscribing with unauthorised e-mail addresses. Subscriptions or changes to newsletter subscriptions are recorded and are therefore traceable.
If you provide any more personal information when you subscribe, we will check it against our own address database to ensure that the addresses are fully up to date and of sufficient quality, thus optimising our communication with you. We will treat your newsletter data as strictly confidential and will not forward or sell it to third parties. We work closely with our Internet and newsletter providers to provide maximum protection for your data from unauthorised access, loss, misuse or forgery. Please do not forward your newsletter as this may also send a means of accessing your personal information. To forward the newsletter, please use the “Forward message” function integrated into every newsletter or the URL for the online version of the newsletter.
Newsletters are sent using MailChimp, a newsletter distribution platform offered by the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. Our newsletter recipients’ e-mail addresses and any other data they provide are stored on the MailChimp servers in the USA. MailChimp uses this information for the purposes of distributing and analysing the newsletter on our behalf. According to MailChimp’s own information, it may also use this data to enhance or improve its own service, for example, to optimise the distribution and presentation of the newsletter from a technical perspective or for commercial purposes. However, MailChimp does not use our newsletter recipients’ individual data to communicate with them itself, nor does it forward the data to third parties.
MailChimp is certified under the EU-US “Privacy Shield” data protection agreement and is therefore obliged to comply with EU data protection regulations (https://www.privacyshield.gov).
We process and store your personal data for the duration of the business relationship and in accordance with the statutory retention and documentation requirements. Data may therefore be retained for the period in which claims can be asserted against our company (including, in particular, during the statutory limitation period) and to the extent that we are otherwise required to do so by law or it is required by legitimate business interests (for example for evidence or documentation purposes). As soon as your personal data is no longer required for the aforementioned purposes, it will be deactivated and will no longer be used. For operational data (for example system records, logs), shorter retention periods of up to twelve months apply as a basic principle.
As part of our business relationship, you are invited to provide the personal data that is required to enter into and conduct a business relationship and fulfil the associated contractual obligations. Generally speaking, you are not legally required to provide data to us. Without this data, we will usually be unable to conclude or process a contract with you (or the body or person you are representing). The website cannot be used either if certain details designed to secure data traffic (such as your IP address) are not disclosed.