It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at firstname.lastname@example.org
For the purpose of The General Data Protection Regulation (GDPR) (EU) 2016/679, the data controller is Sustainable Commerce Co™ SA, a company registered in Switzerland whose registered office is Chemin De Murcie 16, 1232, Confignon, Switzerland.
2. WHAT DATA DO WE COLLECT ABOUT YOU, FOR WHAT PURPOSE AND ON WHAT GROUND WE PROCESS IT
We may collect the following information from you:
- Communication Data: We collect information that you send to us whether that be through the contact form on our site, through email, text, social media messaging, social media posting or any other communication that you send us.
- Customer Data: To join the Doing Business Doing Good Community we only ask you to provide us with your name and email so we can send you educational materials and related information for which you have shown interest. For courses and training programs we will ask you to fill out more details: data needed to facilitate any purchases of goods and/or services such as your full name, email, company or organization you are working for, contact details (address, phone number), purchase details and your payment card details. We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. In this way we can provide you with the best possible service.
- Other Communication Data: We collect information related to any communications you have with us.
- User Data: we may collect data about how you use our site and any online services together with any data that you post for publication on our site or through other online services.
- Technical Data that includes data about your use of our site and online services such as your IP address, your login data, details about your browser, length of visit to pages on our site, page views and navigation paths, details about the number of times you use our site, time zone settings and other technology on the devices you use to access our site.
- No Sensitive Data. We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
- Information We Collect from Third Parties: We may collect information that third-party services provide about you when using our Site or obtain information from other sources and combine that with information we collect through our Site. We use third-party browser analytics services on our site to help us analyze how users use the site by noting when you arrive on our Site, how often You use our site, the events that occur within the site, usage data and performance data. The information collected will be disclosed to or collected directly by these service providers.
The primary purposes of collecting your data are to provide you with educational materials (for example: training programs and interviews with practical strategies, tips, tools and stories), as well as information about our services, products and special offers so we can help you become a force for good and make a positive impact for a better – and sustainable - world.
Furthermore, we use, store and process all information we collect for the following purposes:
- To Provide, Improve, and Develop our Sites
- To enable you to access and use our Sites.
- To operate, protect, improve and optimize our Sites and experience, such as by performing analytics and conducting research.
- To send you service or support messages, such as updates, security alerts, and account notifications.
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us.
- To provide you with information about other services we offer that are similar to those that you have already enquired about.
- To Create and Maintain a Trusted and Safer Environment
- To notify you about changes to our Sites;
- To ensure that content from our Sites is presented in the most effective manner for you and for your computer.
- To administer our Sites and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To improve our Sites to ensure that content is presented in the most effective manner for you and for your computer;
- To allow you to participate in interactive features of our Sites, when you choose to do so; as part of our efforts to keep our Sites safe and secure;
- To Detect and prevent fraud, spam, abuse, security incidents, and other harmful activity.
- To conduct investigations and risk assessments.
- To verify or authenticate information or identifications provided by you.
- To conduct checks against databases and other information sources.
- To comply with our legal obligations.
We do not carry out automated decision making or any type of automated profiling.
3. HOW WE COLLECT YOUR PERSONAL DATA
We collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending us emails).
4. DISCLOSURES OF YOUR PERSONAL DATA
- Service providers who provide IT and system administration services
- Analytics and/or other similar technologies services
- Professional advisers including lawyers, bankers, auditors and insurers
- Government bodies that require us to report processing activities
- Subsidiaries or members of Sustainable Commerce Co™ SA, but only if it is in line with the purpose, or closely related purpose, to help you make a positive impact for a better – sustainable – world.
We cooperate with government and law enforcement officials to enforce and comply with the law when we make our Sites available for use. We will share information with government agencies as required by law or as instructed by the relevant enforcement authorities of Switzerland to comply with all relevant laws.
We may further disclose information about you to government or law enforcement officials if, in our sole discretion, we believe it necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), as necessary or when requested to provide such information for matters including, but not limited to:
- to protect DBDG™ Proprietary and Intellectual Property Rights;
- to secure our associate third parties’ Proprietary and Intellectual Property Rights;
- to protect the safety of the public or any person; or
- to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, fraudulent, unethical or legally actionable activity
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
5. WHERE WE STORE YOUR PERSONAL INFORMATION
The data we collect from you is stored in Switzerland or the European Economic Area (“EEA”) but may be transferred to and stored at a destination outside of the EEA. It may also be processed by staff operating outside of the EEA. By submitting your personal data, you agree to this transfer, storing and processing.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:
- We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.
Information between your browser and our site is transferred in encrypted form using Secure Socket Layer (“SSL”).
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
6. DATA SECURITY
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorization. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorized access, loss, destruction, or alteration. However, the Internet is not a 100% secure environment so we can’t guarantee the security of the transmission or storage of your information. In case of security failure of either Sustainable Commerce Co or any of our Servers, we will inform you of such failure within 72 hours.
7. DATA RETENTION
We will hold the information about you for as long as is necessary in order to provide you with our services, deal with any specific questions that you may raise or otherwise as is required by law or any relevant regulatory body. In addition, we may retain information for compliance with our legal obligations under the laws of Switzerland.
8. THIRD-PARTY LINKS
9.YOUR RIGHTS TO INFORMATION AND ACCESS TO INFORMATION
You have every legal right to access information held about you. Your right of access can be exercised in accordance with the GDPR. You may access copies of your personal information held by us by sending us an email or access a copy of your personal information held by us. We may request proof of identification to verify your access request. You may instruct us to delete any information we hold by sending us an email. All requests will be effective immediately or within 30 days of initiating the request. Please note that some information may be retained for our full compliance with the law, which will be deleted at a later stage.
Please note that we reserve the right to send you certain communications relating to your account or use of our Site. This includes administrative and service announcements or updates regarding the functionalities of our site, sent via email. Transactional account messages may be unaffected if you opt-out from receiving marketing communications.
11. CHANGES TO THIS POLICY