Danger mine sign

The following privacy policy explains what information is collected when you access and use our websites, how we use the information we collect and the precautions we take to protect that information.

Introduction

FSD Group is composed of three entities: FSD (Fondation suisse de déminage), Crosstech S.A. and Association FSD. FSD Group is committed to protecting the privacy and security of personal data that we collect, process and store. This Privacy Policy explains how our organisation uses the personal data we collect from you when you use our websites or otherwise submit data to us, and outlines our responsibilities and procedures for ensuring the protection of personal data.

FSD Group Privacy Policy has been prepared in accordance with applicable data protection laws, including the Swiss Data Protection Act (DSG) and the European General Data Protection Regulation 2016/679 (GDPR).

1. What data do we collect, and how?

1.1 Information you give us

We obtain personal information from you when you communicate or share information with us, subscribe for newsletters or one of our online services, register to an event, apply to a vacancy, and/or make a donation.

Depending on the specific purpose (see section 2 below), we may ask you to provide, inter alia, part or all of the following information: your full name, date of birth, email and/or postal address, phone number, position/title, company/organisation, dietary requirements, CV and references and motivation for applying to a vacancy.

1.2 Information we collect automatically: cookies and web analytics

We automatically collect information through the FSD websites to help administer, protect, and improve our services.

Such information may include information regarding your device, such as your IP address, your operating system and your browser activity, location of the device accessing the websites, traffic data (such as the pages you visited on our websites, the time spent on the websites, number of downloads from the websites) and interactions with social media platforms (such as sharing of elements from the FSD websites to social media accounts). This information may be collected through the use of cookies (see section 9 below) and analytics (see section 10 below).

1.3 Links to third-party websites

Our websites provide links to third party websites and social media platforms – such as Facebook, Twitter, Instagram, YouTube, LinkedIn and TikTok – that will collect data about you if opened.

FSD Group does not govern the processing of personal data by such third parties, so we suggest that you refer to the privacy policies of these websites should you wish to have more information.

2. Why do we collect your personal data?

We collect your personal data for one or more of the following purposes (depending on your interaction on our site and data entered):

• To allow you to contact us and/or receive information from us;
• To organise or promote events and/or FSD Group activities;
• To allow you to register as a participant to events we organise or co-organise;
• To process your donation to FSD Group or any questions on how you can support FSD Group;
• To process your employment application;
• To consider you for future suitable vacancies, should you not be successful in your initial application;
• To analyse web statistics and log files, with the aim of improving the functioning of our websites;
• To assess the performance of our communications and improve the relevance of FSD campaign and fundraising messages displayed to you after you leave our websites.

Your personal data is not used for automatic profiling or decision-making.

3. How do we store your data, and for how long?

FSD Group securely stores your data on servers in Switzerland, the European Union and the United States.

We will keep your personal data only for as long as necessary to fulfil the purposes we collected them for, including for the purposes of satisfying any legal, accounting, or archiving requirements.

To determine the appropriate retention period, we take into account the nature and sensitivity of your personal data, potential risks of harm from unauthorized use or disclosure of your personal data and the purposes for which we process your personal data.

When we no longer need your personal data, or when you request they be erased to stop receiving communications from FSD Group, we will delete your data.

We will never rent or sell your personal information.

4. What does signing up for our e-newsletter mean?

FSD Group would like to send you information about our activities and achievements that we think you might find interesting.

If you have agreed to receive our newsletter, you may always opt out at a later date.

If you are subscribed to FSD’s monthly newsletter, you can update your preferences or, if you no longer wish to receive the FSD e-newsletter unsubscribe from the list.

FSD Group uses MailChimp as our email marketing platform. By subscribing to the FSD e-newsletter, you acknowledge that your information will be transferred to Mailchimp for processing. MailChimp is a service offered by The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA, 30318 (hereinafter “Rocket”).

The data saved during the registration process is sent to and stored with Rocket. None of the data entered during the registration process is sent to third parties. MailChimp enables us to evaluate the performance of our e-mailings by providing information such as the number of users who received and opened an email, whether the emails were sent back and if users unsubscribed from the list after receiving an email.

Rocket is committed to handling and storing all data conferred to its services in accordance with the requirements of the GDPR and DSG. For more information on MailChimp, please visit https://mailchimp.com/legal/privacy/.

MailChimp is a “Swiss-US and EU-US Privacy Shield” certified service. The “Privacy Shield” is an agreement between Switzerland or the European Union and the USA, which ensures that European privacy standards are respected in the USA.

5. Who processes your personal data and with whom is it shared?

Internally, all personal data collected by FSD Group is processed only by designated FSD staff members or agents, for one or more of the specific purposes listed above, and only on a strict need-to-know basis.

Depending on the purpose for which we process your personal data, we may share the necessary information with selected third parties, such as:

• The people you have indicated as references in your application, should the latter be of interest to FSD Group: your name, surname and the details of your resume we wish to get feedback on;
• The host of an event we organize or co-organise: your name, surname and company/organisation;
• Selected service providers that are necessary to process your data for the above-mentioned purposes;
• Social media platforms, through for example retargeting campaigns on Facebook.

We will never rent or sell your personal information.

In case of sharing your data with third parties, we ensure as much as possible that the recipient has provided sufficient proof of compliance with the principles set out in the FSD Privacy Policy. This includes contractual obligations imposing a strict prohibition of using such data for purposes other than those specified in this document, and ensuring an adequate level of protection of the personal data shared from us.

6. What measures do we have in place to protect and safeguard your information?

We take the protection of your personal data very seriously, and we therefore apply adequate technical and organisational measures to protect against accidental loss and unauthorised access, use, destruction or disclosure of data. Some examples of these measures are:

• An official FSD username and password are required in order to access our IT systems.
• All user accounts are protected by multi-factor authentication.
• Authentication and authorisation for the IT systems are based on roles and tasks.
• There is only one user per account.
• Our data centre is physically protected and covered by our Privileges and Immunities.
• Network security is configured to prevent external threats from accessing our infrastructure.

We also work with a variety of service providers to help us carry out our work. To ensure that third parties working with personal data meet our high standards for data protection, we require them to commit to strict confidentiality and data protection policies:

• We work with various service providers to help us manage our operations and services, including providers of email distribution and analytics services. We ensure that all of our service providers commit to high levels of confidentiality and data protection in their policies, and we require them to provide appropriate safeguards for any personal data they process on our behalf.
• We also work with smaller service providers, such as web designers and consultants, to help us carry out our work. These providers may have access to personal data, so we require them to sign confidentiality and data protection clauses to ensure compliance with our security rules and the FSD Privacy Policy. These clauses outline their obligations to protect personal data and limit its use to only what is necessary for the performance of their services.

FSD cooperates for the collection of online donations with RaiseNow. Payments can be made by credit card (through the payment providers Stripe and SIX), Post Finance, TWINT and PayPal. Payments can also be made through direct bank transfers via QR payment slips. Your data will be transmitted in encrypted form. FSD does not store any card data; the payment data is processed directly on PCI DSS certified infrastructure by RaiseNow. The information is used exclusively for the processing of donations and in compliance with data protection regulations. The full RaiseNow Privacy Policy is available at https://www.raisenow.com/en/privacy-policy.

FSD also employs the services of the web donation platform Donorbox. Payments can be made by credit cards, Apple Pay, low-fee ACH & SEPA bank transfers and Google Pay and PayPal. Your data will be transmitted in encrypted form. No credit card information is ever stored on FSD or Donorbox servers, and no card information is ever shared with third parties other than the payment processors you choose to link. The information is used exclusively for the processing of donations and in compliance with data protection regulations. Donorbox implements appropriate technical and organisational measures to ensure the security and confidentiality of personal data, and regularly reviews and updates its policies and procedures to ensure compliance with data protection laws. For Donorbox’s full Privacy Policy, please visit https://donorbox.org/privacy.

Non-profit donations are tax-deductible according to the applicable guidelines of the relevant tax authorities. FSD issues a confirmation to the tax authorities (after the end of the calendar year/following the successful donation process).

FSD Group is ISO 9001- and ZEWO-certified and is committed to high quality standards in organizational management, humanitarian action, financial management and fundraising. Compliance is regularly checked by external and independent authorities.

7. What are your data protection rights?

FSD Group would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request FSD Group for copies of your personal data.

The right to rectification – You have the right to request that FSD Group corrects any information you believe is inaccurate. You also have the right to request FSD Group to complete the information you believe is incomplete.

The right to erasure – You have the right to request that FSD Group erases your personal data, under certain conditions. However, there may be certain circumstances where we are obliged to retain your personal data, for example to comply with a legal obligation.

The right to restrict processing – You have the right to request that FSD Group restricts the processing of your personal data, under certain conditions, for example if you want to contest the accuracy of the personal data we have collected.

The right to object to processing – You have the right to object to FSD Group’s processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that FSD Group transfers the data that we have collected to another organisation, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at the email address provided below at section 13.

8. Legal basis for use of personal data

Every organization must have a legal basis for collecting and using personal data.

FSD refers to the following legal basis when using personal data:

• The consent of our users (e.g., for sending certain messages by email).
• Data processing necessary to comply with a legal obligation (e.g., to process a tax deduction return).
• Our legitimate interest as a non-profit humanitarian organization, provided that use of the data does not affect the rights of the data subject.

Our legitimate interest includes:

• Good organisational leadership; in particular with regard to the implementation of our humanitarian goals, statutory and financial reporting and compliance with other legal regulations.
• Transparent administrative and operational processes; in particular in relation to answering inquiries, providing information and services, research, event and volunteer management and in the recruitment and hiring of staff.
• Responsible fundraising campaigns; this includes in particular the management of campaigns and donations and the sending of direct marketing communications and thank-you letters by post or email.

9. Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology. If you do not want cookies to be saved on your electronic device, you can reject non-essential cookies directly on our websites. Alternatively, you can configure your Internet browser or electronic device to refuse cookies before using the platform. If you do not do so, you consent to the collection and processing of the data collected; please note, however, that you may not be able to make full use of all our websites’ functions if you reject non-essential cookies.

For further information, visit allaboutcookies.org.

How do we use cookies?

FSD Group uses cookies in a range of ways to improve your experience on our websites, including:

• Keeping you signed in.
• Understanding how you use our websites.
• Track our communications performance.
• Track e-newsletter performance.

What types of cookies do we use?

There are a number of different types of cookies, however, our websites use:

• Functionality – FSD Group uses these cookies so that we recognise you on our websites and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
• Promotion – FSD Group uses these cookies to collect information about your visit to our websites, the content you viewed, the links you followed and information about your browser, device, and your IP address. FSD Group sometimes shares some limited aspects of this data with third parties for analytical purposes. We may also share online data collected through cookies with our service providers. This means that when you visit other websites, you may be shown promotion based on your browsing patterns on our websites.
• Analytics (see section 10 below).

10. Web Analytics

The FSD websites use web analytics service provided by Google Analytics and Mouseflow to help us identify how people are using our websites by processing the information mentioned above.

Google Analytics

The FSD websites use Google Analytics, a web analytics service provided by Google Inc., to help us identify how people are using our websites by processing the information mentioned in section 1. Google’s head office is located in the United States of America (1600 Amphitheatre Parkway, Mountain View, CA, 94043, USA). Google Analytics uses cookies. Google processes the information collected by these cookies (e.g. your IP address and the time, place and frequency of your visits) in the USA.

Google Analytics uses the collected information to create reports that illustrate the usage statistics of our websites.

Google Analytics may also pass this information on to third parties, provided this is permitted by law or that third parties have been hired by Google Analytics to process the data.

Google Analytics complies with the data protection regulations of the European Union. You can therefore be sure that under no circumstances will Google Analytics link your IP address to other Google data. In general, user and event data are only kept for 26 months (and, as mentioned above, you can always disable cookies in the settings of your browser).

Google Analytics offers an opt-out add-on for all the major browsers, which will give you greater control over the data that is collected and processed by Google Analytics. If you choose to activate this function, Google Analytics will receive no information regarding your visit to our websites. Nevertheless, the use of the opt-out add-on does not prevent information from being sent to us or to other web analysis services potentially used by our services. For more information on Google’s opt-out add-on and its activation, please visit the following link: https://tools.google.com/dlpage/gaoptout?hl=en-GB. The full Google Analytics Terms of Service and Privacy Policy are available at https://www.google.com/analytics/terms/gb.html and https://policies.google.com/?hl=en-GB.

Mouseflow

Mouseflow is a website analytics tool that provides session replay, heatmaps, funnels, form analytics, feedback campaigns, and similar features/functionality. Mouseflow may record your clicks, mouse movements, scrolling, form fills (keystrokes) in non-excluded fields, pages visited and content, time on site, browser, operating system, device type (desktop/tablet/phone), screen resolution, visitor type (first time/returning), referrer, anonymized IP address, location (city/country), language, and similar meta data. Mouseflow does not collect any information on pages where it is not installed, nor does it track or collect information outside your web browser. All Personal Identifiable Information (“PII”) is pseudonymized prior to being collected by Mouseflow. If you’d like to opt-out, you can do so at https://mouseflow.com/opt-out. If you’d like to obtain a copy of your data, make a correction, or have it erased, please contact us first or, as a secondary option, contact Mouseflow at privacy@mouseflow.com.

For more information, see Mouseflow’s Privacy Policy at http://mouseflow.com/privacy/.

For more information on Mouseflow and GDPR, visit https://mouseflow.com/gdpr/.

For more intormation on Mouseflow and CCPA/VCDPA visit https://mouseflow.com/ccpa.

11. Privacy policies of other websites

The FSD websites contain links to other websites. Our privacy policy applies only to our websites, so if you click on a link to another website, you should read their privacy policy.

Privacy Policy

12. Changes to our privacy policy

FSD Group keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 29 August 2023.

Privacy Policy

13. How to contact us

If you have any questions about FSD Group’s Privacy Policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us per email at privacy@fsd.ch.

Or write to us at:

Fondation suisse de déminage,
Avenue Giuseppe-Motta 14b
1202 Geneva, Switzerland

14. How to contact the appropriate authority

Should you wish to report a complaint or if you feel that FSD Group has not addressed your concern in a satisfactory manner, you may contact the Swiss Data Protection and Public Information Officer (or the supervisory authority in your country of residence):

Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter
Feldeggweg 1
3003 Bern, Switzerland

Phone: +41 (0)58 462 43 95