GDPR PRIVACY NOTICE
Mike Gelin for Tamarac Commissioner (“Mike Gelin”)
Effective Date: 19 December 2019
The term “European Economic Area” (or “EEA”) shall mean the then-current member states and member countries of the European Union and European Economic Area, respectively, Switzerland, and, upon its withdrawal from the European Union, the United Kingdom.
Controller Disclosure & Details: We are a data controller of personal data regarding the following categories of EEA Individuals: Visitors and Registered Users (collectively, “Donors”) and vendor contacts (collectively, “Campaign Contacts”) for the purposes and under the legal bases described in the table below. Please note that, in some cases, the categories of data subjects above may overlap (e.g., Visitors and Registered Users using the Websites).
DATA SUBJECT CATEGORY
Purpose & Legal Basis of Processing
General (applies to all data subjects below)Information Security: Our web servers will log your IP address and other information (e.g., browser information, operating system, request date/time, user agent string, referral and exiting URL) in order to maintain an audit log of activities performed. We use this information pursuant to our legitimate interests in tracking usage of the Websites, combating DDOS or other attacks, and removing or defending against malicious visitors on the Websites.
Generally-speaking, we will provide email marketing (e.g., our newsletter) pursuant to a Donor’s consent. In cases where a Donor contributes, or enters into negotiation for the sale of a product, email marketing shall be sent to such Donor pursuant to our legitimate interest in sending marketing communications to such Donors in the context of a sale.
Rewards and Promotions
Mike Gelin for Tamarac Commissioner, our promotional and marketing partners, and donors’ legitimate interest in administering our rewards and promotional offerings.
Testimonials or Feedback
Our legitimate interest in using testimonials or feedback from Donors for marketing purposes, such as posting on the Websites or within pitches, or other promotional content (e.g., email marketing).
Executing Contracts and other Legal Documentation
General Campaign Development
Our legitimate interest in furthering business relationships (such as by storing Donor information within a CRM or other database/file), ensuring customer satisfaction, and answering inquiries.
Audience Measurement and Retargeting
Pursuant to a Visitor’s consent, we use an assortment of marketing and analytics cookies for purposes of audience measurement, retargeting, and creating relevant Visitor experiences (such as based on their interaction with our Websites).
When entering into vendor relationships, we will receive the personal information of contacts employed or otherwise associated with such vendors. We process such information in our legitimate interest in establishing and developing our vendor relationships.
Categories of Recipients
Mike Gelin for Tamarac Commissioner personnel will process the categories of EEA Individuals’ (as listed above) information appropriately for sales, marketing, finance, and related purposes. Such EEA Individuals’ information (or a particular category of EEA Individual, as listed in the table above) is also disclosed to various categories of recipients to effectuate the purposes described in the table above, including companies providing technical assistance, order fulfillment, customer service, marketing assistance, payment processing, survey collection, promotional and marketing assistance, and campaign operations.
Mike Gelin for Tamarac Commissioner retains your personal data as necessary to fulfill the purposes set forth within this Notice and to the extent you have (or demonstrate interest in) a relationship with Mike Gelin for Tamarac Commissioner, unless you request deletion of such data or such data is no longer relevant. In some cases, we may have to retain data to comply with our legal obligations (e.g., accounting, finance, tax).
Your GDPR Rights
As a natural person, you have a right to: (i) request access to, correction and/or erasure of your personal data; (ii) object to processing of your personal data; (iii) restrict processing of your personal data; and (iv) request a copy of your personal data, or have a copy thereof sent to another controller, in a structured, commonly used and machine readable format under the right of data portability. You may exercise these rights and submit a GDPR complaint by contacting: email@example.com with the subject line “GDPR Notice.”
You also have the right to lodge a complaint about the processing of your personal data with an appropriate data protection authority, and, as applicable, to exercise third-party beneficiary rights under Mike Gelin for Tamarac Commissioner’s Standard Contractual Clauses.
Contact details for the EU data protection authorities can be found at: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Objecting to Legitimate Interest/Direct Marketing
You may object to personal data processed pursuant to our legitimate interest. In such case, we will no longer process your personal data unless we can demonstrate appropriate, overriding legitimate grounds for the processing or if needed for the establishment, exercise, or defense of legal claims. You may also object at any time to processing of your personal data for direct marketing purposes by clicking “Unsubscribe” within an automated marketing email or by submitting your request to firstname.lastname@example.org with the subject line “GDPR Notice” (the latter for instances where, for example, you would not like to receive follow-ups from our sales team). In such case, your personal data will no longer be used for that purpose.
Transfer of Personal Data outside the EEA
We are self-certified under the EU-US and Swiss-US Privacy Shield for appropriate transfer of your personal data, such as to our US data centers, pursuant to Article 45(1); in these instances, you may have specific rights under the Privacy Shield. In other instances, however, we may alternatively rely on appropriate Standard Contractual Clauses to ensure adequate protection for your personal data.
Disclosure to Public Authorities
Mike Gelin for Tamarac Commissioner may be required to disclose personal data in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal data to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Updates to this GDPR Notice
If, in the future, we intend to process your personal data for a purpose other than that which it was collected, we will provide you with information on that purpose and any other relevant information at a reasonable time prior to such processing. After such time, the relevant information relating to such processing activity will be revised or added appropriately within this GDPR Notice, and the “Effective Date” at the top of this page will be updated accordingly.
How to Contact Us
Please reach out to email@example.com for any questions, complaints, or requests regarding this GDPR Notice; please include the subject line “GDPR Notice.”
E.U.-U.S. AND SWISS-U.S. PRIVACY SHIELD NOTICE
Important Notice for Residents of the European Economic Area and Switzerland
We will provide an individual opt-out choice before we share your personal information with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to firstname.lastname@example.org.
We will not disclose your sensitive personal information to any third party without first obtaining your opt-in consent. You may grant such consent by contacting us at to email@example.com. In each instance, please allow us a reasonable time to process your response.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Mike Gelin for Tamarac Commissioner’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles.
In particular, Mike Gelin for Tamarac Commissioner remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Mike Gelin for Tamarac Commissioner proves that it is not responsible for the event giving rise to the damage.
Mike Gelin for Tamarac Commissioner has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles and Swiss-U.S. Privacy Shield Principles to BBB PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your Privacy Shield complaint is not satisfactorily addressed by Mike Gelin for Tamarac Commissioner, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
Retention of Personal Information under the Privacy Shield
How We Protect Personal Information under the Privacy Shield
We take commercially reasonable steps to protect personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, taking into account the risks involved in processing and the nature of such data, and in compliance with applicable laws and regulations. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the personal information that you supply will not be intercepted while being transmitted to and from us over the Internet. In particular, email sent to or from the Websites may not be secure, and you should therefore take special care in deciding what information you send to us via email.