Data protection policy

Pro Mujer has its web suitable to the General Regulation of European Data Protection (GDPR) being able to provide services and collect data of European citizens through it.
The privacy and security of our users’ data is important to us, which is why we apply these high standards of protection and privacy for all our users, whether they are European or not.

1. Responsible for the protocol:
Pro Mujer, Inc.4253 West 35th Street, 11th floor South
New York, NY 10001 Phone Number: 646-626-7000
email: protecciondatos@promujer.org

2. Personal information:
This website through its email addresses, the newsletter form and the donation form collect the following information from its visitors:
– Name and surname
– Email
– Position or profession
– Complete address, zip code, city, state and country
– Content of your message

3. Purpose and legitimation
The data collected through the different email addresses you will find on our pages will be treated to contact you and respond to your query.

The legal basis for the treatment of these data will be the user’s consent, that is, his/her consent.

The data collected through our newsletter form will be treated to send you our newsletter or newsletter with the frequency we deem appropriate. The newsletter may contain informative information about Pro Mujer and allies of Pro Mujer who share our vision and values.

For sending the newsletter, the Mailchimp application is used. Mailchimp has its servers in the USA, and this welcome to the EU-US Privacy shield agreement .You can see their privacy policy at https://mailchimp.com/legal/privacy/

The legal basis for the treatment of these data will be the user’s consent, that is, his/her consent.
The data collected through the donation form will be processed to manage your donation send a thank you letter and, if you so indicate, to send you our newsletter.

The data will be collected through an application embedded in our website called “qgiv” (www.qgiv.com).This platform will collect your data and send it to us (except your bank details). You can read their privacy policy at https://www.qgiv.com/privacy-policy.

Even if you choose the anonymous donation option, we will receive your email address, and you will receive our newsletter only if you have indicated it to us.

The legal basis for the treatment of these data will be the consent of the interested party, that is, your consent.

The data collected through the aforementioned forms are strictly necessary to comply with the purposes described above, so, if not filled, we cannot comply with them.

4. Term of conservation.
The data provided will be kept until the end of the purposes for which they were collected, the consent is revoked or the right to suppress them is exercised, conserving, in that case, only those on which a legal obligation of conservation rests , within the legally established deadlines.

5. Recipients
The personal data provided by the interested parties will not be transferred to any third party outside the Association, except legal obligation or consent of the interested party.

6 International transfers.
Pro Mujer is an organization based in the United States, and has its servers in countries outside the European Union.

The data you provide will be processed by non-European operators and stored on servers that are located in countries outside the European Union. These countries do not have a decision to adapt or offer the adequate guarantees for the purposes of the GDPR, which is why they offer less protection than would exist within the European Union.

In any case, Pro Mujer is committed to applying GDPR standards of both logical and legal security within its organization.

7 Social networks
Pro Mujer has a profile in some of the main social networks of the Internet, being responsible for the protocol in relation to the data published by Pro Mujer or the data that users send privately to Pro Mujer in order to be extracted.

The protocol that Pro Mujer will carry out with the data within each of the aforementioned networks will be, at most, the one that the social network allows to the corporate profiles. Thus, it will be able to inform, when the law does not prohibit it, its followers by any means that the social network allows about its activities, programs, news or any topic related to Pro Mujer. In no case will Pro Mujer extract data from social networks, unless the user’s consent is promptly and expressly obtained for it.

8 Registry Files
Pro Mujer collects certain information automatically and stores it in log files. This information includes protocol Internet (IP) addresses, browser type, Internet service provider (ISP), reference / exit pages, platform type, date and time and number of clicks. We use this information, which does not identify individual users, to analyse trends, administer the site, track the movements of visitors as a whole and gather broad demographic information about our user community.

9. Security measures
Pro Mujer has adopted the necessary technical and organizational measures, which guarantee the security of your personal data and prevent their alteration, loss, protocol or unauthorized access in accordance with the applicable regulations on data protection.

This web page and your data are hosted securely in hostings and have an SSL certificate issued by Let’s Encrypt Authority X3, valid until 08/18/2018 to guarantee the security of data communications.
Also, for donations, Qgiv uses a DigiCert EV SSL certificate.

10 Data protection rights
The interested party may exercise their rights by sending an email to protecciondatos@promujer.org directing along with a photocopy of his/her passport or similar document to prove his/her identity, to request the exercise of the following rights:

Access: The user has the right to obtain confirmation of whether we are processing personal data concerning them, have the right to access their personal data and obtain a copy of them.
Rectification: The user has the right to rectify their inaccurate data and that incomplete personal data is completed.
Suppression: The user has the right to suppression of their personal data without undue delay when personal data are no longer necessary in relation to the purposes for which they were collected or otherwise treated; the interested party withdraws the consent on which the protocol is based or the personal data have been treated unlawfully.

Limitation of the treatment: The limitation of the protocol supposes that the responsible one will not be able to treat the personal data on which the user has requested the limitation when:

1. The interested party challenges the accuracy of the personal data, during a period that allows the responsible to verify the accuracy of the same;

2. The treatment is unlawful and the interested party opposes the suppression of personal data and requests instead the limitation of its use;

3. The person in charge no longer needs the personal data for the purposes of the protocol, but the interested party needs them for the formulation, the exercise or the defence of claims.

Portability: The user has the right to receive the personal data that concern him/her, that he/she has provided to a data controller, in a structured format, of common use and mechanical reading, and to transmit them to another data controller.

Not be the subject of individualized decisions: The user has the right not to be the subject of a decision based solely on automated processing, including the elaboration of profiles, which produces legal effects on him/her or affects him/her in a similar way, unless there is his/her consent.

The interested party may complain to the Data Protection Agency of the country of their choice. You can find the models for the exercise of these rights on the website of the data protection agency of your country or models in Spanish in the AEPD: www.aepd.es or in English at https://ico.org.uk/.

In the event that consent has been granted for a specific purpose, you have the right to withdraw it at any time, without affecting the legality of the protocol based on the consent prior to its withdrawal.