EU PRIVACY POLICY STATEMENT

This Privacy Policy applies if you are based in a Member State of European Union during your interactions with us.

Data Collection and Use

Your personal data may be collected by us on a voluntary basis when you visit our website, attend our events, use our services, register or communicate with us.

The categories of personal data that we may collect, process and use will include:

  1. Your personal information, contact details such as your name, correspondence address and email address;
  2. Your interests, preferences, opinions and feedback;
  3. Your responses to non-profit volunteer opportunities conducted by us; and
  4. Details of your visits to our website and other information collected through cookies and other tracking technology including information that you look at. We may also collect information about you that is publicly available online, including your social media profiles.

We may not collect, process and use your sensitive Personal Data unless your explicit consent has been granted to us. Your personal data may be processed and/or used by us for the following main purposes:

  1. To provide our information and services to you;
  2. To respond to your inquiries;
  3. To email communications, publications, invitations and such like as you may select, request or as we may consider to be relevant to you;
  4. For general market research; and
  5. For registration or enrolment of events and volunteer opportunities organized by us or our business partners.

The legal basis for our use of your personal data are as follows:

  1. Consent: where you have consented to our use of your personal data. You may withdraw your consent to our use of your personal data at any time by contacting us.
  2. Contract performance: where we are required to collect and handle your personal data in order to provide you with the services that we have contractually agreed to provide to you.
  3. Legal obligation: where we need to use your personal data to comply with our legal obligations.
  4. Vital interests: where we need to process your personal data in order to protect the vital interests of you or another natural person.
  5. Public interest: where we need to process your personal data in order to carry out a task that is in the public interest.
  6. Legitimate interests: where we have a legitimate interest in using your personal data or information and such purpose is not outweighed by any interests that you may have, or any prejudice that you may suffer, from the relevant use of your personal data.

Marketing

We may use your personal data for marketing and promotional purposes. We may communicate marketing and promotions to you online (including by email or via online banner advertisement) and, as appropriate and where required, we will ask you for your consent, or otherwise provide you with the opportunity to choose not to receive marketing, at the time we collect your data.

We will provide an option to unsubscribe or opt out of further communication on any direct marketing communication sent to you at no charge. You may also opt out by contacting us via mail to: Business for Better Society, 1201 Dominion Centre, 43-59 Queen’s Road, East Wanchai, Hong Kong, Attention Personal Data Controlling or by e-mail to info@nullbbsociety.org.

Data Security

We maintain reasonable safeguard measures to protect your personal data in accordance with the requirements of data protection legislation. All personal data collected by us is stored on secure servers with restricted access by authorized personnel only.

This website is regularly maintained by a professional WordPress company. Care is taken to prevent unauthorised access to web directories via htaccess and WordPress settings. Updates to plugins, themes and WordPress core files are preformed monthly along with regular security checks. Latest stable versions of PHP are used to ensure speed and security.

No page URLs, page titles or other public query strings contain personal data like name or email addresses. All user data is accessed via IDs rather than email or names and thus this data will never be sent to a third party accidentally.

In the unlikely event of a data breach that could potentially access users data all users with profiles or recent donations will be notified within 72 hours. The breach will be fixed and access logs will be monitored closely to prevent any further breaches.

Data Sharing

We keep all personal data confidential except as permitted or required by law. We do not share or disclose any of your personal data with other companies or organizations without your prior consent. However, certain information may be disclosed incidental to or in the course of our operation to the following parties:

  1. Any personnel, agent, adviser, auditor, contractor, or service provider who provide services and advice to us in connection with our operation;
  2. The technicians who help to design and set up our Website;
  3. Business partners of the events that you have registered; and/or
  4. The person to whom we are required to make disclosure under any law applicable in or outside Hong Kong.

Data Retention

Our retention period for personal data are based on business needs and legal requirements. We will retain your personal data for as long as is necessary for the processing purpose(s) for which it was collected and any other permitted linked purpose. Where personal data is no longer needed, we either irreversibly anonymize the data (in which case we may further retain and use the anonymized data) or securely destroy the data.

Your Rights

You have the right to:

  1. Access your personal data and have it corrected, amended or deleted (subject to a reasonable charge);
  2. Withdraw your consent to the processing of your personal data at any time;
  3. Receive a copy of your personal data and transit such to others;
  4. Object to our processing of your personal data;
  5. Lodge a complaint about the processing of your personal data with your local data protection authority; and
  6. Instruct us to restrict the processing of your personal data pending our investigation and/or verification of your claim.

Contacting Us

For any data access and correction request or exercise of your rights, please send to us by mail to: Business for Better Society, 1201 Dominion Centre, 43-59 Queen’s Road, East Wanchai, Hong Kong, Attention Personal Data Controlling or by e-mail to info@nullbbsociety.org.