Terms of Use&Privacy Policy
Policy version: as updated on 7th February 2025.
This Privacy Policy applies to the website: https://biloruska.foundation/ (our website).
Our website is provided by WordPress (‘we’, ‘our’ or ‘us’). We are the controller of personal data obtained via our website, meaning we are the organisation legally responsible for deciding how and for what purposes it is used.
We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share any information relating to you (your personal data) in connection with your use of our website. It also explains your rights in relation to your personal data and how to contact us or a relevant regulator in the event you have a complaint.
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the EU General Data Protection Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (EU GDPR) in relation to the activities we are undertaking in the European Economic Area (EEA).
This version of our privacy policy is primarily written for adults, including parents and guardians of child users. This website is not intended to be used by children under the age of 14. We do not knowingly collect personal information directly from children under the age of 14 without parental consent. If we become aware that a child under the age of 14 has provided us with personal information, we will delete the information from our records.
This privacy policy is divided into the following sections:
- What this policy applies to
- Personal data we collect about you
- How your personal data is collected
- How and why we use your personal data
- Marketing
- Who we share your personal data with
- How long your personal data will be kept
- Transferring your personal data out of the EEA
- Cookies
- Your rights
- Keeping your personal data secure
- How to complain
- How to contact us
- Changes to this privacy policy
What this policy applies to
This privacy policy relates to your use of our website only.
Throughout our website we may link to other websites owned and operated by certain trusted third parties to. Those third-party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to those third-party websites, please consult their privacy policies as appropriate.
Personal data we collect about you
The personal data we collect about you depends on the particular activities carried out through our website. We will collect and use the following personal data about you:
- your name, address and contact information, including email address and telephone number [and company details]
- location data, [if you choose to give this to us]
- your professional online presence, eg LinkedIn profile
You must provide some or all of the above personal data when proceeding with a donation to us or when sending a request of collaboration for example, unless we tell you that you have a choice.
Sometimes you can choose if you want to give us your personal data and let us use it. Where that is the case, we will tell you and give you the choice before you give the personal data to us. We will also tell you whether declining to share that personal data will have any effect on the use of our website.
We collect and use this personal data for the purposes described in the section ‘How and why we use your personal data’ below.
How your personal data is collected
We collect personal data from you:
- directly, when you enter or send us information, such as when you contact us (including via email), send us feedback, make a donation, request collaboration etc. and
- indirectly, such as your browsing activity while on our website; we will usually collect information indirectly using the technologies explained in the section on ‘Cookies’ below.
How and why we use your personal data
Under Article 6 of the EU GDPR, your personal data will be processed only if and to the extent that at least one of the following applies:
- consent for processing personal data has been given,
- for the performance of an obligation with you or to take steps at your request before entering into a memorandum of cooperation,
- to comply with our legal and regulatory obligations,
- processing is necessary in order to protect the vital interests of an individual or legal person,
- processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us,
- interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child,
- for our legitimate interests or those of a third party.
A legitimate interest is when we have a reason to use your personal data in the course of our activities, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us (see ‘How to contact us’ below).
The table below explains what we use your personal data for and why.
| What we use your personal data for | Our reasons |
|---|---|
| Cooperating with you | To perform our memorandum of cooperation with you or to take steps at your request before entering into such a memorandum |
| Conducting checks to identify you and verify your identity or to help prevent and detect fraud against you or us | To comply with our legal and regulatory obligations |
| Enforcing legal rights or defend or undertake legal proceedings | Depending on the circumstances: —to comply with our legal and regulatory obligations —in other cases, for our legitimate interests, i.e. to protect the foundation, interests and rights |
| Communications with you about changes to our terms or policies or changes to our activities or other important notices | Depending on the circumstances: —to comply with our legal and regulatory obligations —in other cases, for our legitimate interests, i.e. to be as efficient as we can in the course of activities |
| Protecting the security of systems and data used to perform activities | To comply with our legal and regulatory obligations We may also use your personal data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests, i.e. to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us |
| Statistical analysis to help us understand visitors base | For our legitimate interests, i.e. to be as efficient as we can so we can in the course of our activities |
| Updating and enhancing visitors records | Depending on the circumstances: —to perform our memorandum of cooperation with you or to take steps at your request before entering into a such a memorandum —to comply with our legal and regulatory obligations —where neither of the above apply, for our legitimate interests, e.g. making sure that we can keep in touch with our collaborators about existing or new initiatives. |
| Disclosures and other activities necessary to comply with legal and regulatory obligations that apply to our foundation, e.g. to record and demonstrate evidence of your consents where relevant | To comply with our legal and regulatory obligations |
| Marketing our activities to existing and former collaborators | For our legitimate interests, i.e. to promote our activities to existing and former collaborators See ‘Marketing’ below for further information |
| To share your personal data with members of our foundation and third parties that will or may take control of some or all of the foundation (and professional advisors acting on our or their behalf) in connection with a significant activity or task In such cases information will be anonymized where possible and only shared where necessary | Depending on the circumstances: —to comply with our legal and regulatory obligations —in other cases, for our legitimate interests, i.e. to protect the value of the foundation |
How and why we use your personal data—sharing
See ‘Who we share your personal data with’ for further information on the steps we will take to protect your personal data where we need to share it with others.
Marketing
How We Use Your Personal Data for Marketing
We may use your personal data to send you marketing communications about our activities and other related updates. This may include emails, SMS messages, telephone, post. We will only use your personal data for marketing purposes if we have a valid legal basis, such as:
- Your Consent: When required by law, we will obtain your explicit consent before sending you marketing messages. You have the right to withdraw your consent at any time.
- Legitimate Interests: If you are an existing collaborator or donor, we may send you marketing communications based on our legitimate interests in promoting our activities, provided that your rights and freedoms do not override these interests. You can opt out at any time.
Your Marketing Preferences
You can control your marketing preferences in the following ways:
- Opting Out of Emails: You can unsubscribe from our marketing emails by clicking the “unsubscribe” link in any email you receive from us.
- Opting Out of SMS Messages: If you receive SMS marketing messages, you can stop receiving them by following the opt-out instructions included in the message.
- Managing Preferences: You can update your communication preferences by contacting us (see ‘How to contact us’ below).
Your Right to Object to Marketing (Article 21 of EU GDPR)
You have the right to object to the processing of your personal data for direct marketing purposes at any time. If you object, we will stop processing your personal data for marketing purposes immediately.
Third-Party Marketing
We will not share your personal data with third parties for their own marketing purposes unless we have obtained your explicit consent.
We will always treat your personal data with the utmost respect and never sell OR share it with other organizations for marketing purposes.
For more information on your right to object at any time to your personal data being used for marketing purposes, see ‘Your rights’ below.
Who we share your personal data with
We routinely share personal data with:
- third parties we use to help in the implementation or performance of our activities
- other third parties we use to help us run the foundation, e.g. website hosts and website analytics providers
We only allow those organizations to handle your personal data if we are satisfied, they take appropriate measures to protect your personal data.
We or the third parties mentioned above occasionally also share personal data with:
- our external auditors, e.g. in relation to the audit of our accounts, in which case the recipient of the information will be bound by confidentiality obligations
- our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations
- law enforcement agencies, courts, tribunals and regulatory bodies to comply with our legal and regulatory obligations
- other parties that have or may acquire control of the foundation (and our or their professional advisers) in connection with a significant transaction, usually, information will be anonymized but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations.
Who we share your personal data with—further information
If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).
How long your personal data will be kept
We will retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including to comply with legal, regulatory, tax, accounting, or reporting requirements.
- Marketing Data: If you have given consent for marketing communications, we will retain your data until you withdraw your consent or opt out. If we rely on legitimate interests for marketing, we will retain your data as long as you remain an active customer or show interest in our activities, but no longer than 2 years from your last interaction with us.
- Data received on the basis of collaboration or based on our memorandum of cooperation: If your data is collected as part of a collaboration of memorandum of cooperation, we will retain it for the duration of such cooperation and for a period of 6 years after its termination, in line with legal and accounting requirements.
- Legal and Compliance Purposes: In some cases, we may be required to retain data longer if necessary to comply with legal obligations, resolve disputes, or enforce our agreements.
Once the retention period expires, we will securely delete or anonymize your personal data unless we are required to keep it for a longer period by law.
For more details on how we handle data retention, please contact us (see ‘How to contact us’ below).
Transferring your personal data out of the EEA
Countries outside the EEA have differing data protection laws, some of which may provide lower levels of protection of privacy.
It is sometimes necessary for us to transfer your personal data to countries outside the EEA. In those cases, we will comply with applicable EEA laws designed to ensure the privacy of your personal data.
We may transfer your personal data to our collaborators located outside the EEA.
Under data protection laws, we can only transfer your personal data to a country outside the EEA where:
- the European Commission has decided that the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy decision’) further to Article 45 of the EU GDPR. A list of countries the European Commission has currently made adequacy decisions in relation to is available here.
- there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or
- a specific exception applies under relevant data protection law
Where we transfer your personal data outside the EEA, we do so on the basis of an adequacy decision or (where this is not available) on the basis of legally-approved standard data protection clauses issued further to Article 46(2) of the EU GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the EEA unless we can do so on the basis of an alternative mechanism or exception provided by applicable data protection law and reflected in an update to this policy.
Any changes to the destinations to which we send personal data or in the transfer mechanisms we rely on to transfer personal data internationally will be notified to you in accordance with the section on ‘Changes to this privacy policy’ below.
Transferring your personal data out of the EEA—further information
If you would like further information about data transferred outside the EEA, please contact us (see ‘How to contact us’ below).
Cookies
A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our website. We use cookies on our website. The cookies help us recognize you and your device and store some information about your preferences or past actions.
We use different types of cookies for various purposes:
- Strictly Necessary Cookies: These cookies are essential for the website to function properly. They enable core functionalities such as security, page navigation, and access to secure areas. These cookies cannot be disabled.
- Functional Cookies: These cookies help enhance website functionality and personalization, such as remembering your language preferences.
- Analytics Cookies: These cookies allow us to analyze how visitors use our website (e.g., which pages are visited most often) to improve website performance. We use tools like Google Analytics and data is processed in an anonymized way where possible.
- Marketing and Advertising Cookies: These cookies track browsing behavior across websites to deliver personalized advertisements. They may be set by third-party advertisers and require your consent.
Managing Your Cookie Preferences
Upon your first visit to our website, you will be presented with a cookie banner requesting your consent for non-essential cookies. You can:
- Accept all cookies.
- Customize your preferences.
- Reject non-essential cookies.
You can change your cookie settings or withdraw consent at any time by clicking the “Cookie Settings” link in the website footer or adjusting your browser settings.
For more details on how we use cookies and how you can control them, please contact us (see ‘How to contact us’ below).
Your rights
You generally have the following rights, which you can usually exercise free of charge:
| Access to a copy of your personal data (Article 15 of EU GDPR) | The right to be provided with a copy of the personal data we hold about you and information of how we process it. |
| Correction (also known as rectification) (Article 16 of EU GDPR) | The right to require us to correct any mistakes in your personal data |
| Erasure (also known as the right to be forgotten) (Article 17 of EU GDPR) | The right to require us to delete your personal data—in certain situations |
| Restriction of use (Article 18 of EU GDPR) | The right to require us to restrict use of your personal data in certain circumstances, eg if you contest the accuracy of the data |
| Data portability (Article 20 of EU GDPR) | The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations |
| To object to use (Article 21 of EU GDPR) | The right to object: —at any time to your personal data being used for direct marketing (including profiling) —in certain other situations to our continued use of your personal data, eg where we use your personal data for our legitimate interests unless there are compelling legitimate grounds for the processing to continue or the processing is required for the establishment, exercise or defence of legal claims |
| Not to be subject to decisions without human involvement (Article 20 Section 4 of EU GDPR) | The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you We do not make any such decisions based on data collected by our website |
| The right to withdraw consents (Article 7(3) of EU GDPR) | If you have provided us with a consent to use your personal data you have a right to withdraw that consent easily at any time Withdrawing a consent will not affect the lawfulness of our use of your personal data in reliance on that consent before it was withdrawn |
| The right to lodge a complaint (Article 77 of EU GDPR) | The right to lodge a complaint if you believe that your personal data have been violated |
For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to contact us’ below).
If you would like to exercise any of those rights, call or write to us—see below: ‘How to contact us’. When contacting us please:
- provide enough information to identify yourself (eg your full name or matter reference) and any additional identity information we may reasonably request from you, and
- let us know which right(s) you want to exercise and the information to which your request relates
Keeping your personal data secure
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine need to access it. We continually test our systems and we follow top industry standards for information security.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
Please contact us if you have any queries or concerns about our use of your personal data (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.
You also have the right to lodge a complaint with:
- our lead supervisory authority in the EEA, which is the Commissioner for Personal Data Protection in Cyprus, Address: 15, Kypranoros Street, 1061 Nicosia, P.O. Box: 23378, 1682 Nicosia, Phone: +357 22 818 456, Fax: +357 22 304 565, Email: [email protected], Website: http://www.dataprotection.gov.cy/, and
- a relevant data protection supervisory authority in the EEA state of your habitual residence, place of work or of an alleged infringement of data protection laws in the EEA
For a list of EEA data protection supervisory authorities and their contact details see here.
Changes to this privacy policy
We may change this privacy policy from time to time—when we make significant changes, we will take steps to inform you, for example via including a prominent link to a description of those changes on our website for a reasonable period or by other means, such as email.
How to contact us
You may contact us if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, or complaint via:
- Email: [email protected]
- Address: 32, Spyrou Kyprianou, VASHIOTIS JOHN MARIE, 4043 Limassol, Cyprus
Do you need extra help?
If you would like any other information or assistance please contact us (see ‘How to contact us’ above).
Thank you!
You have successfully subscribed to our newsletter.
Thank you! Your message has been successfully sent. Our representative will contact you shortly to clarify all details.
