GDPR policy
Collection of Information, Purpose, and Legal Basis
Members, Volunteers, and Donors
The association collects names, phone numbers, and email addresses from supporting members and volunteers. For volunteers, information about a contact person is also collected.
From donors, the association collects names, addresses, and the donation amount for thanking purposes and for potential targeted fundraising in the future.
Clients
The association primarily stores names, contact information, and information about the circumstances leading the individual to seek support. The purpose of storing support seekers' personal information can be varied and specific to the individual, but the overarching goal is to provide the support and help the individual has expressed a desire for. Only the information necessary to achieve the purpose of storage (providing requested support) is retained. For individuals placed in our protected housing through social services, relevant regulations are followed.
Access to Information
Only employees and, to a limited extent, volunteers have access to the collected information. Individuals who have provided personal data have the right to access their data upon request. They have the right to know what information we have stored, why we have this information, who has access to it, and how it is stored and used. Individuals can withdraw consent to the storage of information at any time, and we immediately delete the information unless there are legal obstacles. Individuals can also request correction of information.
Stored information is shared with a third party only if required by law.
Storage, Retention, and Security Measures
Storage occurs on employees' computers, cloud services, employees' phones and calendars, and in physical form in a fireproof cabinet. Retention follows established procedures to ensure that information no longer necessary for the purpose of storage is deleted or de-identified. Information collected for annual statistics is deleted yearly after recording the statistics.
For individuals placed in our housing under social services laws, and cases where journaling is done following the same procedures, documents are deleted five years after the last entry in the record.
For other documents such as employment contracts, payroll records, and other administrative documents, specific retention periods apply according to archive and accounting laws. Documents that should be archived are deleted after five years. When a member leaves the association and when a volunteer completes their assignment, their information is deleted.
To ensure that unauthorized individuals do not access stored information, employees follow security storage procedures developed based on risk and security assessments.
Data Controller
The association, as a legal entity/activity manager/board, is responsible for processing personal data within the organization.
If you want more information on how we handle personal data, or if you have provided information to us that you have questions about or want us to correct or delete, you are welcome to contact.
