Personal Data Processing / Privacy Notice
The Novo Nordisk Haemophilia Foundation (NNHF) is required by law to protect your personal data. This Notice explains how we process (e.g. collect, use, store, and share) your personal data. We will process any personal data about you in accordance with this Notice, which is based on the Swiss Data Protection Act (DPA) and General Data Protection Regulation (GDPR).
Table of contents
- Who are we?
- How do we collect personal data about you?
- Why do we process your personal data?
- What personal data do we process about you?
- Why are we allowed by law to process your personal data?
- How do we share your personal data?
- How do we transfer your personal data outside of the EU/EEA?
- How long will we keep your personal data?
- What are your rights?
- Cookies and other Tracking Tools
- Social media websites
Who are we?
The organisation responsible for processing your personal data is:
Novo Nordisk Haemophilia Foundation
Telephone: +41 43 222 4300
You can always contact us with questions or concerns about how we process your personal data.
How do we collect personal data about you?
We get your personal data from the following sources:
- From you directly, for example:
- When you submit a funding application to NNHF
- When you visit our website
- When you sign up for our newsletter or events
- If you participate in a survey
- From publicly available publications, websites, or social media
- From our electronic newsletter service provider Mailchimp
- From the donation processing platform Stripe
Why do we process your personal data?
We process your personal data for a specific purpose and only process the personal data which is relevant to achieve that purpose. We process personal data about you for the following purposes:
- To manage our relationship with you
- To analyse data for impact measurement purposes
- To meet transparency obligations
- To coordinate a conference or event
- To communicate the impact of NNHF activities
- To respond to your questions or request for information
- To manage our IT resources, including infrastructure management
- For archiving and record keeping
- For billing and invoicing
- To receive your donation for a NNHF project
- To reimburse you (if applicable)
- To verify compliance with internal guidelines and procedures, with business goals and values, and with laws and regulations
- To limit fraud
- For any other purposes imposed by law and authorities.
You are not required to provide us with your personal data. If you do not want Novo Nordisk Haemophilia Foundation to use your personal data, we will not be able to include you in our communications programmes or reporting.
What personal data do we process about you?
For the purposes described above, we may process the following types of personal data:
- Business contact information (business name, address, telephone number, email address, position, department);
- Private contact information (name, address, telephone number, email address);
- CV and other background biographical information;
- Financial information (bank account number, credit card/online payment information);
- Government identification number (e.g. social security number, passport number);
- Data revealing ethnic origin;
- Data concerning health;
- Data on memberships and associations;
- Data concerning your use of the website from temporary log files, such as IP address, date and time of access, website from which the access was made, name and URL of the retrieved file, search queries performed, the operating system of your computer, internet browser used, device type when accessing by mobile phones, and transmission protocol
Why are we allowed by law to process your personal data?
Our processing of your personal data requires a legal basis. By law, we can process your personal data described above based on the following legal bases:
- You gave consent for us to process your personal data. If you gave us consent to process your information, you may revoke your consent at any time.
- To enter into or execute a contract with you.
- The processing is necessary for our legitimate business interests and does not unduly affect your interests or fundamental rights and freedoms.
- The processing is necessary for our compliance with a legal obligation.
Some of our legitimate interests are: maintaining our IT infrastructure, network stability and security; compliance with business goals; compliance with legal obligations; transparency and communication/reporting of NNHF activities to our stakeholders.
With whom do we share your personal data?
We may share your personal data with third party service providers such as:
- Suppliers or vendors that assist our company (e.g. consultants, IT service providers, financial institutions, law firms)
- Volunteer healthcare professionals
- Parties that have indicated they are interested in learning more about the impact of our organization
- Any third party to whom we assign or novate any of our rights or obligations
- Our advisors and external lawyers in the context of the sale or transfer of any part of our business or its assets
How do we transfer your personal data outside of the EU/EEA?
Your personal data may be processed, accessed or stored in a country outside Switzerland, which may not offer the same level of protection of personal data.
We therefore use the following safeguards, as required by law, to protect your personal data in case of such transfers:
- EU Adequacy Decisions. For transfers to countries deemed by the EU Commission to have an adequate level of protection of personal data
- EU Standard Contractual Clauses for the Transfer of Personal Data to Third Countries. You can get a copy of the Clauses by contacting us as described in Section 1
- The EU-US Privacy Shield Framework for transfers to Privacy Shield-certified and US-based companies and organisations. More information and a list of Privacy Shield-certified companies and organisations are available at https://www.privacyshield.gov/welcome.
How long will we keep your personal data?
We will keep your personal data for as long as needed for our communications programmes and record keeping obligations.
What are your rights?
In general, you have the following rights:
- You can get an overview of what personal data we have about you
- You can get a copy of your personal data in a structured, commonly used and machine-readable format
- You can get an update or correction to your personal data
- You can have your personal data deleted or destroyed
- You can have us stop or limit processing of your personal data
- If you have given consent for us to process your personal data, you can withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent
- If you wish to file a complaint about our processing of your data, you can contact the Swiss Data Protection Authority or the Data Protection Authority in your country
Under applicable law, there may be limits on these rights depending on the specific circumstances of the processing activity. Please contact us using the information in Section 1 with questions or requests relating to these rights.
Cookies and other Tracking Tools
Mailchimp, our electronic newsletter service provider uses web beacons, which are tiny invisible graphics, to measure newsletter opens, to measure clicks, and to determine the country where the newsletter is opened.
Social media websites
Before clicking on the corresponding link or plug-in, no personal information is transmitted to the respective provider. Your visit to the linked page is also the basis for data processing by the respective provider. We do not have control over the data processing operations, nor are we aware of the full scope of the data collection, the purposes of the processing, and the retention periods. We also have no information about the deletion of the data by the plug-in providers.
You can subscribe online to our electronic newsletter. Should you later decide not to receive newsletters, you may terminate the subscription at any time with effect for the future by revoking your consent. The revocation takes place for e-mail newsletters via the link provided at the bottom of the newsletter. Alternatively, please contact us using the information in Section 1.
Information about cookies
A cookie is a small text file that is placed on your computer or other device. Cookies makes it possible for us to recognize your computer and gather information about which pages and functions are visited with your computer.
Cookies are used by most websites and are in many cases essential for the website to work as intended.
Cookies on this website
You can read more about the cookies we use under the three tabs. The cookies are divided into categories and you will find information about their name, expiration, purpose and company.
|moove_gdpr_popup||365 days from set / update||NNHF.org||This cookie is neccesary in order to ensure compliance with current Data privacy laws. This cookie is used to record if a user has allowed cookies to be placed on their computer.|
|__stripe_mid||1 year from set / update||Stripe||This cookie is necessary because it enables NNHF to accept donations.|
|__stripe_sid||24 hour from set / update||Stripe||Sets a value to track User metrics|
|_ga||2 years from set / update||Google Analytics||Stores the unique ID of the user.|
|_gid||1 year from set / update||Google Analytics||Used to monitor performance of the website.|
|_gat||24 hour from set / update||Google Analytics||Used to throttle the google analytics request rate.|
How to disable cookies in your browser
If you block cookies in your browser, your device will not be tracked when you visit our website. However, please note that by declining cookies some functionality on our website may not work correctly.
Modify the statistics cookie description:
Cookies in this category are used to collect data on how the website is being used. The data is used to decide how to optimize the website. The data collected is used primarily internally.
We use Adobe Analytics and Google Analytics with their respective IP masking features which means we do not record your specific IP address. If you wish to disable Google Analytics, you can download the appropriate browser add-on at http://tools.google.com/dlpage/gaoptout.