Privacy policy

This Privacy Policy describes how the Elixir Association collects, uses and protects the personal data of donors, beneficiaries and all individuals who interact with our organization. We are committed to respecting the privacy of your data and protecting their rights under the European Union's General Data Protection Regulation (GDPR).

1. Personal data collected

We collect personal data depending on the nature of your interaction with our association. This may include:

• Full name
• Your e-mail address and telephone number
• Adresa de domiciliu (dacă este necesar pentru livrarea de servicii)
• Financial details for processing donations (e.g. banking information)
• Data about your preferences and interests related to our work (to improve the collaboration experience).

2. Purposes of data processing

We use your data to:

• Manage donations and keep in touch with our donors;
• Provide information about our projects and the impact of our work;
• Ensure compliance with legal and regulatory requirements;
• Improve our services and communication with our supporters and beneficiaries.

3. Legal basis for data processing

The processing of your data is based on your consent (in the case of marketing communications), the performance of a contract (for the provision of services) and legal obligations to which the association is subject.

4. Data distribution and transfer

We do not sell, rent or distribute your data to third parties, unless we work with third party partners to carry out the activities of the association. In all cases, we ensure that these third parties provide an adequate level of protection for your data.

5. Rights of data subjects

Under the GDPR, you have the following rights:

• Right of access to your personal data;
• Right to rectify incorrect data;
• Right to request deletion of data under certain conditions;
• Right to restrict processing;
• The right to data portability;
• The right to object to data processing, in particular for marketing purposes;
• Right to complain to the supervisory authority.

In order to exercise any of these rights, you can contact us at [the association's e-mail address].

6. Data security

We implement technical and organizational security measures to protect your data against unauthorized access, accidental loss, destruction or alteration.

7. Data retention period

Your data is kept as long as it is necessary for the purposes mentioned above or as required by applicable legal requirements. After the legal time limits have expired, they will be deleted or anonymized.

8. Changes to the privacy policy

We reserve the right to update this privacy policy. Any changes will be notified on our website and, as appropriate, through other communication channels.