PRIVACY POLICY

 

 1.The privacy policy

1.1 Goodnet (the "we or the "Company") respects your privacy. When you use our services, you are trusting us with your information. We understand that this is a big responsibility and we invest a great deal of effort in protecting your information.

1.2 The object of this policy is to explain to you, in a transparent way, what is the basis for processing all personal information collected from you when you visit the website at the following address: https://www.goodnet.org/ (the "Site"), in what way the information will be used, the manner of disclosing the information furnished by you to third parties and the use of "cookies" or files or tags on the Site.

1.3 The Company is committed to protecting your personal information (as defined below) in a manner that is consistent with the applicable protection laws. We will ask you to carefully read this policy together with

the Company's terms of use, and to understand the Company's position and procedures regarding your personal information and the way in which the Company will act with it.


2. The policy's confirmation by the user

Your use of the Site by registration or visiting the Site constitutes your consent to the terms and conditions of this privacy policy and the Company's procedures detailed therein, and to the Company’s collection and processing (inter alia collection, use, disclosure, holding or transfer) of your personal information pursuant to the terms and conditions of this policy. The information held by the Company about you might be held and processed through computer files and/or in written documents.

Insofar as you furnish the Company with any information about another person, you must draw this person's attention to this privacy policy.

If you do not agree to the following terms and conditions, kindly do not make any use of the Site.


3.The types of information collected

3.1 Definitions

We define “personal information” or “personal data” to mean any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, e-mail address, telephone no., an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

You hereby acknowledge that all personal information hereunder is provided at your volition and that you are not legally required to provide any personal information to the Company. If you do not agree to the terms and conditions set forth herein please do not access the Site

Anonymous information - information that does not enable the Company to contact you or identify you, and is unrelated to information that can be used for such purpose. This information includes information collected passively by your activity on the Site, such as usage data, to the extent that such information is unrelated to your personal information.

For details of the types of information collected, see paragraphs 3.3 and 3.4 below.

3.2 Your attention is drawn to the fact that you may choose not to furnish certain information to the Company (for example, by changing your cookie definitions - please see our Cookies Policy). The decision to furnish any information to the Company is in your hands; however, if you disable the option to provide certain information, the Site's characteristics that you are able to use might be restricted.


3.3 Information furnished voluntarily

Information furnished to the Company on your own initiative in the course of using the Site that is collected by us. Below are examples:

  • personal information that you feed when using the Site or registering for the Company's mailing list that includes, for example, your full name, e-mail address, telephone no. and the like;

  • correspondence with the Company - the Company might keep correspondence that has been exchanged between you for customer service, management and Site improvement purposes;

you may remove yourself from the mailing list at any time and/or request your removal by sending an e-mail request to the following address: privacy@goodnet.org


3.4 Information collected through technology

3.4.1 Log files

For the purposes of routine maintenance, analyzing traffic data and providing and improving the Site, we use log files that collect information such as IP addresses, information about browsers, cookies, Internet service providers (ISP), referral pages / exit pages, types of platforms, date / time stamps and the number and location on the page of clicks. We use this information in order to analyze trends, manage the Site, monitor aggregate user traffic, diagnose problems with our servers and collect extensive demographic information for aggregate use. This information is unrelated to other information enabling personal identification by reasonable means. We also use a service tool to monitor the user in log files in order to analyze user traffic and keep IP addresses for aggregate statistical purposes.

3.4.2 Cookies and web beacons


4. Internet technology and information analysis tool

The Company's website uses Internet analysis systems for the purpose of monitoring, marketing, advertising and otherwise (such as: Google Analytics). These systems are exposed to anonymous information only and not to personal information (as defined in paragraph 3.1 above).


5. Clickstream data

Internet browsing leaves a trail of electronic information on every website that you have visited. This information, sometimes called clickstream data, might be collected and kept on the website's server. Clickstream data provide the Company with information about the type of computer and browser software, the address of the website from which you reached the Company's Site, and in certain cases, your e-mail address. We may use clickstream data in order to determine the period of time that browsers spend on each page on the website and the manner in which they browse the Site. This information will only be used by us for the purpose of improvement and personal adaptation of the website.


6. Use and sharing of information

6.1 The Company will only process your personal information for the purpose for which you provided the information of your own initiative (such as: your request to join the mailing list, your request to find a place to volunteer, and the like). In addition, the Company may also use your personal information for analyzing data and statistics and in order to satisfy applicable law and to respond to complaints, suspected fraud or misconduct.

6.2 In addition, if and when you purchase any item on our Site, you will be asked to provide credit card and/or billing information. We will use the credit card and/or billing information provided in connection with a user’s purchase to process your order and for no other purpose.

6.3 Conveyance of information to third parties

Even though we make every effort to maintain your privacy, it is possible that we might be required, pursuant to applicable law, to disclose information provided by you when using the Site. In addition, we might share your personal information in the event that we believe in good faith that such is necessary in order to protect our interest or the interest of a third party pertaining to national security, law enforcement, litigation, criminal investigation, protection of the safety of any person or in order to prevent imminent bodily harm or death, provided that we believe that this interest is not cancelled out by your interest or the basic rights and freedoms requiring protection of your personal data. The Company may also share your personal information as required for the provision, maintenance and improvement of the Site.

In addition, we might also disclose information about persons threatening and/or who might harm us and our services (such as fraud by users, sending of threats, circulation of junk mail and the like).

6.4 Sub-contractors and service providers

We might share your information with service providers and sub-contractors working with us and/or providing certain services on our behalf in Israel and overseas, insofar as necessary for the purpose of providing the service, improving it and developing other services. In addition, we might store information in cloud services with servers located overseas. These companies may not themselves use or share information enabling personal identification that we provide other than for us or for the purpose of the Site's operation. In addition, we might engage reliable third party entities to assist in the distribution of surveys, advertising and/or content. After completion of these projects, we demand that all the information be returned to us. Finally, we, from time to time, share aggregate information with our service providers. This information does not contain information enabling personal identification by reasonable means and is used for the development of programs and content that might interest the Site's visitors.


7. International Transfers of Your Personal Information

7.1 In this Section, we provide information about the circumstances in which your personal information may be transferred to countries worldwide including inside and outside the European Economic Area ("EEA").

7.2 We have facilities in Israel and USA. "Adequacy decisions" of the European Commission have been made with respect to the data protection laws of Israel.

7.3 Transfers to countries will be protected by appropriate safeguards, namely the provisions of applicable law which relate to the protection of individuals with regards to the Processing of Personal Data to which a party may be subject including, without limitation, the Israeli Protection of Privacy Law, 5741-1981, the General Data Protection Regulation (EU) 2016/679, the Data Protection Act 1998, the Regulation of Investigatory Powers Act 2000, the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulation 2000, the Electronic Communications Data Protection Directive 2002/58/EC, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and, where applicable, the guidance and code of practice issued by the Information Commissioner’s Office from time to time, directions of any competent regulatory authority, relevant regulatory guidance and codes of practice (collectively “Data Protection Regulation”) or to the extent transfers will cross borders to outside the EEA, such transfer shall be carried out in accordance with standard contractual clauses annexed to the EU Commission Decision 2010/87/EU of 5 February 2010 for the Transfer of Personal Data to Processors established in Third Countries under the Directive (the “Model Clauses”).

7.4 The hosting facilities for our Site are situated in within Israel and USA.

7.5 You acknowledge that personal information submitted by you for transmission through the Site may be transmitted around the world via the internet for the purpose of performing the services of the Site.


8. Retaining and Deleting Personal Information

8.1 This Section sets out our data retention policies and procedures, which are designed to help ensure that the Company complies with its legal obligations in relation to the retention and deletion of personal information. The Company will retain and delete your personal information as follows:

8.2 Personal information will be retained for as long as required for us to continue providing our services, as reasonably necessary to comply with our legal obligations. Within three months from the date of our decision that we no longer need  your personal information it will be deleted from our systems, unless otherwise required under applicable law.

8.3 Notwithstanding the other provisions of this privacy policy, we may retain your personal information where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.


 9. Merger and acquisition

The Company may assign its rights and obligations and share personal information in the event of a sale and/or merger in which control of the Company and/or most of its assets and/or the Site is transferred to a third party, provided that such third party steps into the shoes of the Company for all intents and purposes relating to the provisions of this policy.


10. Information protection and security

10.1 The Company takes reasonable steps as customary in the industry to assist in protecting the security of your personal data. The Company will act in accordance with the governing law in the event of any compromise to the security, confidentiality or integrity of your personal information, and if it deems fit or if required by the governing law, we will send you notice by e-mail, SMS or through a prominent notice on the Site, as soon as possible and without unreasonable delay, insofar as such is consistent with (1) legitimate law enforcement requirements or (2) any means necessary for the purpose of determining the scope of the breach and restoring the integrity of the information system.

10.2 Even though it is not possible to guarantee information security on or off the Internet, we make reasonable commercial efforts to collect the information and secure it in accordance with the privacy policy and all the governing laws and regulations.

10.3 The Company restricts access to your personal information to persons needing access as aforesaid in order to process for it or for the purpose of doing specific work (such as: a customer service representative). These persons shall be subject to confidentiality agreements. Nonetheless, it should be taken into account that no means and/or service are absolutely safe, especially when the activity is online.

10.4 If you have any questions regarding the security of your information, you are invited to send a notice to the e-mail address noted below.


11. Data Integrity

We review our data collection, storage and processing practices to ensure that we only collect, store and process the personal information needed to provide or improve our Site. We take reasonable steps to ensure that the personal information we process is accurate, complete, and current, but we depend on our users to update or correct their personal information whenever necessary. Nothing in this privacy policy is interpreted as an obligation to store information, and we may, at our own discretion, delete or avoid from recording and storing any and all information.


12. Links

Take note that our Site includes links that lead to other sites. These sites might collect information from you enabling personal identification. This privacy policy does not include the information collection procedures or policy of such websites and/or any third party, and you alone are responsible for any use made of these links and/or services. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.


13 . Your rights

Subject to the governing law, all or some of the following rights may be available to you in connection with personal information:

13.1 access to your personal information: you have the right to obtain information and request access to the personal data that we process about you together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, and as requested or approved by you, the Company will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee. You can request to access your personal data by requesting an e-mail summary from: privacy@goodnet.org

13.2 the right to rectification - the right to ask the Company to amend or update your personal data when they are inaccurate or incomplete; You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

13.3 the right to delete- the right to ask us to delete your personal data by providing adequate evidence attesting to your identity, without undue delay. Those circumstances include: the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; and the personal data have been unlawfully processed. There are certain general exclusions of the right to deletion. Those general exclusions include where processing is necessary: for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims;

13.4 the right to restrict processing - the right to ask the Company to cease, temporarily or permanently, processing all or some of your personal data. In some circumstances you might have the right to restrict the processing of your personal data. Those circumstances are (to the extent applicable under applicable Data Protection Regulation): you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; the Company no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

13.5 the right to object or withdraw consent - the right to object to the processing of your personal data for reasons relating to your circumstances or to object to the processing of the data for marketing purposes; You might have the right to object to our processing of your personal data on grounds relating to your particular situation (to the extent applicable under applicable Data Protection Regulation). If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.

13.6 Any other right prescribed in the applicable Data Protection Regulation.

13.7 To the extent that the legal basis for our processing of your personal data is consent, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

13.8 If you consider that our processing of your personal data infringes Data Protection Regulation, you have a legal right to file a complaint with a supervisory authority responsible for data protection.

13.9 To the extent that the legal basis for our processing of your personal data is consent you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

13.10 Insofar as you wish to exercise your rights as noted above, we would ask you to send an e-mail to the following e-mail address: privacy@goodnet.org, with details enabling us to verify your identity.

 

14. California Online Privacy Protection Act

14.1 CalOPPA is the first state law in the nation to require commercial websites and apps and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates an app and/or website collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its app and/or website stating exactly the information being collected and those individuals or companies with whom it is being shared.

14.2 According to CalOPPA, we agree to the following:

(a) Users can visit Company’s Site anonymously.

(b) Once this Privacy Policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our Site.

(c) Our Privacy Policy link includes the word 'Privacy' and can easily be found on the page specified above.


15. COPPA (Children Online Privacy Protection Act)

15.1 When it comes to the collection of personal data from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

15.2 We do not market to children under the age of 13 years old, and 13 year olds are prohibited from using this Site without proper consents from guardians.

 

16. Fair Information Practices

16.1 The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

16.2 In order to be in line with Fair Information Practices We will take the following responsive action, should a data breach occur:

16.2.1 We will notify you within the time required by applicable law, but no later than seven business days from becoming aware of any such breach.

16.2.2 We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only those individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

 

17. CAN SPAM Act

17.1 The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

17.2 We collect your email address in order to:

17.2.1 Send information, respond to inquiries, and/or other requests or questions.

17.2.2 Send you additional information related to the Services.

17.2.3 Market to our mailing list or continue to send emails to our clients after the original engagement has occurred.

17.3 To be in accordance with CANSPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.

  • Identify the message as an advertisement in some reasonable way.

  • Include the physical address of our business or site headquarters.

  • Monitor third-party email marketing services for compliance, if one is used.

  • Honor opt-out/unsubscribe requests quickly.

  • Allow users to unsubscribe by using the link at the bottom of each email.


18. Enforcement

The Company regularly reviews its compliance with this privacy policy. Please feel free to direct any questions or concerns regarding this privacy policy or our treatment of personal information by contacting us as provided below. When we receive formal written complaints it is the Company's policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal information that cannot be resolved between the Company and an individual.


19. Children

The Company does not knowingly collect identifying personal information from children under the age of 18. Users under the age of 18 must obtain consent from a parent or guardian to view the Site. If we learn that a child under the age of 18 has given identifying personal information on the Site, we will make reasonable efforts to remove this information from the Site's files. The Company's services are not directed at children under the age of 18 and the Company does not wish to receive personal information from children. Insofar as you believe that the Company has been furnished with information by a child, kindly contact us at the following address: privacy@goodnet.org


20. Consent to Processing

By providing any personal information to the Company pursuant to this privacy policy, all users, including, without limitation, users in the United States, Israel and member states of the European Union, fully understand and unambiguously consent to this policy and to the collection and processing of such personal information abroad. The server on which the Site is hosted and/or through which the Site is processed may be outside the country from which you access the Site and may be outside your country of residence. Some of the uses and disclosures mentioned in this privacy policy may involve the transfer of your personal information to various countries around the world that may have different levels of privacy protection than your country. By submitting your personal information through the Site, you consent, acknowledge, and agree that we may collect, use, transfer, and disclose your personal information as described in this privacy policy. You hereby acknowledge that your consent is provided at your volition and not due to a legal obligation.


21. Changes in the privacy policy

We may change the privacy policy at any time. In the event of a change in our privacy procedures, we will change this document so that you can know what information we are collecting, how we might use it and to whom we might disclose it. We will notify you of any material change in this privacy policy by publishing a prominent notice on our Site and in the event that we wish to also apply this change to information that you have already given to us, we will send you a notice requesting your consent thereto. We recommend that you read this declaration from time to time in order to obtain information on the way in which we protect your information.


22. Law and Jurisdiction

22.1 The law that applies to activity on the Site and the Privacy Policy is the law of the State of Israel alone.

22.2 Exclusive jurisdiction to hear any dispute regarding the Site and/or the Privacy Policy and anything deriving thereunder is conferred to the competent court in the district of Tel Aviv-Jaffa, Israel.


23. Contact

Thank you for reading our privacy policy. If you have any questions regarding this policy, kindly contact the Company's data protection officer at the following address: privacy@goodnet.org