NRC’s Privacy Statement
We process personal data in accordance with the EU General Data Protection Regulation (GDPR). We store data on how you use our services when this is necessary for us to provide you with the best possible service, such as when you place orders, when we send you a delivery and any other contact we may have with you. We also use this data to generate statistics and understand trends, as well as to improve, offer, and develop our products and services. As a data subject in our systems, you have the right to gain access to your personal data and, within the framework of the law, request that this data be corrected or deleted if it contains omissions or is incorrect.
1. PERSONAL DATA
The Norwegian Refugee Council (NRC) takes privacy and security seriously. At the same time, we want to give you the best possible user experience when you visit our website.
NRC is the data controller for the collection and use of personal data, and we process personal data in accordance with the Norwegian Personal Data Act. The data controller has overarching responsibilities and obligations under the Personal Data Act.
2. WHAT DO WE USE THIS PERSONAL DATA FOR?
NRC collects personal data based on your consent when you make a donation or subscribe to newsletters, when we follow up and have dialogue with our users and our supporters, and when we send out marketing products and other information about NRC. We collect your e-mail address and/or your phone number so we can send you a confirmation that your donation has been received – and to inform you of the work we do for the money we collect.
If you are a regular donor to NRC, we can improve your user experience on our website and make the marketing materials we send out more relevant to you. NRC processes your personal data for marketing purposes in accordance with applicable laws, including laws regarding obtaining consent for electronic marketing.
If you have been a donor, we will, based on legitimate interests and in accordance with the GDPR and Norwegian bookkeeping laws, store your contact details for a 3-year time period. We may use this data in order to provide you with information about NRC’s work and further support opportunities. If you wish to reserve yourself against future contact, please contact us to let us know. You can do this by emailing firstname.lastname@example.org.
3. PROCESSING OF PERSONAL DATA
You will be notified before we collect data about you, and you can choose what kind of information we can keep and for what purpose. Personal data can be your name, address, telephone number, e-mail address, age, donor information and payment details.
If you support us with an amount between NOK 500 and NOK 25,000, you can provide us with your national identity number to receive a tax deduction based on the amount of your donation. NRC is required by law to collect national identity numbers for tax deductions, and we use national identity numbers to ensure that our supporters and donors receive tax deductions for their donations. We do not register or store national identity numbers on our websites or communicate them to anyone other than the tax authorities.
NRC is subject to a duty of confidentiality and does not sell personal data to third parties.
4. REGISTRATION, CHANGE OF INFORMATION, DEREGISTRATION ETC.
NRC obtains personal data when you register as regular donor, when you make a single donation or when you register for our newsletter. This can take place through our websites, text messages, Vipps, fundraising campaigns on Aidbuilder, when you are registered by our street canvassing team or via a postal bank giro. You have the right to receive information about the collection, use, processing and protection of your personal data.
If you have any questions regarding the above policies or would like us to update, change, or delete any personal data that we have registered about you and/or communication channels that we can use to get in contact with you, please contact us at email@example.com or call us on +47 800 33 503 (10:00 am – 2:00 pm CET, Monday-Friday).
NRC has implemented a number of security measures to ensure that our internal procedures comply with the security standards required by applicable data protection legislation. NRC works constantly to protect your personal data in the best possible way.
NRC considers the information about our work and the refugee situation in general on our own websites as reliable. Nevertheless, we cannot guarantee that the information is correct, complete or available at all times. NRC thus assumes no liability for errors and omissions on, or lack of availability of, our websites. Further, NRC assumes no liability for the material prepared or published by third parties, even if our websites contain links to other websites.
6. YOUR RIGHTS
You have the right to access data about you that is processed by NRC, with certain statutory exceptions. You also have the right to object to the collection and further processing of your personal data. In addition, you always have the right to have potentially incorrect personal data corrected or deleted.
7. PERSONAL DATA AND THIRD PARTIES
NRC uses digital third-party solutions. Some of these actors are data processors and are subject to data protection legislation. They have separate agreements with NRC regarding data processing and related security measures.
NRC uses third parties such as
- Episerver (login, personalisation of content)
- Google Analytics (statistics)
- Google Tag Manager (organisation and scripts on the website)
- Facebook insights (advertising)
- ClickDimensions (newsletters)
- Mailchimp (newsletters)
- Smugmug (image database)
- iRaiser (fundraising campaigns)
- Wix (web development services)
- Salesforce (customer relations management)
NRC will process and store your personal information as long as it is necessary and permitted under applicable data protection legislation. If you would like more information, please contact us at firstname.lastname@example.org.
Norwegian law regulates any circumstances or disputes that may arise in connection with the use of the website.
10. DATA PROTECTION OFFICER AND CONTACT DETAILS
The Data Protection Officer for the processing of personal data in NRC is Shadab Khan. The Data Protection Officer can be reached by e-mail at: email@example.com.
The Data Protection Officer assists the person who is responsible for the company’s processing of personal data (data controller) in the work of safeguarding the privacy of all members, volunteers, employees and donors.
Contact NRC's donor service
Phone: +47 800 33 503 (10:00 am – 2:00 pm CET)