1. About this Privacy Notice
At MSF we make sure we protect the information you give us. References to “we” or “us” are to MSF International Association, rue de Lausanne 78, Case Postale 1016, 1211 Geneva 1, Switzerland, federal identification number CH-660.1.555.004-1, email@example.com.
This privacy notice is written in accordance with relevant data protection legislation including the Swiss regulation on data protection and the General Data Protection Regulation.
This privacy notice sets out how the MSF International Association collects, uses and stores personal data via its website www.association.msf.org.
If you’ve any questions please contact us using the details above or our Data Protection Focal Point at Dataprotection.IO@geneva.msf.org.
2. When do we collect information about you?
We collect information:
· when you give it to us directly
· when you give it to us indirectly
· when you give it to us via social media
· when you use our websites or apps, through cookies
We collect or may collect your information directly when you:
- apply to become a member of the Movement-Wide Association
- communicate with us
- sign up for one of our events, in person or online
- sign up for email newsletters or generally request to receive information
- join and leave a comment on our social media channels
We may get your personal information from other MSF associations with your consent. Please check their privacy policies when you give them your information.
We may get information about you from your social media accounts or services. Facebook and Twitter are examples. We can do this if you have decided to join our closed Facebook group, and/or have set your account settings to give us permission. Please check your settings and their privacy policies for more details.
We use “cookies” to identify you when you visit our website.
What are cookies?
Cookies are small text files that are transferred from the website to your computer, phone or tablet. Websites store cookies on your internet browser (Chrome, Firefox or Internet Explorer, for example) when you visit. Every time you return to the site and navigate around it picks up these bits of information. There are several types of cookie and they each have different functions and uses. Some cookies can be really helpful and most websites rely on them in order to work properly and to understand what their users do when they visit.
Types of cookies
The four categories, from the least to the most intrusive, are:
1. Strictly necessary. These cookies let you move around the website and use areas like the membership form, log in and e-news sign up. They don't gather information about you that could be used for marketing or remember where you've been on the internet. These cookies only last until you close your browser.
2. Performance. These cookies help us understand how you use our website and if users have had any problems. They also let us know if you see one of our adverts online or click on our banners.
The information they gather is anonymous. We only use the information to improve the way the Website works.
3. Functionality. These cookies remember any choices you've made on a website. This could be changing the text size, preferences or colour. They can also remember if you've already completed a survey. They can’t track you on other websites.
4. Targeting. These cookies collect info for third parties and remember what you looked at on a website. They’re used for things including ‘Like’ and ‘Share’ buttons, as well as online advertising. Do you see ads for things you've looked at online appear on random websites? It's because of targeting cookies.
What cookies do we use?
Google Analytics: We use Google analytics to see how our site is performing e.g. what articles are read, how many people applied for membership and where visitors come from. Google analytics collects no personal data or IP addresses.
We also use some drupal-related cookies:
- Drupal.tableDrag.showWeight: configuration cookie for Drupal panel
- Drupal session cookie - enables logging in of users.
- Drupal.visitor - used to prepopulate form fields with information from the visitor cookie.
You can control and/or delete cookies at any time. You can also get rid of all the cookies already on your computer. Most web browsers automatically accept cookies, but you should be able to change your browser to prevent that. If you want to know how to do this please look at the help menu on your web browser. Further information is available on the following websites:
Microsoft Internet Explorer™: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
Further, most third party providers offer modules or proceedings allowing you to opt out from data collection.
3. What information do we collect?
If you sign up to join to Movement-Wide association (MWA), we’ll usually collect:
- Your first name
- Your last name
- The language in which you prefer to use the website (French or English)
- The date when you requested to join the MWA
- Whether you have international experience
- Whether you have a medical background (means all professions that have, during initial training and later practice, a practitioner-patient relationship)
- The name and email addresses of two references, that can attest that you meet the criteria to become a member
- The languages you speak
- Your MSF email address and personal email address
- The way you prefer to be contacted (phone, email)
- Your phone number
- Your country of origin
- Information about the way you access the internet (from office, home, internet café…)
- Whether you have a cellphone and whether you have a smartphone with internet access
- Information about your current or previous work experience with MSF or MSF Association memberships.
If you contact us by email we'll usually collect your:
- Phone number
If you register for one of our events, notably the IGA, we will usually collect:
- Your name
- Your Email address
- Your phone number
- Your role or position (as MSF staff or member)
- Information about your office or the MSF association(s) you are part of
- Your travel dates
4. How do we use your information?
As a general rule, your personal data will not be used for any other purpose than those for which they were voluntarily provided to us. Your personal data are shared or transferred to third parties if such sharing or transfer is authorized by you or required to achieve the purposes for which you have provided them to us. It means that we may share your personal data with service providers, who help assist us in fulfilling our purposes. For instance, by consenting to receive our updates, you consent that your personal data (name and email) be processed for the purpose of sending you emails. Personal data may also be shared with third parties when required by law or by a court order.
We use your data to:
- Respond to your questions and requests
- process your membership request
- keep a record of your associative engagement with us
- send you updates, invitations and various types of communications
- register you for events and plan events accordingly
- understand how we can improve our services and information
- give you access to information and comply with MSF statutory obligations
- analyse our membership and associative activity
How we use your data depends on why you’re providing it:
ONLINE FORMS AND FEEDBACK
We’ll use your personal information to respond to your questions, requests, process your membership application to the Movement-Wide Association, or register you for events.
We may use publicly available information from your profile to target you with specific posts that may interest you. We’ll never ask for personal or sensitive information on social media. We may repost or share your posts on social media if it relates to MSF and our work. We may respond to questions, queries or comments left on our social media channels. We may use information found on your profile to help us answer these.
Check your social media accounts if you want to change the information you make public.
5. Who has access to your data?
Your information is only accessible by trained staff. We regularly review who has access to your information. As a general rule, your personal data will only be accessible insofar as it is necessary to fulfill the purpose for which it was collected. For instance, the data you provide for membership application may be accessible to other MSF associative departments and references for the purpose of processing your application. We do comprehensive checks on any contractors before we work with them.
We use other companies to help us manage and store personal data and to carry out certain activities on our behalf. Our main data processors are listed below, but we may enlist the services of others from time to time:
- Computer rocks (developers): MSF international associative website (and database) is technically maintained by the digital company ComputerRocks
- Nine (Servers): MSF international associative database is stored on a server hosted by Nine
- Mailchimp: MSF International associative information is sent to the Movement-Wide Association membership though the newsletter sending platform Mailchimp
- Vimeo: Videos from MSF International online and in-person events are stored on the video platform Vimeo
- Google forms: online (registration) forms for MSF associative events are provided through the Google platform
- SurveyMonkey for online surveys
- Livestream.com or other streaming services
- Tibbr – internal “social media” platform, to allow members to update their profiles and use interactive functions (Like and comments)
- Electionbuddy for online voting (election of the MWA observer at the IGA)
We operate globally and may have a need to transfer certain data to countries outside the EEA. In the event the country where the data is transferred does not provide an adequate level of protection, we make sure to implement technical and organizational measures to protect your data. Should you have any questions in this respect we please contact us at firstname.lastname@example.org.
6. How do we keep your information safe?
We use reasonable precautions to protect your Personal Information and to store it securely.
We use appropriate technical and organisational measures and precautions in order to protect your personal data and to prevent the loss, misuse or alteration of your personal data.
We have lots of technical measures, eg we encrypt our online forms, we apply latest security updates to our software packages, and we use industry standard SSL certificates.
While we make sure to keep your data safe, no data transmission over the Internet is 100% secure. We can't guarantee the security of any information you send us and you do so at your own risk.
7. How long do we keep your information?
We keep your information for as long as it’s necessary in connection with the purposes defined above in “How do we use your information?”
For instance and as a general rule, we keep your email for the purpose of sending you Newsletters until you unsubscribe.
If you request to receive no further contact from us, we'll keep only the basic information about you on our suppression list in order to avoid sending you unwanted materials in the future.
8. Our legal basis for processing personal data
Organisations need a lawful basis to collect and use personal data under data protection law. The law allows for six ways to process personal data (and additional ways for sensitive personal data). Three of these are relevant to the types of processing that MSF carries out:
- A person’s consent (e.g. to send you direct marketing by e-mail or SMS);
- Processing that is necessary for compliance with a legal obligation (eg to process a gift aid declaration); and
- Our legitimate interests (please see below for more information).
Our legitimate interests include:
- Charity Governance; including delivery of our charitable purposes, statutory and financial reporting and other regulatory compliance purposes;
- Administration and operational management; including responding to solicited enquires, providing information and services, research, events management, the administration of volunteers and employment and recruitment requirements.
If you'd like to change our use of your personal data in this manner, please get in touch with us using the details above.
9. How can you change your information and what are your rights?
Contact us at email@example.com if you'd like to change or update your personal information.
You have a number of rights under data protection legislation:
- You can request any information we hold on you. Email us at firstname.lastname@example.org and ask for it in writing. You may be asked for proof of identity. You have the right to ask us to stop using or to restrict the processing of your personal data.
- You can withdraw your consent to us processing your data at any time (where such processing is based on consent eg to send you electronic updates on our activities).
- If you believe our records are inaccurate you have the right to ask for those records concerning you to be updated. To update your records please get in touch with us using the details above.
- In accordance with the provisions of the General Data Protection Regulation, you have a right to erasure (“to be forgotten” i.e. to have your personal data deleted from our database). Note for MWA members: the right to erasure is only possible for MWA members whose membership has been cancelled. If you have any concerns about the way your data is being used or if you’d like to make a complaint please contact us using the details above. You are entitled to file a complaint about how MSF treats your data by directly contacting: Préposé Fédéral à la Protection des Données et à la Transparence (PFPDT); Feldeggweg 1; CH-3003 Berne.Phone number: +41 (0)58 462 43 95
10. When do we update this notice?
We change this Privacy Notice when we need to. If we make any significant changes in the way we treat your personal information we’ll make this clear on our websites or by contacting you directly.
Last updated on 4 October 2018
Any all rights on this document belong to MSF. Any reproduction, without written consent, is strictly forbidden.