How we handle personal data
The Kvinna till Kvinna Foundation values your privacy and processes your personal data lawfully, transparently and securely. Below, we explain what personal data we collect via our international website, why we collect it, how we use it, how long we keep it, the legal base for collection of personal data and your rights under the EU General Data Protection Regulation (GDPR).
What personal data do we process, and why?
We only collect personal data that you voluntarily provide in the following way:
- Our newsletter sign-up forms
- Our contact forms
- Our anti-corruption reporting form
We also collect technical data (e.g. browser type, device, IP address, cookie preferences) for basic functionality and anonymised analytics.
Below you find more structured information about our collection of personal data:
Purpose | Legal Basis | Examples of Personal Data | Storage Period |
Newsletter distribution | Consent | Email address | Until you unsubscribe |
Contact form responses | Legitimate interest | Name, email address, message content | 24 months after submission |
Anti-corruption reporting | Legitimate interest / legal obligation* | Name (if provided), phone number, message content | Varies depending on case |
Website functionality | Legitimate interest | Browser/device info, IP, cookies | As long as necessary for performance |
*Reports submitted via our anti-corruption form are treated with strict confidentiality. Anonymous reporting is also possible.
Cookies and web analytics
We use cookies on our website to improve your user experience. Cookies are small text files stored on your device that help us understand how visitors use our website.
We use aggregated, anonymised analytics for basic statistics and optimisation purposes. No data is used for marketing, retargeting or profiling.
See our cookie notice for more details.
Do we share your personal data with others?
We do not sell or share your personal data for marketing purposes.
We use third-party service providers (such as Mailchimp for newsletter distribution), which means we may share necessary personal data to carry out our communication with you. All such providers act as data processors and are contractually bound to handle your data securely and in compliance with the GDPR.
Sometimes personal data may be transferred outside the EU/EEA because of technical reasons. If so, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses) to protect your personal data.
Your rights under the GDPR
You have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Be erased (“right to be forgotten”)
- Restrict processing under certain circumstances
- Object to processing based on legitimate interest
- Withdraw consent at any time
- Data portability, when applicable
To exercise any of these rights, please contact us at: gdpr@kvinnatillkvinna.se
Complaints
If you believe your personal data has been mishandled, you may contact us directly. You also have the right to file a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY): imy.se/en/
You can also lodge a complaint with your national data protection authority, which you can find listed here if you are based in the EU. If you are based in the UK, you can lodge a complaint with the Information Commissioner’s Office, here.
Updates to this policy
We may update this privacy notice when necessary. Significant changes will be communicated via our website or, where applicable, via email or other direct channels.