The following privacy notice provides information on how your personal data is collected and processed by our website www.thecoronaviruschallenge.com. The Coronavirus Challenge is the data controller and is responsible for the persona data collected. When you provide us with your personal data, you warrant to the Coronavirus Challenge that you are over 13 years of age.
1.0 Policy Statement
The Coronavirus Challenge is committed to protecting personal data and respecting the right our data subjects; the people whose personal data we collect and use. We value the personal information entrusted to us and we respect that trust, by complying with all relevant laws, and adopting good practice.
We process personal data to help us:
- a) maintain our list of members
- b) provide good and/or services to our members
- c) recruit, support and manage staff and volunteers;
- d) undertake research
- e) maintain our accounts and records
- f) promote our goods and/or services
- g) respond effectively to enquirers and handle any complaints
Our contact details are as follows:
Full name of legal entity: The Coronavirus Challenge, Sereniti Partners LTD, ACT, Oliaji Trade Centre – 1st Floor, Victoria, Mahe, Seychelles
Email address: [email protected]
Postal address: The Coronavirus Challenge, Sereniti Partners LTD, ACT, Oliaji Trade Centre – 1st Floor, Victoria, Mahe, Seychelles
2. Why this policy is important
2.1 The Coronavirus Challenge is committed to protecting your personal data. This policy sets out the measures we are committed to taking as an organisation and, what each of us will do to ensure we comply with the relevant legislation.
2.2 In particular, we will make sure that all personal data is:
- a) processed lawfully, fairly and in a transparent manner;
- b) processed for specified, explicit and legitimate purposes and not in a manner that is incompatible with those purposes;
- c) adequate, relevant and limited to what is necessary for the purposes for which it is being processed;
- d) accurate and, where necessary, up to date;
- e) not kept longer than necessary for the purposes for which it is being processed;
2.3 It is imperative that the information we hold about you is up to date and accurate. If at any time your personal information changes, please contact [email protected]. You can also update your contact details by clicking on the Manage Your Subscription preference in our emails.
3. Details of the Data We Collect About You
Personal data pertains to any information that can identify an individual. Anonymised data is not included.
The following are categories of personal data we may process about you:
Such data is inclusive of communication that you send the Coronavirus Challenge through email, social media postings, social media messaging or any other communication that you send us. Our lawful ground for this processing is for the purpose of replying to your communications with us, for record keeping as well as for the establishment, pursuance or defense of legal claims.
Such data is inclusive of data relating to the purchase of our goods and/or services such as your contact details, title, name, billing address, delivery address, phone number, email address, purchase details and your card details. This data is processed in order to supply the goods and/or services purchased and to keep records of these transactions. Our lawful ground is our legitimate interests of the performance of a contract between yourself and the Coronavirus Challenge and/or taking the required steps at your request to enter into such a contract.
When you submit information to us regarding goods and/or services via an enquiry, we may process the information for the purpose of offering, marketing and selling relevant goods and/or services to you. The lawful basis for this processing is consent.
Is inclusive of data about how you use our website and any online services as well as any data that you post on our website or through other online services. This data is processed to operate our website, to ensure the relevant content is provided to you, to ensure the security of our website and to maintain backups of our database and website and to permit the administration and publication of our website. The legal ground for this processing is our legitimate interests which are to allow us to administer our website and business appropriately.
Is inclusive about preferences regarding receiving marketing from us, any third parties and your communication preferences. This data is processed to enable you to participate in our promotions, to deliver relevant website content and to measure the effectiveness of this promotion. The legal ground for this processing is our legitimate interests to grow our business, to study how our customers use our goods and or services and to decide on market strategy.
The Coronavirus Challenge does not collect any Sensitive Data about you. Sensitive data is inclusive of any of the following information:
- a) Racial or ethnic origin;
- b) Political opinions;
- c) Religious or similar (e.g. philosophical) beliefs;
- d) Trade union membership;
- e) Health (including physical and mental health, and the provision of health care services);
- f) Genetic data;
- g) Biometric data;
- h) Sexual life and sexual orientation.
Other data may also be considered ‘sensitive’ such as bank details, but will not be subject to the same legal protection as the types of data listed above.
How We Collect Your Personal Data
We may receive data from third parties such as analytics providers such as Google based outside the EU, advertising networks such as Facebook based outside the EU, such as search information providers such as Google based outside the EU, providers of technical, payment and delivery services, such as data brokers or aggregators.
We may also receive data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.
4. Marketing Communications
The Coronavirus Challenge will comply with the rules set out in the GDPR, the Privacy and the electronic Communications Regulations (PECR) and any laws which may amend or replace the regulations around direct marketing. This includes but not limited to, when we make contact with data subjects by post, email, text message, social media messaging and telephone. At any time you may exercises your right to object to direct marketing and we will stop the direct marketing as soon as possible.
Your consent or our legitimate interests, specifically to grow our business, is our lawful ground by which we process your personal data to send you marketing communication.
Under the Privacy and Electronic Communications Regulations we may send you marketing communications from the Coronavirus Challenge under the following circumstances:
- i) you make a purchase from us or asked for information from us about our goods and/or services
- ii) you agreed to receive marketing communications from us and have not opted out of receiving marketing communications since. Under the Privacy and Electronic Communications Regulations, if you are a limited company we may send you marketing communications without your consent. You can still however opt out of receiving marketing emails at any time.
5. How can we legally use personal data?
Processing of personal data is only lawful if at least one of these legal conditions, as listed in Article 6 of the GDPR, is met:
- a) the processing is necessary for a contract with the data subject;
- b) the processing is necessary for us to comply with a legal obligation;
- c) the processing is necessary to protect someone’s life (this is called “vital interests”);
- d) the processing is necessary for us to perform a task in the public interest, and the task has a clear basis in law;
- e) the processing is necessary for legitimate interests pursued by the Coronavirus Challenge tor another organisation, unless these are overridden by the interests, rights and freedoms of the data subject.
- f) If none of the other legal conditions apply, the processing will only be lawful if the data subject has given their clear consent.
6. Disclosures of Your Personal Data
We may need to share your personal data with any of the following parties listed below:
- Other companies in our group who provide services to us. This includes Icontact.com that provide our emailing software.
- Government bodies requiring us to report processing activities.
- IT and system administration service providers
- Professional advisers including bankers, auditors lawyers, bankers and insurers
- Third parties to whom we sell, transfer, or merge parts of our business or our assets.
All third parties are required by us to respect the security of your personal data and to treat it in accordance with the relevant legal obligations. Third parties are only permitted to process your personal data in accordance with our instructions for the specified purposes.
In addition to the specified disclosures, we may disclose personal data where such disclosure is necessary for legal obligation compliance to which we are subject to protect wither your vital interests or the interests of another natural person.
7. International Transfers
We share your personal data within our group of companies which involves transferring your data outside the European Economic Area (EEA).
We are subject to the provisions of the General Data Protection Regulations that protect your personal data. Where we transfer your data to third parties outside of the EEA, we will ensure that certain safeguards are in place to ensure a similar degree of security for your personal data. As such:
- We may transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
- If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place; or
- Where we use certain service providers who are established outside of the EEA, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
8. Third-Party Links
This website may include links to third party websites, applications and plug-ins. When you click on those connections and/or enable those connections, this may enable third parties to collect or share data about you. We do not control these third-party websites and have no responsibility for their privacy statements. Once you leave our website, we encourage you to read the privacy notice of every website you visit.
10. Data Retention
The Coronavirus Challenge will only retain your personal data for as long as is reasonably necessary in order to fulfil the purposes we collected it for. This is inclusive of the purposes of fulfilling any accounting, reporting or legal requirements.
When considering the time we keep the data, we take into account its sensitivity, nature, the amount, processing purposes, legal requirements and the potential risk of harm from unauthorised use of disclosure.
To fulfil tax purposes, the law requires us to keep basic information about our customers, which includes Identity, Contact, Transaction and Financial Data for six years after they cease being customers.
In some instances, we may anonymise your personal data for statistical or research purposes. In this circumstance, we may use this information on an indefinite basis without providing further notice to you.
11. Your Legal Rights
The Coronavirus Challenge will process personal data in line with data subjects' rights, including their right to:
- a) request access to any of their personal data held by us
- b) ask to have inaccurate personal data changed;
- c) restrict processing, in certain circumstances;
- d) object to processing, in certain circumstances, including preventing the use of their data for direct marketing;
- e) data portability, which means to receive their data, or some of their data, in a format that can be easily used by another person (including the data subject themselves) or organisation;
- f) not be subject to automated decisions, in certain circumstances; and
- g) withdraw consent when we are relying on consent to process their data.
Under the Privacy and Electronic Communications Regulations, you have rights in relation to your persona data, inclusive of the right to request access, correction, restriction, erasure, transfer, to object to processing, to portability of data and in the case where the lawful ground of processing is consent, you have the right to withdraw consent.
To exercise any of these rights, please email [email protected]
You can see more about these rights at:
You do not have to pay any fee to access your personal data or to exercises any other rights. However, in the case of unfounded requests, excessive or repetitive requests we may charge a reasonable fee. Alternatively, we may refuse to comply with your requests under these circumstances.
In order to help confirm your identity and ensure your rights to access your personal data or any of the other rights, we may need to request specific information. This is a security measure to protect against your personal data being disclosed to any person who does not have the right to receive it. We also reserve the right to contact you to ask you for additional information in relation to your request to speed up our response.
We will act on all valid requests as soon as possible, and we endeavor to respond to all legitimate responses within a one-month time period. On occasion, it may take us longer than one month if your request is complex or you have made multiple requests. If this is the case, we will notify you. All information will be transparent, concise, using plain and clear language.