Privacy Policy
IHRF NETWORK LTD., its subsidiaries and affiliated companies (“Company” or “we”, “us”, or “our”) considers user privacy paramount, and we utilize great care in keeping the information of users private and secure. This privacy policy (“Privacy Policy”) details our practices in relation to all Personal Data collected or processed when you (i) visit our website available at www.IHRF-Give.org ; (ii) use our mobile app; (iii) register as a leader on the IHRF platform (“Platform”) and create a campaign or use our management tools (“Leader”), register as an ambassador on our Platform to take action on behalf of Leaders (“Ambassador”) or register as a follower on our Platform and follow or support a campaign or page (“Follower”); or (iv) use an e-commerce platform utilizing Blindspot, a tool developed by the Company for assisting e-commerce platforms and their customers in completing e-commerce transactions (“Blindspot”) – (collectively, “Service(s)”). Note, as detailed below, this Privacy Policy will also govern certain Personal Data we receive from the Leaders with regard to their designated followers.
We have included below information about which Personal Data is collected, how we process and use your Personal Data, but before, we would like to explain the lawful basis on which we do so where we act as a Controller, all subject to the EU General Data Protection Regulation (“GDPR”) as well as other applicable data privacy regulations:
(i)Where a user registers for any of our Services, we process such data in order to perform our contract with the user;
(iii)When visitors access our website, we have the legitimate interest to process online identifiers such as IP address, cookies or agents (“Online Identifiers”);
(iv)If you are a registered user or if you have requested to join our newsletter, we will process certain Personal Data for direct marketing purposes, which we have legitimate interest;
(v)We will also process your certain Personal Data where you have provided us with consent to do so, either by contacting us or other forms.
As defined under the GDPR, IHRF acts as a Processor of certain data, such as the Personal Data uploaded by our Leaders, the Controller, which may include the Controller’s followers’ name, contact details, etc. all as detailed below, and Personal Data we receive from e-commerce platforms that use Blindspot, which may include the user’s name and contact information, and information on the purchase that such user tried to make in the e-commerce platform (such platforms act as Controllers of your data in that respect). Where we act as a Processor, we only process your Personal Data as necessary to provide our services to the applicable Controller, and in accordance with the Controller’s instructions (i.e., send emails, send SMS, etc.).
Further, IHRF can also be a Controller of certain data such as when you contact us or when a Leader or Follower directly registers through the Platform.
This privacy policy is subject to the Protection of Privacy Law, 5741-1981 (the “Privacy Law“) and constitutes a notice under section 11 of the Privacy Law.
Except where it is specifically mentioned otherwise, you are under no legal obligation to provide any information and any information you provide depends entirely on your free will. If you do not agree to the terms of this Privacy Policy, please refrain from using the Service.
For more details regarding the terms and conditions for use of the Services and our obligations as a Controller or Processor please read our Terms of Use (“Terms of Use”), which together with this Privacy Policy, govern your use, access and activity through the site and Service. Terms that are capitalized but are not defined in this Privacy Policy have the applicable meaning set forth in the Terms of Use.
1. The information we collect
Depending on your interaction with us (meaning, if you are just browsing our site, or if you have registered to our Services), we may collect three types of information about you, as follows:
- “Non-Personal Data”: non-identifiable information which may be made available or gathered through your use of the Services. To clarify, we are not aware of your identity due to such information.
- “Personal Data”: individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual
- Sensitive Data: if you follow a certain campaign or if you post a certain comment we may process Sensitive Data which you make available, such as: your political view, sexual preference, ethnicity, etc. Please note that by making this data public on the Platform you provide us with consent to process such Sensitive Data.
- In case we combine Personal Data (or Sensitive Data) with Non-Personal Data, the combined information will be treated as Personal Data for as long as it remains combined.
Information we collect from visitors of our site or app:
The table below details and discloses the data we collect when you access the site or app. If you also register and become a Follower or Leader, please also review the next table designated for registered users.
| Type of Information | How Do We Use It? |
|---|---|
| When you access our site or app we collect aggregated usage information and technical information, such as: the type of device (e.g.: a smartphone or a tablet), operating system (e.g.: iOS or Android), browser type, carrier, internet network provider, device model and manufacture, screen resolution, browser language, network status (e.g.: WiFi, 3G, 4G, 5G), your navigation and click stream within the site, time zone, country, city and language (“Technical Information”). | We use this Technical Information for (i) operating, providing, maintaining, protecting, managing our site; (ii) enhancing your experience; (iii) our legitimate interests of auditing and tracking usage statistics. |
| In case you contact us for support or other inquiries either through the site or by sending us an email, you will provide us with your name, phone number and email address. | We will use this information solely for the purpose of responding to your inquiries and provide you with the support or information you have requested. |
| Online Identifiers | We (directly or indirectly, by third party service providers) collect you Online Identifiers and process it for our legitimate interests of operating, providing, maintaining, protecting, managing, customizing and improving our site. |
| If you voluntarily subscribe to our newsletter, you will be asked to provide us with your email address or phone number. You can unsubscribe at any time using the unsubscribe option within the body of the email or SMS newsletter or by contacting our data protection officer at privacy@IHRF-Give.org | We will use your email address or phone number in order to send you information related to our Services and to keep you up to date regarding new Services. |
Information we collect from registered ambassadors
If you have registered as an ambassador and as a Follower on our Platform, the table below will disclose, detail and explain which information we collect or process, and for what purpose in addition to what was described in the section “Information we collect from visitors of our site”.
| Type of Information | How Do We Use It? |
|---|---|
| In case you will wish to become an Ambassador (as defined herein above) to support a campaign on our Platform, you will be required to register. During the registration you will provide us with your name, email address, phone number and accept our policy including receiving messages from the “Leader” of the campaign you wish to become an “Ambassador”. | We will use this information for the purpose of performing our contract with you, provide you with the Services you have requested (e.g. allow you to comment on a post or share your comment of the social networks, etc.). |
Information we collect from registered users
If you registered, created an account and as either a Follower or a Leader on our Platform, the table below will disclose, detail and explain which information we collect or process and for what purpose.
| Type of Information | How Do We Use It? |
|---|---|
| In case you wish to comment, like or share a post, you will be required to register and open an account for the purpose of becoming a Follower (as defined herein above). During the registration you will provide us with your name, profile picture and email address and will be required to choose a password, at which you thereby represent and warrant that you are solely responsible for maintaining the confidentiality of your details and password. Further you represent and warrant that the information provided by you is accurate and complete. You may also sign in with a social network account, such as Facebook or with a Google account, that may provide us with access to certain information about you as stored therein (e.g. full name, email and any other information which you made public). | We will use this information for the purpose of performing our contract with you, provide you with the Services you have requested (e.g. allow you to comment on a post or share your comment of the social networks, etc.). |
| As a Follower you also have an option to donate, contribute, purchase merchandise or make an investment with a Leader, by doing that you will be required to provide payment and personal details. We may store your payment data (e.g. the last 4 digits of your credit card, your ID number where applicable, card issuer and billing address). We use third parties for payment processing and we recommend you review their privacy policy as well:PayPal which its privacy policy is available at: PayPal Privacy Policy;Stripe which its privacy policy is available at: Stripe Privacy Policy | We, or our third party payment processors, use the payment information solely for the purpose of executing the payment you requested. Your payment data may be stored by us for operational use in the event you decide to join specific donation programs. All such information will be stored securely and all such payments will be remitted in a completely secure manner. Any payment process or data practices by third parties will be subject to such third-party payment processors privacy practices and terms of service. |
| In order to use as the Services and create a campaign as a Leader (i.e. donation, petition, newsletters, CRM, sell of merchant, etc.), you will be required to register and open an account. During the registration flow you will provide us with certain information such as your full name and company name, title, email address, profile picture, and phone number. During the registration process you will be required to create a password, at which you thereby represent and warrant that you are solely responsible for maintaining the confidentiality of your details and password. Further you represent and warrant that the information provided by you is accurate and complete. You may also sign in with a social network account, such as Facebook or with a Google account, that may provide us with access to certain information about you as stored therein (e.g. full name, email and any other information which you made public). | We will use this information for the purpose of performing our contract with you, provide you with the Services you have requested, and designate your account in order to display the applicable information on your account dashboard. We will use your email address and phone number solely for direct marketing and communication related to the Service (e.g. invoices, newsletters etc.). |
| We may collect certain precise location, provided that you enable the “Location Services” on your device. Thus, when you check in to an event through the Platform or upload UGC, we may obtain information regarding where and when the photo was shot, and other information concerning your location while using the Platform. | We use this data solely to provide the Services and is subject to your consent. |
| While using the Service, either as a Leader or Follower, you are able to comment and upload certain content to the Platform such as text, images, video clips, GIF files, etc. (collectively, “User Generated Content” or “UGC”). The UGC may include Personal Data or even Sensitive Data (e.g. political views) about you or other individuals. The UGC is subject to the applicable obligations and requirements available in out in Terms of use | When you upload the UGC you acknowledge that by making this content public you have provided the consent to process such data (including Sensitive Data). |
| You can voluntarily upload third party email addresses to send such third parties your content and newsletter, you thereby represent and warrant that you have all of the rights and consent required in accordance with applicable laws to upload such third-party email address. The third party can unsubscribe at any time using the unsubscribe option within the body of the email or SMS newsletter or by contacting our data protection officer at privacy@IHRF-Give.org | We will use such third party email address in order to facilitate your sending of information regarding your cause. |
| We also collect certain Technical Non-Personal Data and Online Identifiers as a visitor to the site. | See the table above. |
| Newsletter: if you consent, during the registration to receive newsletters, we will also use your email address or phone number for this purpose. | We will use this information solely if you provided us with consent to send you newsletters or if we have legitimate interest to send direct marketing. Nonetheless, you may object and unsubscribe at any time. |
Information we Process on behalf of our Leaders
Our Services include providing our Leaders with a CRM platform, management tools, payment processing platform, network to promote a cause or campaign as well as send broadcast emails and online messages. As the Service provider IHRF will process this data as the Leaders Processor and shall not use the data for any other purpose except as instructed by the Leader and detailed herein below.
| Type of Information | How Do We Use It? |
|---|---|
| Contact Information | We will use this information solely to send the required messages to you from the Leader. |
| As detailed above, we will also process data on you as a Follower such as any applicable purchases, comments, UGC, etc. We may process your payment data (e.g. last 4 digits of a credit card ID number) in case you decide to join specific donation programs. | We will use this information solely to provide you with the services you required. |
| If you decide to make an investment with one of our Leaders, we will collect and process the information provided by you to enable you to make such an investment. | We will use this information solely to provide you with the services you required and in accordance with the regulations of the Securities Authority and any applicable law. |
| The IHRF Platform stores the content and correspondence between you and the Leader. | This information is solely used for the purpose of providing CRM and additional Services to the Leader. |
| We also collect certain Technical Non-Personal Data and Online Identifiers as a visitor to the site. | See the table above. |
Information we process via Blindspot
The table below explains what types of Personal Data we process, on behalf of e-commerce platforms utilizing Blindspot, when you use such platforms.
| Type of Information | How Do We Use It? |
|---|---|
| Your name and contact information (such as email, phone number and IP) | In accordance with the instructions we receive from the e-commerce platform. We will normally provide this information to the e-commerce platform so that it can contact you to assist you in completing the transaction that you tried to make on such platform. |
| Information on the purchase that you tried to make in the e-commerce platform (e.g., the total purchase amount). Total purchase amount, currency, user agent, payment method, locale, order details, provided additional purchase data from payment gateway, Shop and Platform details (such as Plugins installed and activity, activation data). | In accordance with the instructions we receive from the e-commerce platform. We will normally provide this information to the e-commerce platform so that it can use it to assist you in completing the transaction that you tried to make on such platform. |
2. How we collect information
Depending on the nature of your interaction with the Services, we may collect information as follows:
- The WordPress plugin is installed on the E-Commerce platform and is activated during payment experience. In case of payment or error, the transaction’s events will be sent to Blindspot via the plugin for ongoing processing and recording and providing appropriate responses. Further we might be granted access directly to payment provider API and receive the same type of information and events and not via the plugin.
- Automatically – we may use cookies (as elaborated in the Cookies Section below) to gather some information automatically.
- Provided by you voluntarily – we will collect information if and when you choose to provide us with the information, such as through a registration process, contact us communications, sign-up to our newsletter, etc.
3. Cookies
When you access or use the site, or interact with the Platform, we may use “cookies” (or similar technologies), which store certain information on your device (i.e., locally stored) and which will allow us to customize the Service and content as well as enhance your experience of the Services. The use of cookies is a standard industry-wide practice. Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies some features of the Services may not operate properly and your online experience may be limited.
We may permit third parties to use cookies or other technologies to collect information about your online and application usage activities across our Services, this data may include Online Identifiers therefore we recommend you review our cookie policy carefully:
| Cookie | Purpose | Privacy Policy and Opt-Out |
|---|---|---|
| Zendesk | chat, support, help center | https://www.zendesk.com/company/customers-partners/privacy-policy/ |
| Active Campaign | Marketing tool | https://www.activecampaign.com/legal/privacy-policy |
| Facebook Analytics | Enable use of the Service | https://www.facebook.com/policies/cookies/ |
| Facebook Connect | Enhance the use of the Site | https://www.facebook.com/privacy/explanation |
| Facebook Custom Audience | Marketing | https://www.facebook.com/privacy/explanation |
| Google AdWords | Marketing and Remarketing | https://policies.google.com/privacy |
| Google Analytics | Analytic purposes | www.google.com/policies/privacy/partners, https://tools.google.com/dlpage/gaoptout |
| Google Tag Manager | Marketing | https://policies.google.com/privacy |
| Taboola | Analytic purposes | https://www.taboola.com/policies/privacy-policy |
| Outbrain | Analytic purposes | https://www.outbrain.com/legal/privacy#privacy-policy |
| Yandex | Analytic purposes | https://yandex.com/legal/confidential/ |
| Bing Ads | Analytic purposes | https://about.ads.microsoft.com/en-gb/resources/policies/microsoft-advertising-privacy-policy |
| TikTok | Analytic purposes | https://www.tiktok.com/legal/privacy-policy |
| MailRu | Analytic purposes | https://help.mail.ru/legal/terms/mytracker/eng/privacy |
| Analytic purposes | https://twitter.com/privacy | |
| MixPanel | Analytic purposes | https://mixpanel.com/legal/privacy-policy/ |
| HotJar | Analytic Purposes | https://www.hotjar.com/legal/policies/privacy |
| XVerify | Email Verification | https://www.xverify.com/privacy-policy.html |
| Media | https://www.linkedin.com/legal/sas-terms | |
| MaxMind | Analytics | https://www.maxmind.com/en/privacy-policy |
4. Sharing information with third parties
We may share the information we collect in the ways that are described below:
- We will share the UGC with other users as you posted publicly on the Platform, unless designated as private through your settings;
- With third parties, such as service providers, vendors, data processors, business partners and other third parties with whom we have contracted, who help with parts of our business operations, in order to facilitate our delivery of relevant Services to you;
- With respect to Personal Data we process, on behalf of e-commerce platforms utilizing Blindspot – we share such data with such e-commerce platforms as part of the services that we provide to them;
- From time to time, we may need to disclose your information to third parties such as to law enforcement authorities or our legal advisers, where it is necessary to comply with the law or regulation; enforce or apply our user terms and conditions; to protect our rights, or to preserve the safety of our users. This may include exchanging information with other companies and organizations in order to detect prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations and/or where the Company receives a judicial order instructing it to disclose your details or information about you to a third party;
- Where the Company believes that the disclosure of such information is necessary in order to prevent severe injury or damage to you or to other third parties;
- If we sell all or part of our business or make a sale or transfer of our assets or are otherwise involved in a merger or transfer of all or a material part of our business, or a financing or acquisition of all or a portion of our business, or participate in any other similar business combination (including, without limitation, in connection with any bankruptcy or similar proceeding), we may transfer all or part of our data to the party or parties involved in the transaction as part of that transaction. You acknowledge that such transfers may occur, and that we and any purchaser of our business or assets may continue to collect, use and disclose your information in compliance with this Privacy Policy;
- We may also share your information, including your Personal Data, when we have your consent to do so.
5. Data security and retention
The Company uses appropriate industry-standard security measures to protect the information it collects about you, which include the use of firewalls and encryption. We have implemented technical, physical and administrative security measures to protect the Personal Information. The data collected by us is stored in the AWS data servers, for more information regarding the data security provided by AWS, please see: https://aws.amazon.com/security. For additional information regarding our security measures please see IHRF-Give.org
Further, in the event of a security incident, in which we discover your Personal Data may be at risk, we will take reasonable efforts to notify you and the applicable authority (if required, subject to applicable laws). The Company retains an internal security policy and educates its employees to secure Personal Data as well as notify the DPO in the event of a security breach.
Data Retention Policy
| Type of Data | Retention Policy |
|---|---|
| Personal Data associated with your account | The Company stores this data for as long as it is necessary to provide the Service, hence, until you delete your account or request we delete your account or associated data, or if we no longer need the data to provide the Service, we will store the registration data and account activity data. Note that, even if we will delete your account, we will not delete certain information required under applicable law or otherwise, required for the legitimate purposes of our business. For example, we will not delete any invoices sent to you as we are required to retain such data under applicable tax laws. |
| Contact information | If you unsubscribe we will no longer keep your data. Further, if we process your contact information on behalf of a Leader, we will store the information until the Controller (i.e. Leader) will instruct us otherwise. |
| Online Identifiers of site visitors. | Are deleted within 60 days. Note, if you are a Follower and Leader we will keep your IP and time stamp to keep evidence of “actions” such as acceptance of the terms, opening an account on through a payment processor such as WePay, purchase items through our Platform, etc. |
| UGC | The uploaded UGC may not be deleted, however following your request we may anonymize it. |
| Aggregated Non Personal Data | We will collect and use such data for as long as needed to provide the Service, however, in no event will we keep this data for more than 12 months |
Where we act as a Processor, we retain your Personal Data as instructed by the Controller (in the case of Blindspot, this would be the e-commerce platform that utilizes Blindspot).
6. User rights
Individuals have the right to know what information we hold about them as a Controller and, in some cases, to have such information communicated to them. Individuals may also ask for our confirmation as to whether or not we process their Personal Data as a Controller. Subject to the limitations in applicable law, individuals may also be entitled to obtain from us the Personal Data they have provided to us as a Controller in a structured, commonly-used, and machine-readable format, and may have the right to transmit such Personal Data to another party.
The principal rights under applicable data protection law in relation to Personal Data are detailed in our user right policy available at: www.IHRF-Give.org
Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law. In addition, the process of locating and deleting the data may take up to one (1) month (following the receipt of the validation proof we require) in accordance with applicable law.
To obtain information or exercise applicable rights with respect to Personal Data that we process as a Processor, please contact the applicable Controller on behalf of which we process such data (in the case of Blindspot, this would be the e-commerce platform that utilizes Blindspot).
7. Children’s privacy
The Platform is offered only to users who are 18 years of age or older and is not intended for use by children. Therefore, we do not knowingly collect any information about children under the age of 18 years old (“Child”). If we become aware that we have collected information about a Child, that information will be immediately deleted from our database. If you believe your child has provided us with personally identifiable information please contact us through email, at privacy@IHRF-Give.org to have the data provided by or associated with your child deleted.
8. Data transfer outside the EEA
We may store or process your Personal Data in the US or in other countries. If you are a resident of the European Economic Area (“EEA“) we will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer outside of the EEA. If you are a resident of a jurisdiction where transfer of your Personal Data requires your consent, then your consent to this Privacy Policy includes your express consent for such transfer of your data.
9. Changes to this Privacy Policy
We reserve the right, at our discretion, to update or revise this Privacy Policy at any time. Any changes or modification will be effective immediately upon the “Last Updated” data stipulated below. In the event of a material change, we will make best efforts to send you a written notification. Your continuance of use of the Platform, site or Services shall be acknowledgment of the revised Privacy Policy.
10. Contacting us
Please feel free to direct any questions or concerns regarding this Privacy Policy by contacting us via email at info@IHRF-Give.org.
11. Data Protection Officer
If you have any requests regarding the data processed under this Privacy Policy, including without limitation, requests to remove, delete, amend, modify or transfer the data, please contact our Data Protection Officer
Last Updated: December 15, 2022