Information Security
We have implemented a variety of measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. Security measures include the use of firewalls and DDoS protection, monitoring of hosted databases for intrusion detection, SSL encryption, access control through passwords and authorization procedures, and two-factor authentication to gain access to the data centers housing personal information.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to us. Any transmission of personal information is at your own risk. We are not responsible for any circumvention of any privacy settings or security measures contained on the Websites or Software.
This privacy statement was last changed on February 16, 2024, last checked on February 16, 2024, and applies to citizens and legal permanent residents of Canada.
In this privacy statement, we explain what we do with the data we obtain about you via https://dravetfoundation.org. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:
- we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
- we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
- we first request your explicit consent to process your personal data in cases requiring your consent;
- we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
- we respect your right to access your personal data or have it corrected or deleted, at your request.
1. Purpose and categories of data
We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)
1.1 Contact - Through phone, mail, email and/or webforms
1.1 Contact - Through phone, mail, email and/or webforms
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- IP Address
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
- Geolocation data
- Date of birth
- Sex
- Photos
- Social Media accounts
- Financial information such as bank account number or credit card number
- Medical information
Retention period
Upon termination of the service we retain this data for the following period: 7 years.
1.2 Payments
1.2 Payments
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- IP Address
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
- Geolocation data
- Financial information such as bank account number or credit card number
Retention period
Upon termination of the service we retain this data for the following period: 7 years.
1.3 Registering an account
1.3 Registering an account
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- IP Address
- Geolocation data
- Social Media accounts
Retention period
Upon termination of the service we retain this data for the following period: 7 years.
1.4 Newsletters
1.4 Newsletters
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- IP Address
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
- Geolocation data
- Social Media accounts
Retention period
Upon termination of the service we retain this data for the following period: 7 years.
1.5 To support services or products that a customer wants to buy or has purchased
1.5 To support services or products that a customer wants to buy or has purchased
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- IP Address
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
- Geolocation data
Retention period
Upon termination of the service we retain this data for the following period: 7 years.
1.6 Compiling and analyzing statistics for website improvement.
1.6 Compiling and analyzing statistics for website improvement.
The following categories of data are collected
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- IP Address
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
- Geolocation data
- Social Media accounts
Retention period
Upon termination of the service we retain this data for the following period: 7 years.
2. Sharing with other parties
We only share or disclose this data to other recipients for the following purposes:
Purpose of the data transfer: For processing payments
Country or state in which this service provider is located: United States
3. Disclosure practices
We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.
If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.
4. How we respond to Do Not Track signals & Global Privacy Control
Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.
5. Cookies
Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Cookie Policy (CA) webpage.
We have concluded a data Processing Agreement with Google.
Google may not use the data for any other Google services.
The inclusion of full IP addresses is blocked by us.
6. Security
We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.
The security measures we use consist of:
- Login Security
7. Third party websites
This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.
8. Amendments to this privacy statement
We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.
9. Accessing and modifying your data
If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below.
9.1 You have the following rights with respect to your personal data
- You may submit a request for access to the data we process about you.
- You may request an overview, in a commonly used format, of the data we process about you.
- You may request correction or deletion of the data if it is incorrect or not or no longer relevant. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question.
- You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. You will be informed of the implications of such withdrawal.
- You have the right to address a challenge concerning non-compliance with PIPEDA to our organization and, if the issue is not resolved, to the Office of the Privacy Commissioner of Canada.
- We shall give access to personal information in an alternative format to an individual with a sensory disability who has a right of access to personal information under PIPEDA and who requests that it be transmitted in the alternative format if (a) a version of the information already exists in that format; or (b) its conversion into that format is reasonable and necessary in order for the individual to be able to exercise rights.
10. Children
Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.
11. Contact details
Dravet Syndrome Foundation
PO Box 3026, Cherry Hill, NJ 08034
United States
Website: https://dravetfoundation.org
Email: info@dravetfoundation.org
Toll free phone number: 203-392-1950
Phone number: 203-392-1950
12. Data Requests
For the most frequently submitted requests, we also offer you the possibility to use our data request form
We have appointed a contact person for the organization’s policies and practices and to whom complaints or inquiries can be forwarded:
Mary Anne Meskis
PO Box 3026, Cherry Hill, NJ 08034
Annex
WooCommerce
We collect information about you during the checkout process on our store.What we collect and store
While you visit our site, we’ll track:- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.