Privacy Policy

Reteti Elephant Sanctuary (“Reteti”)

Overview

Please review this Privacy Policy carefully as it describes how Reteti Elephant Sanctuary (“Reteti”) and its affiliates and subsidiaries (collectively “we”, “our”, or “us”) collect, use, and disclose information about you when you interact with us online, via our websites (collectively, the “Service”). 

Reteti Elephant Sanctuary (“Reteti”) respects your privacy, and we know that you care about how your information is used and shared. This Privacy Policy applies to the Reteti Elephant Sanctuary website www.reteti.org, to all other websites controlled or operated by Reteti from which you are accessing this Privacy Policy, to all associated subdomains, online services, and mobile applications controlled or operated by Reteti, “Additional Websites Subject to Terms of Use” as defined in our Terms of Use and to any other interactions that we may have with you, online or offline (collectively, the “Services”).

If you have any questions about our privacy practices, please contact us as set forth in the “Contact Us” section below. 

Information Collection

For purposes of this Privacy Policy, “personal information” means information that relates to an identified or identifiable individual, household, and/or, depending on your state of residence, device. Depending on how you interact with our Service, this may include collection and processing of personal information including, but not limited to, the categories and types of personal information listed below.  

We may collect any personal information that you provide directly via the Service, including when you:

  • Use our Service;

  • Access our content, including our articles, webinars, research reports and podcasts;

  • Register or update an account;

  • Request quotes, product demos, support, information, or access to our information products and services;

  • Subscribe to newsletters, promotional communications, alerts, sales outreach, updates and other materials;

  • Fill in forms; 

  • Register for events, webinars or other content offers; or

  • Contact us.


The categories of personal information we collect may include the following:

  • Contact Data. We may collect your first and last name, email address, postal address, phone number, and similar contact data.

  • Company Data. Where you interact with us in a business to business context, we may collect your job title and company name, size, email address, phone number, and postal address. 

  • Credentials. When you register for an account with us, we may collect passwords, password hints, and related information for authentication and account access.

  • Biographic and Demographic Data. Reteti may collect demographic information you voluntarily provide to us, including your country, age, and gender.

  • Profile Data. We may collect a personal description, and other profile information you submit.

  • Payment Data. We may use payment processors to collect personal information necessary to process your payment if you make a purchase with us, including your payment instrument number (such as a credit or debit card number), and the security code associated with your payment instrument. We do not directly collect or maintain full payment card information.

  • Personal Contacts Data. We may collect personal information you provide about your contacts, including information about other employees at your company.

  • Content. We collect the content of communications you send to us (such as feedback and questions via our “Contact Us” section), which may include personal information.

  • Inferences. We may draw inferences from any of the personal information identified and discussed in this Privacy Policy

  • Other Personal Information. We may collect other personal information you provide, such as the content provided either in your job application or in your communications with us, including interactions with us online, in-person, or on the phone.

  • Other Information. We may collect information that does not reveal your specific identity or does not directly relate to an individual, about your use of the Services, including, among other things, your IP address, browser type, mobile device type, content visited while on the Services, and the duration of your visit to the Services. If you submit any Personal Information relating to other people to us or to our service providers in connection with the Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.


Use of your Information 

Reteti may use your Personal Information:

  • To send you information about Reteti or Reteti partners.

  • To personalize your interactions with Reteti, such as to customize your web and email content based on your interests, send you requests to participate in events in your area and otherwise target content and communications to you.

  • To respond to inquiries and fulfill your requests, such as to process donations, or send you information about projects.

  • To send administrative information to you, such as information regarding the Services and changes to our terms, conditions, and policies.

  • To improve our Services’ functionality and user experience, and to debug, identify and repair errors that impair the intended functionality of our Services.

  • To facilitate social sharing functionality.

  • For our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products and services, enhancing, improving or modifying the Services, identifying usage trends, determining the effectiveness of our promotional campaigns, and operating and expanding our activities, some of which may be shared or used by our vendors and their technologies and tools.


Information Disclosure

Your Personal Information may be disclosed:

  • To our partners for purposes of implementing conservation activities.

  • To our vendors and service providers that support our business and operations through a variety of activities, including but not limited to marketing, data processing, fundraising-related services, website hosting, data analysis and campaign measurement, payment processing, information technology and related infrastructure provision, customer service, email delivery, and auditing services.

  • To third parties that assist our project partners, vendors, and service providers as part of their work with Reteti.

  • To a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our operations, assets, or stock (including in connection with any bankruptcy or similar proceedings).

  • To other third parties who help further Reteti’s charitable mission (e.g., other nonprofit organizations) or other third parties who provide products and services you may be interested in.

We may also use and disclose your Personal Information as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you, or others; or (g) to allow us to pursue available remedies or limit the damages that we may sustain.

We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, then we may use it for all the purposes for which we use and disclose Personal Information. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.

Communications

If you decide at any time that you no longer wish to receive newsletters or other communications from us, please follow any unsubscribe instructions provided in our communications to you or contact us as set forth in the section below entitled “Contact Us”, and specify your request. Please note that if you opt out of receiving newsletters or promotional emails from us, we may still send you important administrative messages (such as notices with respect to purchases, safety, or changes to our terms, conditions, and policies), from which you cannot opt out.

Security and Data Retention

We utilize appropriate security measures designed to protect your information from unauthorized access, modification, disclosure, or destruction. Please be advised, however, that while we strive to protect your information and privacy, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and are not responsible for the theft, destruction, or inadvertent disclosure of your information.

If you suspect unauthorized use of personal information that you have provided us – such as your account information or its credentials – you should notify us immediately using the information in the Contact Us section at the end of this Privacy Policy.

We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or allowed by law. Remember that even after you cancel your account, or if you ask us to delete your personal information, copies of some information from your account may remain viewable in some circumstances. We may also retain backup information related to your account on our servers for some time after cancellation or your request for deletion, for fraud detection or to comply with applicable law or our internal security or recordkeeping policies. It may not always be possible to completely remove or delete all of your information due to technical constraints or contractual, financial or legal requirements.

Location of Data

Our Services are hosted in and managed from the United States. If you are a user located outside the United States, you understand and consent to having any personal information processed in the United States or in any other country in which we have facilities or in which we engage service providers. The United States and other countries’ data protection laws may not be the same as those in your jurisdiction. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in the United States may be entitled to access your personal information.

To the extent that the Company offers products and services to individuals located in the European Economic Area or United Kingdom, or to the extent the Service is deliberately made available to such individuals, please review the section titled “Additional Disclosures for Data Subjects in Europe” below for more information about disclosures and privacy rights associated with that activity. 

Changes to this Privacy Policy

We reserve the right to update this Privacy Policy at any time. If we make changes, we will revise this Privacy Policy to reflect such changes and revise the effective date included at the beginning of this policy. We may, but are not obligated to, provide you additional notice (such as to your e-mail address) if the changes are material. Your use of the Service following any such notice will signify and constitute your assent to and acceptance of such revised Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy, including our compliance with applicable law, please feel free to contact us by email at hello@reteti.org

Additional Disclosure for Data Subjects in Europe and United Kingdom

Data Controller

This section applies to any individuals located within the European Economic Area (EEA), United Kingdom (UK), Switzerland, or any jurisdiction to which similar privacy laws apply, from whom we may have collected personal data from any source, including through your use of our Services. We provide this Notice to comply with applicable privacy laws, including the General Data Protection Act (“GDPR”), the UK GDPR, and related laws, regulations, and guidance from the European Union and/or its member states. Any capitalized term used and not otherwise defined below has the meaning assigned to it in our Privacy Policy. 

For the purposes of this Notice, “personal data” means any information relating to an identified or identifiable natural person.

EU and UK data protection law makes a distinction between organizations that process personal data for their own purposes (known as “data controllers”) and organizations that process personal data on behalf of other organizations (known as “data processors”). Reteti may act as either a data controller or a data processor in respect of your personal data, depending on the circumstances. We generally act as data controller with respect to information you provide through the Service. Sometimes we operate as a data processor on behalf of a client, a separate legal entity, which is the data controller. For example, if you subscribe to our newsletters and promotional communications, we may send you content on behalf of our clients and share your personal data with our clients for their own marketing purposes. Please visit the applicable client’s privacy policy for information about their privacy practices. Any questions that you may have relating to such personal data and your rights under data protection law should therefore be directed to the client as the data controller, not to Reteti.

Basis for Processing your Personal Data

We rely on one or more legal bases to process your personal data under applicable law. We may process personal data (i) as necessary to perform our contractual obligations to you, including, but not limited to, those obligations in our terms of use; (ii) as necessary to pursue our legitimate interests as further detailed below; (iii) as necessary for our compliance with our legal obligations such as a request or order from courts, law enforcement or other government authorities; and/or (iv) with your consent, including to send you marketing email messages and other information that may be of interest to you, which you may withdraw at any time.

Legitimate Business Interests

We may collect, process, and maintain personal data to pursue the legitimate business interests outlined below. To determine these legitimate interests, we balance our legitimate interests against the legitimate interests and rights of you and others and only process personal data in accordance with those interests where they are not overridden by your data-protection interests or fundamental rights and freedoms.

Provide, improve, and develop our Service, including to deliver your requested Services, send you messages and provide user support, customize the Services to better fit your needs as a user, develop new Services, and perform internal analytics and research and development. This also includes sharing personal data with our trusted service providers that provide services on our behalf.

Protect you and others and to create and maintain a trusted environment, such as to comply with our legal obligations, to ensure compliance our agreements with you and other third parties, to ensure safe, secure, and reliable Services, and to detect and prevent wrongdoing and crime, assure compliance with our policies, and protect and defend our rights, interests, and property. In connection with the activities above, we may conduct internal research and profiling based on your interactions on various Sites, content you submit to the Sites, and information obtained from third parties. 

Provide, personalize, measure and improve our marketing, including to send you promotional messages and other information that may be of interest to you with your consent. We may also use personal data to understand our user base and the effectiveness of our marketing. This processing is done pursuant to our legitimate interest in undertaking marketing activities to offer products or services that may be of interest to you. 

Your Privacy Rights 

If you are a data subject in a jurisdiction identified in this section, you have the right to access, rectify, or erase any personal data we have collected about you through the Service. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you through the Service. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us.

To exercise any of these rights, please contact us as set forth in the “Contact Us” section below and specify which right you intend to exercise. We will respond to your request within 30 days. We may require additional information from you to allow us to confirm your identity. Further, if we are processing your information on behalf of one of our clients, we will refer you to that client, and will support them to the extent required by applicable law in responding to your request. Please note that we store information as necessary to fulfill the purposes for which it was collected, and may continue to retain and use the information even after a data subject request for purposes of our legitimate interests, including as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

If you have any issues with our compliance or you believe that we have not complied with our obligations under this Privacy Policy or European or UK law, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner's Office. You can view the contact information for your data protection authority here.

Data Retention

We will only retain your information for as long as necessary to fulfill the purposes we collected it for. We will retain and use your information as necessary to satisfy any legal, accounting or reporting requirements, to resolve disputes or to enforce our agreements and rights. In line with this Privacy Policy, we will either securely delete or anonymize your data so that it cannot be linked back to you.

Data Transfer 

We will not transfer personal data originating from the EU to third parties located outside of the EU without ensuring adequate protection under European or UK law. Where transfer is to a party located in a third country not recognized by the EU Commission as ensuring an adequate level of protection, we will take appropriate steps to transfer the personal data subject to adequate safeguards, such as standard contractual clauses as well as other appropriate measures and safeguards.