Data Protection Directive Data Protection
Directive and Information Security Policy („Data Protection Directive“ or “Directive”) of the Madame-Ilsa Foundation gUG (limited).
Effective date: 2015/05/06
Welcome! This directive shall help you to understand how Madame-Ilsa Foundation.com and other websites of the foundation (hereinafter referred to as “website”) will collect your private data and in which way the foundation will use and publish this information. Madame-Ilsa.org is a website of the Madame-Ilsa Foundation (hereinafter known as the “foundation”, “we” or “our” etc.). This is a foundation gUG (limited) for non-profit purposes as defined within the framework of the applicable laws in the Federal Republic of Germany. If you want to contact us, you will be able to do this under our address for legal communication as referred below. This directive concerns (public or not accessible) data that allow conclusions on your person and which are recorded on Madame-Ilsa.org or other websites of the foundation as well as any other information that you provide us.
Data security
If our websites collects personal data (e.g. name, address or e-Mail address) this will always happen on a voluntary basis, as far as possible. The usage of our proposals and services is possible without providing personal data.
With this, we expressly contradict the usage of published contact information within the obligation to provide a masthead for the transmission of advertising and information material by third persons. The provider of the websites reserve its right to take legal actions in the case of unsolicited mailing of advertising information such as spam e-mails.
BY USING OUR WEBSITE OR PROVIDING PERSONAL DATA, YOU AUTOMATICALLY ACCEPT THIS DIRECTIVE. DO NOT USE THE SITE AND DO NOT PROVIDE ANY INFORMATION ON YOURSELF (OR ALLOW OTHERS TO DO SO IN YOUR NAME), IF YOU (OR YOUR CUSTOMER, IF YOU ACT AS AUTHORIZED AGENT) DO NOT AGREE TO ALL OF THE TERMS OF USE INCLUDING THIS DATA PROTECTION DIRECTIVE AND ANY OTHER APPLICABLE AND ADDITIONAL DATA PROTECTION DIRECTIVES.
Contents
1. What is the connection of the directive to the use of the web site?
2. Data provided by you and is recorded by us
3. Your provided data on third persons
4. General procedure for collected personal data
5. Optional update of your personal data
6. Information security
7. Your consent in particular
8. Children
9. Identity theft
10. Modifications
11. Notes on enforcement of our policy
12. Supplementary Data Protection Directive - employment opportunities
1. What is the connection of the directive to the use of the web site?
This directive is part of the site policy for Madame-Ilsa.org (hereinafter referred as to “site policy”). It is a contract between you and the foundation which regulates the usage of the website. Parts of the site policy are affecting this directive. Therefore, please read the site policy before you use the website. Used but not defined terms in this directive shall have the same meaning as defined in the site policy.
This directive is complemented by other directives that refer to specific activities. Each additional directive will be included as a part of this directive. In the following, you can find examples for the sections with additional data protection directives, but the list is not exhaustive:
- 1. If an additional directive concerning a particular activity is part of the website or
- 2. If a directive is part of the website of a third party which is referring to the mission of the foundation also those additional directives will be used and will be part of this directive.
2. Data provided by you and is recorded by us
You or any person who is acting on your behalf have/has the choice to decide if you want to supply personal data or not. Some information must be given in order to be able to participate in certain programs or activities (such as the application for voluntary work), so that a decision against the provision of information results in a limitation or exclusion of some features on the website or the opportunity for participation. It is your sole decision to provide information. However you should not disclose any personal information that can be used from other individuals in chat-rooms, internet forums, blogs or other forums in an abusive way. Furthermore, you should not disclose any personal data concerning others without their permission. The personal data that we normally request from you and other individuals include: your name, your e-mail address, your mother tongue, the name of your organization, your job specification, your city, your state, your religion, your age, locations where you use an internet access and the devices you are using. You can find further details on what data we record in the additional directives for the specific activities.
3. Your provided data on third persons
Do not disclose any personal data on a third person as long as you are not authorized to do so or bound by the applicable law or a contract. Do not disclose any data, if you do not agree with the site policy (including this directive and the additional ones) in your own name and on behalf of the data owner (the person whose personal information you have provided). Before you disclose the personal information of others (except cases where this is authorized by law or contract) you must get the written permission of the data owner to the said site policy and directives. By disclosing personal data on a third person you assure and guarantee that you are authorized to do so and that you have executed the before mentioned steps. If you are authorized by the law in force to disclose the information without executing the said measures, you assure and guarantee that you have observed the corresponding law and that you are authorized to receive and disclose data within the scope of this directive without the need to take further steps. You agree to indemnify us if you did not adhere to the present paragraph.
The foundation is working together with third parties in particular programs and often those third parties are responsible for the website of their corresponding program and/or providing it. In these cases you provide the data, if it is personal data, to the third party and their Data Protection Directive will apply. You agree that we are allowed to adopt our directive on the data collected by the mentioned third parties.
4. General procedure for collected personal data
In general we use the personal data which we collect to accomplish our assignments and manage our businesses and to perform the activity (and other related activities) for which we have collected the data. We could particularly use your personal data to
- fulfill our obligations towards you and to answer questions or requests;
- to contact you regarding significant modifications of our site policy and directives;
- to comply with laws or if we consider in good faith that the concerning measure is necessary to meet the legal requirements or to fulfill the demands of a legal procedure that is initiated against us;
- or to provide them to third parties due to a restructuring process.
- If you subscribe to a blog or a feed or a newsletter, we are allowed to add you to our mailing-list or also on the list of a third party which is fulfilling a similar function in our opinion.
- If you apply for a job, we will use the information to get a first impression of your character and to pass them on to service providers and other persons who are relevant for the application procedure.
Further information to some of the activities are available in the additional directives; but you should consider that we use all the information for all legal purposes. To the extent permitted by the applicable law, we reserve the right to use the personal data globally in every legal form, e.g.
- to collect,
- to use,
- to access them (or to prevent an unauthorized access),
- to process,
- to disclose,
- to pass the data on,
- to use the data in legal procedures or ,
- to exercise our rights within the applicable law to transfer, save, examine and delete the data and
- to use the data and other information, not personal data, in other ways (“disclose” them altogether).
5. Optional update of your personal data
When our systems require your personal data, it is possible to update that information. If you have any questions about which personal information the foundation has recorded, please do not hesitate to contact us at any time: This email address is being protected from spambots. You need JavaScript enabled to view it.
The foundation tries to keep your personal information accurate and up-to-date. In case that your personal data has changed you also have the opportunity to provide the new data under the said e-mail address. Various updates are possible for some for activities, e.g. update your “Voluntary work” profile by using the corresponding feature in the relevant section on the website.
We retain personal data for as long as we think it is necessary or advisable and we reserve our rights to save the data to the extent permitted by law. We are authorized to delete personal data at our own discretion. You should always have a copy of the data records you have saved on the website and you should not assume that we save your personal information or other data.
6. Information security
To protect the provided personal data of our users against unauthorized usage or disclosure, we have implemented an appropriate number of technical and organizational measures.
7. Your consent in particular
In additional to your agreement to the site policy, including this directive (and all relevant and supplementary directives), the foundation will inform you about some activities regarding your personal data and seek your particular consent. These activities help us with the handling of personal data which we receive during the execution of our assignments, business activities and programs. They are described in the following:
- Agreement to the international transfer and disclosure of personal data
- We are involved in programs and activities in different countries, especially in Morocco.
- You agree that the foundation and those who are receiving personal data from us (hereinafter referred as to “recipient”) are authorized to disclose and transfer your personal data globally (also outside the European Economic Area as long as the main office or the residence is inside this area) for every purpose linked to our or their assignments, businesses, programs and others unless this is prohibited by this directive.
- Agreement to the electronic notification in case of a breach of the safety procedures
- In case that we or a recipient have to report an unauthorized access to or another intrusion into particular security systems, you declare your consent that we (or they) are allowed to send the notification on request (or voluntarily) by publishing the message in good faith on our website or sending it to your provided e-mail address.
- You agree that the notification to you is at the same time a notification to any third parties you are working for and you commit to forward the notification to those third parties.
8. Children
We do not want to collect any information on children. Please do not provide any personal data when you are not at least 13 years old and also warn your children not to do so. In the event that a child under the age of 13 has provided personal data, a parent or legal guardian can inform us about this in writing at our address for legal communication (see below). Thereupon we will undertake reasonable efforts to delete the information from our data base in accordance with the applicable law and this directive.
9. Identity theft
If you believe that you have become a victim of identity theft and you are legally authorized to request information from us, please write to our address for legal communication. We will inform you about what information we need to take appropriate actions. After receiving this information, we will provide you (free of charge) with all the information we have for the relevant time and for which we are obligated to provide (in accordance with the applicable law and subject to all rights and possibilities of objection).
10. Modifications
We will modify our work as well as the methods of disclosing data or our reasons for the modifications from time to time. This directive describes our method of operating. However these methods will change in the same extent as the foundation changes. You accept the modification and substitution of any former Data Protection Directives. Furthermore we are authorized to change this directive in whole or in part in the same way we modify our site policy. The amended versions will be published on this website.
11. Information on the enforcement of our directive
This directive is part of our site policy and is supplemented by the same. The site policy together with any additional Data Protection Directives form a contract. In the event of any conflicts between the site policy and this directive, the latest release of this directive will be overriding. You can contact our address for legal communication in paper form if you are concerned that we have not fulfilled our obligations. There is no third party beneficiary to this directive.
Our address for all legal communication:
Madame-Ilsa Foundation gUG (haftungsbeschränkt), Goldbergweg 39, D-77830 Bühlertal, Germany
12. Supplementary Data Protection Directive - employment opportunities
Welcome! This additional Data Protection Directive – Employment Opportunities („job directive“) complements the Data Protection Directive for the website Madame-Ilsa.org (the “website”). It applies as soon as you use the section “Employment Opportunities” on our website or allow a third person use it on your behalf. When an applicant is handicapped and needs help with the usage of our online system, the creation of a profile, the application for voluntary work or other aspects of the application process, please contact our coordinator for special needs (contact: This email address is being protected from spambots. You need JavaScript enabled to view it., subject ‘Special Needs’) so that we can take the corresponding measures. We are a non-profit foundation that encourages equal opportunities.
This job directive is part of our Data Protection Directive and Information Security Policy (the “Data Protection Directive”), which in turn is part of our site policy. Used but not defined terms in this directive shall have the same meaning as defined in the before referred documents. IN CASE YOU CREATE A PROFILE, DISCLOSE DATA RELATING TO AN ANNOUNCEMENT FOR VOLUNTARY WORK, APPLY FOR A JOB OR ALLOW A THIRD PERSON TO DO THIS ON YOUR BEHALF, YOU AUTOMATICALLY AGREE WITH OUR SITE POLICY INCLUDING OUR DATA PROTECTION DIRECTIVE AND THIS ADDITIONAL DIRECTIVE.
If you do not act as an applicant but as a representative for someone else, e.g. as a friend, you must assure and guarantee the foundation that you have shown the site policy (including the Data Protection Directive and this job directive) to the applicant and that you have gotten his/her written agreement for those conditions and policies or that you are authorized in some other way to act on behalf of the applicant and to disclose the personal data of this person.
Data collected in the section “Employment Opportunities”
In addition to the personal data that we collect on the website in general, you have the possibility to create a “profile” in the section „Employment Opportunities“. Simply enter your e-mail address, set a password and enter a secret question. You will have access to your profile with that information later on. If you create a profile, submit an application or authorize us to procure a “consumer credit report” (reliability reference), we will normally collect the following information: name, address, phone number, CV, employment contract, remuneration, education and certification, former sponsorship from us, social security number (or the national insurance policy number or a document corresponding to the applicants with their residence in other countries) etc. We also save the data when applications have been submitted. If you have a profile, individuals who are using your password will be able to see this history over a period of several months by clicking on “My Jobs”.
The submitted information about an applicant are stored temporarily. If we find that the applicant matches the job well, we often ask for a more formal application and to give us the permission to procure a “consumer credit report” or an “investigative consumer credit report”. According to the international law a “consumer credit report” is a report regarding the credit rating, the credit status, the creditworthiness, the applicant’s personality, general reputation, personal characteristics and the life circumstances, which are valuable to the decision whether to offer employment or not. An “investigative consumer credit report” is essentially the same but the information is collected by personal conversations with neighbours, friends, colleagues or acquaintances etc. of the applicant. Both types of reports (as well as other information recorded by us) can include information from court records, administrative files and criminal records.
Data access
You can update your personal information in the section „Employment Opportunities“ with the corresponding feature on the website. The foundation withholds profiles in accordance with its directive for retention of data. We reserve our rights to delete your profile and any other data that you or another person have/has saved on the website so that you should not save the single copy of your CV there (occasionally data has to be entered once more). You can apply for the deletion of your profile at any time. Please, send an e-mail to This email address is being protected from spambots. You need JavaScript enabled to view it. and request the deletion. Neither with the modification of your profile nor with its deletion can you change the data that you have already submitted.
Usage of the data collected in the section “Jobs”
In addition to the usage of personal data that is approved in the Data Protection Directive we also use the personal data that is provided during the application process for a job as follows:
We disclose the information
- towards third parties who help us with the authentication of applicants, the verification of qualifications and certificates and the contacting of references;
- towards our affiliated companies, organizations and other third parties or persons the applicant possibly will work together with if he/she gets the job;
- if we are looking for someone to fill an open position with us or for any third party, and to contact a former candidate to see if he is interested in a job to which the applicant has not applied. We do this, however, at our sole discretion and without obligation, in the entire communication concerning applications, jobs, legal issues or other subjects;
- to infrom the applicant about the receipt of the application or for further communication regarding the job or other legal or relevant matters.
- to meet the applicable laws such as keeping the immigration restrictions or comparing names with lists of names to fight against terrorism.
- if an applicant receives a position in our foundation, we will save the application and other relevant data in which we have used as reference in the personnel file of the applicant so that we can base decisions after the employment (such as disciplinary proceedings) on that information.
Passwords; editorial processing of the CV
According to the site policy you are obligated to keep your password and other login details confidential. That is exceedingly important if you do not want another person to know your password, to see your CV, your profile or other available data (e.g. jobs you have applied for). Furthermore, you should take measures to keep your CV safe: before you update a CV remove all sensitive data in it such as social security numbers, identification numbers (e.g. of your driver’s license), financial information, date of birth etc.
We do not require such information in a CV.
Security
- We retain data regarding your application on a website hosted by a service provider. The information will not be encrypted but the service provider is obligated to take an appropriate number of security measures. Furthermore, your CV and other data will run through our offices and be forwarded to relevant third parties. As explained in the site policy, we do not undertake the guarantee of security and we cannot control third parties.
- • You should assume that the website, the storage and the general usage are not encrypted so that you can initiate relevant measures for a heightened security (e.g. explained in this directive in the section “Password; editorial processing of the CV”).
- Please keep in mind that there are e-mail „phishing“ and other acts of fraud by individuals who are simulating us or a third party working for us. If you are contacted and asked to provide sensitive data such as financial information or your social security number etc., you can be sure that you are being deceived.
- In case you have provided us this information, we already have it in our files as for all the other third parties to whom we have forwarded your personal data: Generally, we do not have to ask for this information again.
- • If you want to make sure that the person who is communicating with you is really someone from our foundation or from a third person to whom we have forwarded your data, please do not hesitate to contact us: This email address is being protected from spambots. You need JavaScript enabled to view it. .