General Privacy and
Personal Data Protection Policy
​
​
1. INTRODUCTION
This Privacy Policy sets out the principles for the collection and processing of personal data of current and potential wards/contractors of the ACTION FOR DEMOCRACY,'s activities. (address: 308 S JEFFERSON ST STE 202 CHICAGO, IL USA 60661, EIN: 87-4640498; hereinafter: "A4D", "we", "us" and "our"), including visitors to the website (hereinafter collectively "Users"). A4D respects your privacy. Regardless of whether you are acting in your relationship with us, as a ward/contractor, consumer, person interested in our services and products, etc., you have the right to the protection of your Personal Data. This data may refer to your name, telephone number, e-mail address, but also other data, etc.
This General Privacy and Data Protection Policy (hereinafter, the "Policy") describes how we collect your Personal Data and why we collect it, what we do with your Personal Data, who we share it with, how we protect it, and the choices you can make about your Personal Data.
This Policy applies to the processing of Personal Data within the various services, tools, applications, websites, portals, sales promotions (online), marketing campaigns, sponsored social media platforms, etc. that are provided or operated by us or on our behalf. This Policy contains general principles and explanations. It is supplemented by separate duty of information clauses relating to the aforementioned specific services, tools, applications, websites, portals, sales promotions (online), marketing activities, sponsored social media platforms, etc., which are provided or operated by us or on our behalf. These information obligation clauses will be provided to you when your Personal Data is processed as part of the aforementioned activities (for example, through websites, portals, individual communication services, newsletters, reminders, surveys, offers, events, etc.).
This Policy applies to all Personal Data collected and used by (or on behalf of) A4D.
If you accept the provisions of this Policy, you also consent to the processing of your Personal Data as set out in this Policy.
At the end of this Policy you will find definitions of key terms used in this Policy with capital letters (e.g. Personal Data, Processing, Data Controller).
​
​
2. WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL DATA?
The entities responsible for the Processing of your Personal Data (Data Controllers) are:
A4D with its registered office in 308 S JEFFERSON ST STE 202 CHICAGO, IL 60661 USA
​
​
3. WHO CAN YOU CONTACT IF YOU HAVE QUESTIONS OR REQUESTS?
​
A4D has established a Data Protection Contact Point to answer your questions and requests related to this Policy, the information obligation clauses, your Personal Data (and their Processing).
If you have any questions, complaints relating to the application of this Policy and the Processing of Personal Data or requests relating to your rights, you may contact via the Data Protection Point of Contact:
by letter using the address: 308 S JEFFERSON ST STE 202 CHICAGO, IL USA 60661
by e-mail at: email@actionfordemocracy.org
​
4. KEY PRINCIPLES
We care about the Personal Data entrusted to us and are committed to processing it in a fair, transparent and secure manner. To this end, the A4D applies the following principles:
Lawfulness: we will only collect and process your Personal Data in a lawful, fair and transparent manner.
Data Minimization: we will limit the collection of your Personal Data to what is adequate and necessary to achieve the purposes for which it was collected.
Purpose limitation: we will only collect your Personal Data for specific, explicit and legitimate purposes and will not process your Personal Data in a manner incompatible with those purposes.
Correctness: we ensure that the Personal Data held is correct and up to date.
Data security and protection: in order to ensure data security and protection at an appropriate level, we implement technical and organizational measures, taking into account, among other things, the nature of the Personal Data to be protected. Such measures are designed to prevent unauthorized disclosure or access, unlawful destruction or accidental loss of data, alteration or any other unlawful form of Processing.
Access and rectification: we will process your Personal Data in such a way as to ensure that you can confirm whether or not your Personal Data is being processed, and that you can access your Personal Data and obtain the information you have requested, together with a request to rectify your Personal Data in accordance with your rights.
Limited retention period: we will retain your Personal Data in a manner consistent with applicable data protection laws and regulations and for no longer than is necessary to achieve the purposes for which it was collected or when required by law.
Protection in case of international transfer: we will ensure adequate protection of your Personal Data.
Third Party Safeguards: we will ensure that access to Personal Data by third parties (and transfer of Personal Data to them) is carried out in accordance with applicable law and appropriate contractual safeguards.
Legality of direct marketing and the use of cookies: we ensure that the sending of promotional material and the placing of cookies on your computer is carried out in accordance with applicable law.
​
5. PROCESSING OF YOUR PERSONAL DATA: WHAT PERSONAL DATA WE COLLECT AND ON WHAT LEGAL BASIS
​
Whenever you are asked to provide your Personal Data, you will be clearly informed which of your Personal Data is being collected. This information will be communicated to you in the form of an appropriate information obligation clause included with certain services (including communication services), web portals, electronic newsletters, reminders, surveys, subscription forms, etc.
Please note that under data protection legislation, your Personal Data may be processed if:
you have given your consent to the Processing (as described in the disclosure clause relating to that particular Processing). If in doubt, you always have the right to withdraw your consent at any time; or
it is necessary for the performance of a contract to which you are a party; or
in the case of a specific Processing, we act on the basis of our legitimate interest, provided that your interests or fundamental rights and freedoms do not override it. The existence of such legitimate interest will be duly communicated to you in the form of an information obligation clause relating to that specific Processing; or
this is required by law.
​
​
6. FOR WHICH PURPOSES WE PROCESS YOUR PERSONAL DATA
​
We will only process your Personal Data for specific, explicit and legitimate purposes and will not further process your Personal Data in a manner incompatible with those purposes.
​
Such purpose may be, to improve the quality of our services based on your feedback on your visit to one of our websites or portals; to improve the quality of our products or services in general; to offer services or applications; to engage in communication and marketing activities; to ask your opinion about initiatives; to invite to events; to ask for participation in social activities, etc.
The purpose of each Processing of your Personal Data is set out in the specific information obligation clause relating to that particular Processing. Information on specific Duty of Information clauses is made available, for example, through websites or portals, in applications, electronic newsletters, reminders, surveys, subscription forms, etc.
​
7. PROCESSING OF PERSONAL DATA IN SUCH A WAY AS TO ENSURE THAT THEY ARE ACCURATE AND UP-TO-DATE
Keeping your data accurate and up-to-date is very important to us. We ask that you inform us of any changes or errors in your Personal Data as soon as possible by contacting us via the Data Protection Point of Contact (see section 3 "Who can you contact with questions or requests?" for details). We will take appropriate steps to ensure that any incorrect or outdated Personal Data is deleted or adjusted accordingly.
​
8. ACCESS TO YOUR PERSONAL DATA
​
You have the right to access your Personal Data that we process and, if your Personal Data is inaccurate or incomplete, to request that we correct or delete your Personal Data. If you require further information regarding your privacy rights or would like to exercise these rights, please contact us via the Data Protection Point of Contact (see section 3 "Who can you contact with questions or requests?" for details).
​
9. HOW LONG WE KEEP YOUR PERSONAL DATA
​
We will store your Personal Data in a manner that complies with data protection legislation. We will only retain your Personal Data for as long as necessary for the purposes for which we process your Personal Data or for compliance with the law or where retention of your data for a period of time is required by law.
For information on how long specific Personal Data will be retained before it is deleted from our systems and databases, please contact us via the Data Protection Point of Contact (see section 3 "Who can you contact with questions or requests?" for details). Relevant information will also be provided in the specific information obligation clauses that will be provided to you when your Personal Data is processed.
​
10. PROTECTION OF YOUR PERSONAL DATA
​
We have employed an appropriate set of technical and organizational measures to ensure that your Personal Data is protected against accidental or unlawful destruction, loss, modification, unauthorized disclosure or unauthorized access to your Personal Data. These have been specifically designed taking into account our IT infrastructure, the potential impact on your privacy and associated costs and in accordance with current industry standards and practice.
​
Your Personal Data may be subject to processing by a Third Party Data Processor only if that Data Processor undertakes to apply these technical and organizational data security measures. The data controller utilizes digital services in third countries that process personal data. The data controller ensures that its relevant digital service providers registered in third countries must take all appropriate safeguards to require that your Personal Information remains protected. These safeguards include implementing the European Commission’s Standard Contractual Clauses for transfers of Third Party Personal Information with our third-party service providers and partners, which require all parties to protect Third Party Personal Information they process from the European Economic Area in accordance with European data protection law. The chosen third-country service providers and data processors have self-certified adherence to the principles of the EU-U.S. Data Privacy Framework and designated JAMS as our alternative dispute resolution provider under the Framework.
Maintaining data security means protecting the confidentiality, integrity and availability of personal data:
Confidentiality: we will protect your Personal Data from unwanted disclosure to third parties.
Integrity: we will protect your Personal Data from modification by unauthorized third parties.
Accessibility: we will ensure that authorized parties are able to access Personal Data when required.
Our data security procedures include: access security, backup systems, monitoring, review and maintenance of systems, security incident management and business continuity assurance, etc.
​
​
11. USE OF COOKIES OR SIMILAR TOOLS
​
We use cookies on our website. This enables us to make your browsing experience more comfortable and allows us to make improvements to our website.
​
​
12. DISCLOSURE OF PERSONAL DATA
​
Depending on the purposes for which we collect your Personal Data, we may disclose your Personal Data to the following categories of recipients who will then, solely for the purposes indicated, process your Personal Data:.
(a) As part of our activities:
​
Our authorized employees;
(b) External business partners:
​
Advertising, marketing and promotional agencies acting on our behalf: to help us deliver and analyze the effectiveness of our advertising and promotional campaigns;
Business partners: for example, trusted companies who may use your Personal Information to provide services and/or products you have requested and/or who may provide you with marketing materials (provided that you have consented to receive such marketing materials). We ask such companies to always comply with applicable laws and this Policy and to pay particular attention to the confidentiality of your Personal Information;
A4D Service Providers: companies that provide services to or on behalf of A4D for the purpose of providing such services (for example, A4D may disclose your Personal Data to third-party IT-related service providers);
(c) Other third parties:
​
where this is required by law or is legally necessary to protect the A4D:
​
for compliance with the law, requests from state authorities, court orders, legal procedures, obligations to report and provide information to authorities, etc;
for verifying or enforcing compliance with policies and agreements with the A4D, and
in order to protect the rights, property or safety of the A4D and/or our subjects/contractors;
in connection with corporate transactions: in the context of a transfer or disposal of all or part of its undertaking or otherwise in connection with a merger, consolidation, change of control, reorganization or liquidation of all or part of the activities of the A4D.
Please note that the third party recipients listed in (b) and (c) above - particularly service providers who may offer products and services through services or applications or through their own channels - may collect Personal Data from you separately. In such cases, these entities are solely responsible for the processing and control of such Personal Data, and your interactions with them will be subject to their terms and conditions.
A4D engages with external partners such as ActBlue and Action Network. While we may provide links to their respective privacy policies and terms, A4D does not assume responsibility for the data practices or policies of these external partners. It is advised that users review the privacy policies and terms of these partners independently on the following links:
​
Link to ActBlue’s Privacy Policy
Link to Action Network’s Terms of Service
A4D reserves the right to engage with other partners in the future, and users should exercise caution and review the privacy policies and terms of any new partners independently.
Your Personal Data may be subject to processing by a Third Party Data Processor only if that Data Processor undertakes to apply these technical and organizational data security measures.
​
​
13. DETAILED CONTACT DETAILS FOR A4D STAFF
​
If you purchase a product or service from us (A4D) or if you provide us with your Personal Data in any other case, you thereby establish an intrinsic relationship with us as Data Controller.
​
​
14. USE OF SOCIAL MEDIA
If, when using a A4D tool and/or (website, portal...) you use a specific social media login (for example, Facebook account, Facebook messenger), A4D will register your Personal Data available on such social media and the use of such social media means that you have expressly consented to the transfer of the Personal Data registered by the A4D through the tools of that social media.
A4D sometimes facilitates the publication of Personal Data via social media such as Twitter, Instagram/X and Facebook. Social media have their own privacy policies, which you must take into account if you use such social media. We would like to remind you that publishing content on social media may have certain consequences, including for your privacy or the privacy of the persons whose Personal Data you provide, e.g. the impossibility to withdraw the published content within a short period of time. You are fully responsible for what is published by you. The A4D assumes no liability in this respect.
​
​
15. ELECTIONS AND THE RULE OF LAW
We want to make our operations as transparent as possible to you so that you can make reasonable choices about how we are to use your Personal Information.
Your Personal Data
​
You can always contact us via the Data Protection Point of Contact (see section 3 "Who can you contact with questions or requests?" for details) to find out what Personal Data we have about you and its origin. In certain circumstances, you have the right to receive a copy of the Personal Data you have provided to us in a commonly used, structured machine-readable format or to request a transfer of your Personal Data to any third party of your choice.
​
Your amendments
​
If you find an error in your Personal Data or if you consider it to be incomplete, outdated or incorrect, you may request us to correct or complete it.
​
Your request to restrict
​
You have the right to request the restriction of the Processing of your Personal Data (e.g. if the accuracy of your Personal Data is contested, if your Personal Data is not needed for the purposes of the Processing).
​
Your objections
​
You may object to the use of your Personal Data on the basis of a legitimate interest of the Controller (we will cease processing for this purpose unless there are legitimate grounds for processing set out in law, or where processing is necessary for the establishment, investigation or defense of claims).
You may also object to the use of your Personal Data for direct marketing purposes or to the sharing of your Personal Data with third parties for the same purpose.
​
Your right to withdraw your consent
​
At any time you have the possibility to withdraw your consent to further Processing of Personal Data that you have given us. You can withdraw your consent by contacting the Data Protection Point of Contact (see section 3 "Who can you contact with questions or requests?" for details).
Your right to be forgotten
In addition, you may request us to delete Personal Data relating to you (except in certain cases, for example, to prove a transaction, to assert or defend a claim or when required by law).
Your right to complain
Please also note that you also have the right to lodge a complaint against the A4D as Data Controller with the relevant data protection authority ("President of the Data Protection Authority").
​
​
16. LEGAL INFORMATION
The requirements of this Policy are in addition to and do not replace any other requirements existing under data protection law. In the event of a conflict between the content of this Policy and the requirements of data protection law, data protection law shall prevail.
A4D may amend this Policy at any time, e.g. to comply with current data protection legislation, due to decisions or other acts of state authorities or in connection with the need to improve the provision of our services.
​
​
17. DEFINITIONS
In this Policy, the following terms have the following meanings:
Data Controller means the organization that determines the purposes of the processing and the means by which your Personal Data is processed. Unless we inform you otherwise, the Data Controller is: A4D with its registered office in 308 S JEFFERSON ST STE 202 CHICAGO, IL 60661, EIN: 87-4640498, a Chicago, IL. Further information may be provided to you via a separate information obligation clause, which will, for example, be included in certain services (including communication services), electronic newsletters, reminders, surveys, offers, invitations to events, etc.
Data Processor means the person or organization processing your Personal Data on behalf of the Data Controller.
Data Protection Contact Point means the person designated by A4D, as Data Controller, where you have the opportunity to address your questions or requests regarding this Policy and/or the Processing of your Personal Data and who will deal with such questions and requests. If you are not informed otherwise, you may contact the Data Protection Contact Point as described in Section 3 "Who can you contact with questions or requests?".
​
Personal Data is any information about an identified or identifiable natural person, e.g. you, or which indirectly identifies you, such as, for example, your name, telephone number, e-mail address, etc.
Processing means an operation or set of operations which is performed upon your Personal Data or sets of such Data by automated or non-automated means, such as collecting, recording, organizing, structuring, storing, adapting or modifying, retrieving, accessing and any form of use of Personal Data.
Information about cookies:
All of the A4D websites use their own cookies to optimize the use of the website and for statistical purposes. Cookies are IT data, in particular text files, which are stored on the website user's terminal device (computer, phone, etc.). Cookies usually contain the name of the website they come from, the time they are stored on the end device and a unique number.
Please be informed that websites also use so-called external cookies for the following purposes:
the collection of general and anonymous statistical data via the analytical tools Google Analytics, Google Ads;
publicize our website via social media: twitter.com, facebook.com, youtube.com, instagram
For more information on the cookies of these entities, please refer to their privacy policies
When you use our websites, we use cookies that make it possible to identify your browser or device - cookies collect various types of information that, in principle, do not constitute personal data (they do not allow you to be identified). However, some information, depending on its content and the way it is used, may be linked to a specific person and thus be considered personal data. The data will be processed by the Data Controller for the purposes indicated above, on the basis of Article 6(1)(f) of the General Data Protection Regulation (GDPR) - i.e. on the basis of the legitimate interest of the Data Controller.
The user has the possibility to manage cookies in the settings of their web browser. In particular, the user can prevent cookies from being stored on their terminal device.
​