Privacy Policy.
At STIRIXIS Group, we’re committed to protecting and respecting your privacy.
This Policy sets out our data collection and processing practices, the conditions under which we may disclose it, and your options regarding the ways in which your personal information is used.
We may update this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this Policy.
Any questions regarding this Policy and our privacy practices should be sent by email to privacy@stirixis.com.
The Policy refers to all of the websites that Group (STIRIXIS SA, STIRIXIS Ltd and STIRIXIS Srl) run, currently: stirixis.com and stirixisexclusive.com. It also covers any email and contact lists held by STIRIXIS Group and by our projects and campaigns.
This policy was last updated in May 2018.
Who We Are.
We are STIRIXIS Group, an internationally awarded strategy through execution consultancy firm. We consist of companies in Greece, in Romania and in the UK. Any correspondence to us can be sent to: privacy@stirixis.com
Data protection.
We will never share your information with another organisation for their own marketing purposes and we will never sell your information for any reason whatsoever.
As you use our website, get in touch with us, or take part in our campaigns and activities, we collect information. Some of this information will be anonymous such as which pages you visit on our websites, and some will contain very limited your personal information such as when you join a campaign or project email list. Be assured that we will always endeavour to be clear, honest and transparent with you about the information we collect, and wherever practical will ask your specific consent.
When do we collect information about you.
When you give it to us directly via a website form, email, phone, letter, sign-up sheet or in person.
You may give us your personal data when you join an email list, appear on an online map, directory, or calendar, or when you add your details to a list at an event. Also, when you apply for employment with us, or apply to volunteer, or contact us in another way.
When you visit our website.
We use cookies to identify you when you visit our website and to enable us to personalise your online experience (for example when you log into a password-protected area). Please refer to our Cookies Policy for more information.
What type of information is collected from you.
Typically, we will collect just your email address.
We will also collect anonymous information about your computer and your visits to our website including your IP address, geographical location, browser type, referral source, length of visit and number of page views. We will not link this to you individually. Such information helps inform us about our website and digital communications development.
If you attend a STIRIXIS Group event it is possible that your photograph may be taken. If you object to a photograph of you being reproduced, please let us know.
For what purposes do we collect information about you?
The overview below summarises the different reasons why we may collect and use your data. We may not use your personal information for all of these purposes, it will depend on the nature of your relationship with us, and how you interact with STIRIXIS Group:
1. Campaigning, promotion and fundraising: Our main communications are to update you on the latest developments of our projects and campaigns and we may invite you to participate in activities such as events, competitions, polls, surveys and actions. The vast majority of our promotional activities are focused on promoting the aims and objectives of STIRIXIS Group’s projects and campaigns. We might ask you for feedback on, for example, an event you have attended or a publication you have downloaded; and we might tell you about other events or publications that we think might be of interest to you. In general, these communications will be by email, but may also be e.g. via online and other digital forums, by phone, by post or in person at events.
2. Retail trading: STIRIXIS Group organises events and training workshops. If you attend an event, we may store additional to your email personal information such as name and telephone number to invite you to similar events in the future. STIRIXIS Group will store members’ personal information and the period of their membership. Note that STIRIXIS Group never stores personal financial information, except for some personal financial information of employees to enable, for example, salary and pension payments.
3. Analysis and tailoring of communications: We will make use of the information you have given us and your interactions with our services, to help us understand your interests and may tailor and personalise our communications to you.
4. Profiling: We do not create a personal profile of your interests and preferences.
5. Volunteering for STIRIXIS Group: If you volunteer with us, we may need to use your personal information to manage your volunteering activities, deliver training, update you on our projects and campaigns and to ensure your safety. This may include sending you invitations to events, information about our work and requests to feedback on your experience volunteering with us.
6. Staff administration: We process the personal information of our employees for recruitment, staff administration, remuneration, pensions and performance management purposes.
We do not sell or rent the personal information we collect from your use of our Sites to third parties for their marketing purposes. We may combine your information with information we collect from other companies (such as demographic data) to improve and personalize the services provided to you.
On what lawful grounds do we process your personal information.
• Information is processed on the basis of an individual’s consent.
• Information is processed in line with a contractual relationship.
• Information is processed on the basis of legitimate interest.
We may also share your personal information when we are compelled to do so by a legal authority acting in compliance with the law.
Consent.
We will only send promotional material by email to those who have given consent, usually to send you updates on our projects and campaigns. Occasionally, for some of our projects, our promotional material may – for example – invite you to an event, ask for a donation, provide information about crowdfunding or promote items for sale.
Where you give us consent to process your data we will always keep a clear record of how and when this consent was obtained. You can withdraw your consent at any time, or request that all your personal data be deleted by emailing: privacy@stirixis.com.
Contractual relationships.
Most interactions with our supporters and beneficiaries are voluntary and not contractual. However, sometimes it will be necessary to process personal information so that we can enter contractual relationships with people. For example, if you apply for employment or to volunteer with us.
Legitimate interests.
The applicable law allows personal information to be collected and used if it is reasonably necessary for our legitimate activities (as long as its use is fair, balanced and does not unduly impact individuals’ rights). We will always work to these principles to process your personal data, including on the unusual occasion when it is not practical or appropriate to ask for explicit consent.
What are STIRIXIS Group’s legitimate interests?
Governance:
• Reporting criminal acts and compliance with the legal instructions of law enforcement agencies.
• Internal and external audit for financial or regulatory compliance purpose.
Publicity and income generation:
• Conventional direct marketing by post, email and other forms or marketing, publicity or advertisement.
• Unsolicited commercial or non-commercial messages, including campaigns, income generation or charitable fundraising.
• Personalisation to tailor and enhance the supporter experience in our digital and postal communications.
• Exercise of the right to freedom of expression or information.
• Analysis and tailoring of communications to develop the fundraising strategy and improve communications.
• Processing for research purposes.
• Understanding better our beneficiaries and supporters, including the use of publicly available information.
Operational management:
• Employee and volunteer recording and monitoring for recruitment, safety, performance management or workforce planning purposes.
• Provision and administration of staff benefits such as pensions.
• Physical security, IT and network security.
• Maintenance of ‘do not contact’ lists.
• Processing for historical, research or statistical purposes.
Financial management and control:
• Processing of financial transactions and maintaining financial controls (noting that we do not hold personal financial information, except for some personal financial information of employees to enable, for example, salary and pension payments).
• Prevention of fraud, misuse of services, or money laundering.
• Enforcement of legal claims.
Purely administrative purposes:
• Responding to inquiries.
• Delivery of requested products, resources or information.
• Administration of financial transactions.
• Providing ‘thank you’ communications and receipts.
• Maintaining ‘do not contact’ lists.
When we use your personal information, we will always consider if it is fair and balanced to do so and whether it would be within your reasonable expectations that we would use your data in this way.
We will balance your rights and our legitimate interests to ensure that the way in which we use your data never goes beyond what you would expect and is not unduly intrusive or unfair.
Cookies and Web Beacons.
We employ cookies on our Sites in order for our server to recognize a return visitor as a unique user. Cookies are small text files that your browser stores on your hard disk that allow us to remember you; cookies cannot access, read, or modify any other data on a computer. The cookies we place are readable only by us. All Web browsers offer the option to refuse any cookie. If you refuse STIRIXIS Group’s cookies, you may need to re-enter certain information each time you visit our Sites and we may not be able to customize our Sites’ features according to your preferences. You may also delete cookies manually from your hard drive.
The cookies we place do not contain any personal information; however, they do contain identifiers that may be linked to certain non-personally identifiable information described in this privacy policy, as well as certain non-personally identifiable advertising IDs from third parties.
We also use cookies and web beacons, such as invisible tracking pixels, to help us better serve you and to provide targeted advertising we place on third-party websites.
Phishing.
In order to protect yourself from third parties unlawfully seeking your personal information through email that appears to be from STIRIXIS Group you should never provide any personal information directly in response to an email you believe you have received from us. In the event that you believe that you have received a request for personal information in an email message that is made to appear that it was sent by us, please inform us immediately at privacy@stirixis.com.
Do we collect data about children?
Our website and other communications are targeted at persons over the age of 16. If we have reason to believe that we hold personal data of a person under that age in our databases, we will delete that personal data. In exceptional circumstances we may store the name and limited personal information about a child under the age of 16, for example to identify them in a photograph or to fulfil our safeguarding and health and safety obligations. We will treat such limited information with all due care and respect and in line with our relevant policies and procedures covering such circumstances.
How long will we keep your data?
Unless still required in connection with the purpose(s) for which it was collected – such as for a campaign or project email newsletter list – we will usually remove your personal information from our records ten years after the date it was collected. However, if you or your organisation works with STIRIXIS Group, or you are linked to a STIRIXIS Group member organisation, we may keep your personal information on record for longer. This exception usually applies to journalists, policy-makers, researchers, industry contacts and people working in the not-for-profit sector.
If you ask us to stop sending you emails or other forms of communication, we will keep your name on our internal suppression list (a ‘do not contact’ list) to ensure that you are not contacted again.
If you exercise your ‘right of erasure’, we will remove your personal information completely and immediately.
Is your personal information secure and who can access it?
We will only ever publish or share your data with your clear and informed consent.
We endeavour to ensure that there are appropriate and proportionate technical and organisational measures to prevent the loss, destruction, misuse, alteration, unauthorised disclosure of or access to your personal information.
Your information is only accessible by appropriately trained staff, who agrees to abide by this policy.
Occasionally we use external service providers to process data on our behalf – such as sending address details to a mailing house to post magazines, or to email broadcast services who will send out our campaign and project updates on our behalf.
What are your rights.
Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to be unsubscribed from our email list at any time. You also have the following rights:
• Right to be informed – you have the right to be told how your personal information will be used.
• Right of access – you can ask what information we hold on you and to request a copy.
• Right of erasure – you can request that all your personal information is deleted from our records.
• Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated.
• Right to restrict processing – you have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.
• Right to data portability – you may ask us to provide your information to you – or another service provider – in a machine-readable format.
To exercise these rights, please send a description of the information in question to privacy@stirixis.com.
Opting out of cookie-based advertising.
We try hard to make our advertising more relevant to you, but if you would rather opt out of seeing personalized ads from STIRIXIS Group and STIRIXIS Group clients utilizing STIRIXIS Group cookies, please contact privacy@stirixis.com. If you opt out, you will still see ads from us and our clients, but they will not be tailored based on information that may have otherwise been associated with a STIRIXIS Group cookie stored on your computer.
Please note that our opt-out requires that we be able to set an opt-out cookie in your browser.
Anti-Abuse.
If you suspect someone abusing our services, please contact us at privacy@stirixis.com. All complaints are investigated, and you will receive a response on the action we will take to resolve the issue.
Does this policy cover third party websites.
No, this Policy does not cover external websites and services that we link to and we are not responsible for the privacy practices or content of those sites or services.
Where can you find further information.
For further information please email privacy@stirixis.com.