A little child running by the water.

Diakonia’s Privacy policy

Diakonia is working to promote a just, equal and sustainable world. In order to achieve our goal, we need to involve a lot of people: employees, supporters, volunteers and donors. And that is why we need to be able to process personal data. We are committed to ensuring your peace of mind when you share your personal data with us. This privacy policy explains how Diakonia processes personal data, how we safeguard your rights concerning the protection of your personal data, and how you can exercise your rights in this regard.

This privacy policy has been prepared on the basis of the requirements that the General Data Protection Regulation (often abbreviated to GDPR) makes on Diakonia as the Data Controller, as well as the requirements that FRII, our sector organisation, makes on its members.

Data Controller

Diakonia, corporate identity number 802017-3517, is the legally responsible entity. This means that we are responsible for ensuring that all processing of personal data within our business is conducted according to the applicable legislation.

When we collect information

We primarily collect information when you provide us with information yourself. We also collect information when you otherwise communicate with us – by phone, by email or through social media, for example.

Examples of when data may be collected:

  • When you make a donation
  • When you order something from our website
  • When you enter your personal data or contact us via any of our platforms, such as diakonia.se, or via social media, or by phone, regular post or email
  • When you choose to subscribe to our newsletter
  • When you register for a course/seminar
  • When you submit an unsolicited application for a job and/or internship
  • When you participate in an appeal or any form of petition
  • When you become involved as a volunteer
  • When you visit our website and approve our use of cookies

The information we collect

The types of personal data we collect vary depending on how you interact with us.

They may, for example, include the following:

  • Personal and contact information: name, date of birth, social security number, mobile phone number, email address, postal address and invoicing/delivery address.
  • Payment details: credit and payment card data, invoice information and bank account number.

In order to fulfil previously concluded agreements and to ensure good register management, we may also supplement your personal data using information supplied previously via the public register SPAR and/or Bisnode.

Why do we collect your data?

Diakonia is working to promote a just, equal and sustainable world. In order to achieve our goal, we need to involve a lot of people: employees, supporters, volunteers and donors. And that is why we need to be able to process personal data.

Any and all processing of your personal data is intended to enable only such operations as are compatible with Diakonia’s statutes. We may need to use your personal data to contact you to communicate important information about our operations in general – at both national and international level – or to provide more detailed information about the latest incidents, disasters and acute collections, for example.

We primarily process your personal data in order to be able to do the following:

Donor and supporter service

  • To complete orders for products from any of our platforms, such as diakonia.se or peoplechangetheworld.org.
  • To be able to administer your donations and your volunteering assignment.
  • To facilitate good service such as processing your enquiries, rectifying incorrect information, or sending information you have requested – our newsletter, for example.

Correct information

  • To communicate information to you by phone, text message, email and regular post.
  • To store and analyse information and to perform segmentation and profiling; for example, how donations break down in general on the basis of age and gender, with a view to improving targeting in our communication.
  • To conduct market surveys and analyses.
  • To produce statistics about our supporters’ behaviour and patterns; anonymised, without identifying any individuals.
  • Through analysis of behaviour on our websites, to be able to develop, deliver and improve our products and services.
  • To develop the user experience on our websites – such as diakonia.se – with a view to making them more user-friendly and to enhancing the user experience.
  • To communicate changes in our terms, conditions and policy documents.

Administration

In addition to the reasons listed above, there may be other purposes stated at the time when your data are collected. We also collect personal data in order to be able to comply with our contractual and legal obligations – when handling direct debits, for example – and for bookkeeping- and tax-related reasons. Other purposes may include:

  • When you send an email to a Diakonia employee or to any of our public addresses, we use your information to maintain contact with you. The same also applies “in reverse”, i.e. when we have emailed you.
  • When you call one of our employees or our switchboard, we use your information to maintain contact with you.
  • When you participate in any of our activities, your data may be used to help us carry out the operation in question; to complete different orders, for example, or to fulfil reporting requirements.
  • If you are interacting with us in your professional capacity or are otherwise involved in our activities, your information may be included in records and memos, or as a reference on invoices and the like.
  • If you submit an unsolicited job application, we process your information to keep you informed about the recruitment process.
  • When you are one of our employees, we use your information for HR administration, payroll administration, to look after your physical safety and to cover our requirements for IT and information security.
  • In our financial administration and follow-up processes, personal data appear on invoices, in verifications and reconciliation bases, in reports and other supporting documents, as well as in communication with affected parties.
  • In our business follow-up, personal data appear in internal reporting systems, reports and accounts.

With whom do we share the information?

We may share information with other parties who process data on our behalf, to allow us to run parts of our operation in a cost-efficient manner. Examples include printing firms, IT providers and the like.

However, Diakonia always holds ultimate responsibility for the processing, and the service provider may not process personal data beyond the scope that has been agreed with Diakonia. We will not sell your personal data to any third party. Any such procedure requires your express consent.

Diakonia always strives to store personal data within the EU/EEA, but some personal data may be transferred to and processed in countries outside the EU/EEA by a provider or subcontractor. In such cases, Diakonia adopts organisational and technical safety measures to ensure that personal data are processed securely and with an adequate level of protection, comparable to and at the same level as the protection offered within the EU/EEA.

Cookies

When you visit our websites, we use what are known as “cookies” to keep track of your order and your authorisations. The Diakonia website uses pixels that enable collection of data for use in other channels. Diakonia allows you to choose which cookies you accept. This means that you can deselect data collection for the purposes of analysis or marketing, for example. Additional information about how Diakonia uses cookies and the like is published under “Cookies and technology”.

Legal basis

By sharing information with us, you consent to Diakonia registering and processing your personal data for the stated purpose. Each incidence of processing must also have foundation in the General Data Protection Regulation for the processing of personal data; this foundation is otherwise known as a “legal basis”.

The legal basis may be:

  1. Consent: In cases where you, through an active action, grant us the right to process your data.
  2. Fulfilment of agreement: A donation is an example of an agreement that is to be fulfilled between the donor and Diakonia.
  3. Legal obligation: Where the processing is required on account of a given piece of legislation, such as the Swedish Accounting Act.
  4. Legitimate interest: Processing that has to do with Diakonia’s work for a better world can be considered to outweigh the interests of the individual, as in the case of communicating information.

On the grounds of this legal basis, Diakonia collects and stores email addresses without the consent of the recipient for purposes such as sending newsletters with information we consider to be of interest or relevant to the recipient on the basis of his/her profession.

Purpose of processingLegal basis
Administering your donations and purchasesFulfilment of agreement
Legitimate interest
Compiling statistics and follow-upLegitimate interest
Marketing and communication of informationLegitimate interest
Internal administrationConsent
Fulfilment of agreement
Legal obligation
Legitimate interest
Monitoring the functioning of our websites and improving performanceLegitimate interest
Market surveys and analysesLegitimate interest
Volunteering assignmentConsent
Sending newsletters to relevant people on the basis of professional categoryLegitimate interest

How long is the information stored?

We never store personal information for longer than we need to. The information we collect is processed for different purposes. The different types of information are therefore stored for different periods, depending on what they are to be used for, as well as on our legal obligations.

In the absence of any statement to the contrary, we store the majority of your personal information as long as you remain a donor to Diakonia. The information is then erased (or anonymised) after a maximum of 36 months, except in cases where, by law, we are obliged to store it for longer (pursuant to the Swedish Accounting Act, for example). If Diakonia were to need to renew the collection of personal information more often, this would result in a significant increase in our administration costs.

Your rights

You have certain rights with regard to your personal data, and you can also have an influence on your information and on what is stored. Diakonia will correct any information that is found to be inaccurate. You have the right, in certain situations, to receive your personal data, have them corrected or have them removed. The section below lists your rights and explains how you can exercise them.

Corrections, limitations and removal

You are always entitled to have inaccurate information corrected, or to have the processing of your information limited. You can also request to have your name removed.

In certain cases, we may not be able to grant your request, but we will always inform you of the reason in such cases. Sometimes, legal obligations prevent us from removing personal data, for example. We can, however, limit the processing of the personal data to encompass solely fulfilment of the legal obligation.

Right to object

In some cases, you have the right to oppose our processing of your personal data. An exception to this rule applies when there are legislative grounds for the processing.

You can decline to receive information of any kind from us at any time. If you receive an email or SMS from us, the simplest approach is to click the “Unsubscribe” option directly in the message we sent to you. If you wish to decline other forms of communication, you are always welcome to contact our donor service.

Right to access

You are entitled, once a year and free of charge, to request information about which personal data Diakonia processes about you, and for what purpose (known as a register extract). Requests for such extracts must be made in writing and signed by you. You will need to specify the categories of information you would like access to; Contact information, for example. Please note that we can only provide such information as we know for certain belongs to you.

Send your request to the address below. Mark the envelope “Register extract”.

Diakonia
Box 14038,
167 14 Bromma, SWEDEN

The register extract will be sent to your address as registered in the central population database.

Right to submit a complaint to the Swedish Authority for Privacy Protection

If you believe that the processing of your personal data infringes the General Data Protection Regulation, you are entitled to submit a complaint to the Swedish Authority for Privacy Protection.

Links to other websites

In the event that the Diakonia website contains links to third party websites, home pages or other material published by a third party, these links are for information purposes only. As Diakonia has no control of the content of these websites or the material they contain, we accept no liability for said content. Nor can we be held liable for losses or damage that may arise from using these links.

Changes to the privacy policy

We may make changes to the privacy policy. This policy is always published under the About us header on our website.

Please do not hesitate to contact us if you have any questions

Thank you for reading our privacy policy. If you have any questions or comments to make about this policy, please contact us at:

Diakonia
Box 14038,
167 14 Bromma, SWEDEN

Phone: +46 8 453 69 00
Donor service: +46 8 453 69 31
diakonia@diakonia.se