Last updated on June 1, 2019.
Ramzi & Saeda Dalloul Art Foundation (trading as DAF) is committed to protecting and respecting your privacy. This policy describes how we collect, use and otherwise process personal data relating to you, or that you provide to us:
(i) when you visit or use:
our website at www.dafbeirut.org (the “Website”);
any of our computer or mobile software applications (“Apps”);
our social media pages;
any of the services accessible through the Website (the “Services”); and
(ii) when you contact us (by email or telephone or in person), for example to request our news and updates or to submit a query or comment regarding the Website or its content; and
(iii) through offline sales and marketing activities.
Personal data is data that can be used on its own or with other data or information to identify, contact, or locate a single person, or to identify an individual in context. Please read this policy carefully to understand our practices regarding personal data.
By visiting the Website, accessing one of our social media pages and/or using the Services, you are accepting to the practices described in this policy.
For the purposes of this policy, all references to the Website shall include a reference to the Apps, and references to DAF, “we”, “us” or “our” are to Ramzi & Saeda Dalloul Art Foundation (trading as DAF), a company incorporated in the Republic of Lebanon under company number 07534, and having its registered office at White Tower Building 2nd Floor - Madame Curie Street - Qoraytem, Beirut, Lebanon.
For the purposes of data protection laws, the data controller is DAF. In this Policy, the terms “personal data (or information)”, “processing”, “data controller” and “data processor” shall have the meaning ascribed to them in the General Data Protection Regulation ((EU) 2016/679).
What personal data do we collect from you?
1.1 Information that we collect from you
The type of information we collect from you will depend upon the type of interaction you have with us.
Broadly speaking, the types of personal data that we collect may include:
(i) your name, address, email address, phone number, age range, gender, details of employment, Internet Protocol (IP) address and any other information that you might choose to volunteer, that can be used to identify you, when you:
register with us and log in through the Website;
place an order for products or services from us or enquire about advertising opportunities on the Website;
subscribe to our RSS feed or to receive our newsletter or any other information from us;
complete enquiry forms on the Website;
complete any voluntary surveys we may ask you to participate in from time to time;
submit comments or feedback for publication on the Website or in any of our publications;
participate in any online forum which may be available on the Website from time to time;
participate in any competition or prize draw that we may run on the Website from time to time;
respond to our marketing communications;
correspond with us by phone, email or otherwise; or
report a problem with the Website.
You are under no obligation to provide any such data. However, if you choose to withhold requested information, you may not be able to access all of the Website’s contents and services.
1.2 Publicly Available Information
We may also collect information relating to you that is available on the Internet, such as from Facebook, LinkedIn, Twitter and Google, or other publicly available information that we acquire from our service providers.
3 Website Navigational Information
We also collect personal data automatically when you use the Website and when you navigate through the Website. Data collected automatically may include:
(i) technical information, including the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
(ii) information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
For more information on our use of these technologies, see our Cookies section below.
1.4 Information that we receive from other sources
We may also collect or receive personal data relating to you in the following scenarios:
(i) where we buy in your personal data (name and company or corporate email address from marketing companies or other business partners);
(ii) your personal data is contained in information given to us by our sub-contractors that provide technical services to us; and
(iv) your personal data is contained in information given to us by our analytics and search information providers.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
2. How do we use your personal data?
2.1 For the purposes of our legitimate interests
2.1.1 We use personal data relating to you that we collect from publicly available sources and/or third parties, or that you provide to us, for the purposes of our legitimate interests as follows:
(i) to improve our Website and offering;
(ii) to administer any account or registration you may have with us;
(iii) to carry out our obligations arising from any contracts entered into between you and us;
(iv) to provide you with the information, products and services that you request from us;
(v) to administer your participation in any competitions or prize draws we may run from time to time;
(vi) to notify you about changes to the Website or any other aspect of our service;
(vii) to communicate with you about any comments, queries or feedback you might have about us or the Website;
(viii) for publication on the Website or in our printed publications, but only if you have provided it to us for that purpose; and
(ix) to ensure that content on the Website is presented in the most effective manner for you and for your computer.
2.1.2 We also use the information about you that we collect automatically for the purposes of our legitimate interests as follows:
(i) to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
(ii) to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
(iii) to allow you to participate in interactive features on the Website, when you choose to do so;
(iv) as part of our efforts to keep the Website safe and secure;
(v) to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
(vi) to make suggestions and recommendations to you and other users of the Website about goods or services that may interest you or them
You have the right to object to this processing if you wish, and if you wish to do so, please send an email or write to us using the details provided in the Contact Us section. Please bear in mind that if you object this may affect our ability to carry out the tasks above for your benefit.
2.2 For marketing purposes
We will use personal data relating to you to provide you with information about products and services we offer that we feel may interest you by post, telephone, SMS or email. We will send you this information only if:
(i) you have consented to receiving this information:
(ii) the information is about products and services similar to those which were the subject of a previous sale or negotiation of a sale to you (and you have opted in to receive such marketing messages); or
(iii) where we are permitted to do so by law without consent, for example, if you have or a third party has provided us with a company or corporate email address.
If, at any time, you do not want us to use your information in this way, please contact us using our contact form below or using our contact details in paragraph 11 below).
2.3 If we purchase information on you from a third party, such as marketing lists, we promise to take all necessary checks to make sure your information was collected legally. We will only use such information for the purposes set out above.
2.4 We do not use automated decision making (including profiling).
This Website is not intended for or targeted at children under 16, and we do not knowingly or intentionally collect information about children under 16. If you believe that we have collected information about a child under 16, please send an email or write to us using the details provided in the Contact Us Contacting us section, so that we may delete the information.
5. Disclosure of your information
5.1 We may share your information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
5.2 We may share your information with selected third parties including:
5.2.1 business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
5.2.2 advertisers and advertising networks that require anonymised data to select and serve relevant adverts to you and others. We may provide them with aggregate information about our users (for example, we may inform them that 100 women aged 18-24 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, men in a particular location). We may make use of the information we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience;
5.2.3 analytics and search engine providers that assist us in the improvement and optimisation of the Website; and
5.2.4 credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
5.3 We may disclose your personal information to third parties:
5.3.1 in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
5.3.2 if DAF or substantially all of the company’s assets are acquired by a third party, in which case personal data held by the company about our customers will be one of the transferred assets; or
5.3.3 if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our various terms, policies and other agreements; or to protect the rights, property, or safety of DAF, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
6. User content
6.1 User content is any content submitted to us for the purpose of publication on the Website (including in any public forum we may provide) or in our printed publications. All user content you submit will be treated as non-confidential and may be visible to other registered users as well as to unregistered visitors to the Website, so please do not submit any information about yourself which you would not wish to make public. (For the avoidance of doubt, user content does not include any other correspondence between you and us.)
6.2 Once you have submitted user content to us, you may be unable to recall or delete it except in limited circumstances. If you are unable to edit or delete user content you have submitted, please refer to clause 9.1 and contact us through our contact form below or by using our contact details in paragraph 11 below.
6.3 We do our best to ensure that offensive language and content do not appear on the Website, but we do not routinely monitor or moderate user content and therefore user content may from time to time include language or content which some people may find offensive. If you wish to complain about any user content, please contact us through our contact form below or using our contact details in paragraph 11below.
7. Where we store your information
7.1 We have in place a level of security appropriate to the nature of the information stored and the harm that might result from a breach of security. All information that you send via the Website is encrypted whilst in transit between you and the servers where we store the information. Your information is stored on the secure servers of our web services provider in Ireland.
7.2 Any payment transactions will be encrypted using SSL technology in such a way as to ensure that we are not given your financial or credit card information.
7.3 The information that we collect from you may also be transferred to other destinations outside the European Economic Area (EEA), where it will be stored by us or by one of our suppliers. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the provision of support services. We will take all steps reasonably necessary to ensure adequate security for any of your information transferred outside the EEA. By using the Website and submitting your information to us, you accept that personal data relating to you may be transferred, stored or processed in this way.
7.4 If you use our services while you are outside the EU, your information may be transferred outside the EEA in order to provide you with those services.
7.5 Unfortunately, the transmission of information via the internet is not completely secure and, although we will do our best to protect your information, we cannot guarantee the security of any of your information transmitted via the Website. Consequently, any transmission is at your own risk. If we become aware that the security of your information has been compromised, we will notify you by email or as otherwise required by law.
7.6 In the event that a security breach does occur that could adversely affect you, and we have the means to let you know, we will take appropriate steps to notify you how the breach occurred, its nature, the steps we have taken to rectify the issue and the steps you can take to rectify any minimise any adverse impact.
7.7 Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential and you must not share it with anyone.
8. Links to third-party websites
8.2 We do not accept any responsibility or liability for third-party websites or their privacy policies and we strongly advise you to check such policies and the reputation of the website before you submit your information to any third-party website, the owners of which do not necessarily have any connection, commercial or otherwise, with us. We welcome any feedback about third-party websites linked to from the Website.
9. Rights of individuals
9.1 The General Data Protection Regulation gives you the right to access, rectification or erasure of the personal data, data portability, restriction of processing, the right to object to processing of your personal data, and the right to lodge a complaint with a supervisory body. You can exercise the above rights by using our contact details in paragraph 11 below.
9.2 We also want to make sure that personal data relating to you that we hold is accurate and up to date. You may ask us to correct or remove any information you think is inaccurate.
9.3 To protect your privacy, we may take steps to verify your identity before taking any action in response to any request. You will not have to pay a fee to access personal information relating to you (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
9.4 Our legal basis for processing your data is either consent or legitimate interest. Where our legal basis for processing your data is consent, you have the right to withdraw your consent at any time and ask us not to process your personal information, including for marketing purposes. You can exercise your right to prevent such processing at any time either through the unsubscribe link at the bottom of our marketing emails or by using our contact details in paragraph 11 below.
9.5 We will retain your data for the shortest period of (i) as long as is necessary to carry out the purpose for which it was collected or (ii) as required by law.
9.6 If you have a concern about the way we are collecting or using your personal information, we request that you raise your concern with us in the first instance.
11. Contacting us
Our website is hosted on PCI Compliant and Industry Strandard Penetration tested servers. As well as this our compliance with GDPR involves:
As a visitor to our website, you are required to accept our terms, cookie and privacy policies. If you register your email and engage with the functionality of this website you are required to double opt-in by clicking a confirmation link in an email we send you.
2. Records of given consents and processing activities
When consent is given through the email confirmation we retain this archive for any GDPR or privacy investigation. These can be requested by contacting DAF and verifying required credentials
3. Data portability
As a registered subscriber to this website, you are able through your Member Area to download all your data including logs we have stored related to your ID.
4. The Right to be forgotten
As a registered subscriber to this website, you are able through your Member Area to delete your account and all your data including logs we have stored related to your ID.
DAF is serious about protecting your privacy and information and will never share your information with any 3rd parties unless legally required to do so.