At MSF we make sure we protect the information you give us.
The content on this website is controlled and maintained by Doctors Without Borders/ Médecins Sans Frontières (“MSF”, “we”, “us” or “our”). This policy is applicable to MSF’s presence in Indian jurisdiction only.
This privacy notice is written in accordance with relevant data protection framework including the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 on sensitive data protection and the European General Data Protection Regulation.
This privacy notice sets out how MSF collects, uses and stores personal data via our website (“Website”) www.msfindia.in and sub-websites/domains associated with www.msfindia.in This Policy does not cover MSF’s presence on social media platforms such as, including but not limited to: Instagram, Youtube, Facebook, Linkedin, Twitter, and on publishing platforms such as, including but not limited to: Scribd or Blogger on which we have established our own presence. In the context of those platforms, we are merely another user and the privacy policies, as well as the terms and conditions of those platforms, are applicable.
If you have any question or you would like to report a data breach, please email us at: DPO.India@new-delhi.msf.org
When do we collect information about you?
We collect information:
You may give us personal information when you: use our site, donate, apply for various jobs, sign up for one of our events, communicate with us, request a speaker, sign up for email newsletters and leave a message on one of our blogs or on our social media accounts.
We may get your personal information via a fundraising organisation or platform if you’ve told them that you’re supporting MSF and with your consent. Please check their privacy policies when you give them your information.
We may get information about you from your social media accounts or services when you choose to interact with our sites, for example when you log in to leave a comment on or subscribe to one of our blogs. Facebook and Twitter are examples. We can do this if you’ve set your account settings to give us permission. Please check your settings and their privacy policies for more details.
In some cases, we hold publicly available information from social media channels (such as social media handles or number of followers) on our social customer relationship management system. This provides us with an overview of who drives the conversation on topics that relate to our work. Should we want to reach out to a particular social media handle we would do so using the contact information they have provided publicly.
We use “cookies” to help us improve the performance of our websites and campaigns.
Cookies are small text files that websites send to your computer (or phone or tablet). They save and store information about how you use the websites. We use them to give you a tailored experience on our websites.
Through Cookies, we collect technical information, including the operating system and platform, browser type and version. Details of your visits to the Website, including but not limited to: every ‘HTTPS Query’ your browser client sent to our server(s); the full Uniform Resource Locators (URL) clickstream to, through and from the Website (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, weblogs and other communication data. This information does not identify you.
They make using our sites faster and easier. For example, when you donate to MSF India (Section 25 Company), a cookie helps the site ‘remember’ which kind of donation you’ve chosen as you move through the site.
Our website also uses web third-party cookies that allow us to track conversations and activity on our website as well as generate advertisements that appear on Facebook, for example, and other search engines like Google for you and other potential users. Such third-party cookies may collect or receive information through your use of our websites to provide advertisements and allow it to create lookalike audiences. We don’t collect personal information via these cookies.
If you enter your details onto one of our online donation forms, and you don’t complete the donation, we may contact you via email to see if we can help with any problems, you may be experiencing.
Similarly, if you receive an email, open it, don’t open it, select a link, browse our website, we collect this information so we can see which stories are popular and which aren’t. This data is not used to identify you personally.
What information do we collect?
If you contact us for any reason, we’ll usually collect your:
- Phone number
- Other personal details, which can be used to identify an individual
When you donate, we may also ask for:
- Your bank or credit/debit card or UPI details (which are stored under RBI Compliance regulations).
- We may collect date of birth, passport, PAN and/or Aadhar details are also collected for compliance purposes.
When you apply for a job:
- We also collect your full personal, professional, educational, financial details and health data etc. for processing your job application for both national and international position.
- We may share your data with the third-party processor, with your consent, for background check or visa processing etc.
When you sign up for a survey or fundraise for us, we may also ask:
- What your interests are eg. medical interests or countries you work in?
- Which age bracket you’re in?
- What social media channels you use?
How do we use this data?
Any of the information we collect from you may be used in any one or more of the following ways:
- To process donations
Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other person for any reason whatsoever, without your consent.
- To send periodic emails and/or to deal with your inquiries and requests
The email address you provide for receiving communications from us may be used to send you information and updates pertaining to our activities. In addition, if you have selected the option to receive our newsletter, you will receive occasional company news, updates, related information or news information, etc.
We won’t sell your details to any third parties or other charities. If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.
How do we use your data depends on why you’re providing it:
- Online forms and feedback
We’ll use your personal information to respond to your questions, requests or register you for events.
- Surveys/statistical purposes to improve services
We use surveys to understand who visits our websites and how they use them, helping us to create better content for you and make our websites easier to use.
We may ask for your email address if you’re happy to be involved in future surveys or testing. We’ll only use this to ask you to help us with these types of requests.
We use your information to process and keep a record of your donation.
Any information you post on our blog sites may be published and moderated.
- Direct marketing
We use direct marketing to let you know what MSF is doing and how your support makes a difference. We may use it for emergency fundraising or to ask for other support. We’ll always respect your preferences and endeavor to send you information that you’ll find interesting, in the format you prefer.
We’ll send you direct marketing by post unless you indicate that you don’t want to hear from us this way. We send these communications on the basis of it being within our legitimate interests to do so or if you’ve consented to receive this. Please see the “Legal Basis for Processing Data” section below for more information on this.
We’ll also send you direct marketing by e-mail, SMS and phone if you’ve consented to hear from us this way.
- Social media
We may use publicly available information linked to your social media profile to anonymously target you with posts that may interest you.
We’ll never ask for personal or sensitive information on social media. We may repost or share your posts on social media if it relates to MSF and our work.
We may respond to questions, queries or comments left on our social media channels. We may use the information found on your profile to help us answer these. Check your social media accounts if you want to change the information you make public.
Our websites use sharing buttons that share our web pages to social media platforms. Use these buttons at your own discretion. Social media platforms may track these shares through your accounts.
Our legal basis for processing personal data
Organisations need a lawful basis to collect and use personal data under the data protection framework and privacy by design principle. The law allows for six (6) ways to process personal data (and additional ways for sensitive personal data). Four of these are relevant to the types of processing that MSF carries out.
This includes information that is processed on the basis of:
- A person’s consent (eg. to send you direct marketing by e-mail or DM);
- Processing that is necessary for compliance with a legal obligation (eg. to process a donation); and
- Our legitimate interests (please see below for more information).
Personal data may be legally collected and used if it’s necessary for the legitimate interest of the organisation using the data, as long as its use is fair and doesn’t adversely impact the rights of the individual (data subject) concerned.
Our legitimate interests include:
- Charity governance; including delivery of our charitable purposes, statutory and financial reporting and other regulatory compliance purposes;
- Administration and operational management; including responding to solicited enquires, providing information and services, research, events management, the administration of volunteers and employment and recruitment requirements.
- Fundraising and campaigning; including administering campaigns and donations, and sending direct marketing and thank you letters by post.
If you’d like to change our use of your personal data in this manner, please get in touch with us using the details below:
Who has access to your information?
- Trained staff
Your information is only accessible by trained staff, volunteers and third-party processors. We regularly review who has access to your information.
We do comprehensive checks on any agreements before we work with them. We always put a contract in place that sets out how they manage the personal data they collect or have access to.
- Data processors/sub-processors/joint-processors
We use third parties to help us manage and store personal data and to carry out certain activities on our behalf.
We’ll only disclose your personal data to third parties, without your consent, when we have to by law, for example to authorised statutory agencies or authorities on a formal request.
How do we keep your information safe?
We use appropriate technical and organisational measures and precautions in order to protect your personal data and to prevent the loss, misuse or alteration of your personal data.
- As per Indian law, MSF is required to comply with reasonable security practices and procedures which include a comprehensively documented information security program and information security policy that contains managerial, technical, operational and physical security control measures.
- We implement a variety of security measures to maintain the safety of your personal information and sensitive personal information or data provided to us, subject to applicable law (Information Technology Act and its corresponding rules). Please note that MSF India complies with globally accepted security practices and norms as regards the protection of information of the users.
- We use secure servers for our financial transactions, including when you make a donation. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (bank details, credit/debit cards, PAN, Aadhar, Passport, other financial details etc.) will not be stored on our servers.
Disclosure of information:
We will never share your Personal Information with any other company or third party without your consent, except in the following circumstances:
- as set out in this policy;
- to protect the security or confidentiality of our records and systems;
- in special cases when we have reason to believe that disclosing this information is necessary to identify, contact, or bring legal action against someone who may be causing injury to or interference with our rights, or
While we make sure to keep your data safe, no data transmission over the Internet is 100 per cent secure. We can’t give a complete guarantee over the security of any information you send us and you do so at your own risk.
How long do we retain your data?
We keep your information for as long as it’s necessary to fulfill the purpose for which it was collected. We may retain your personal information for longer if it may be the subject of a legal claim, or may otherwise be relevant for future litigation. For example, we keep your financial data for at least nine years and your employment application indefinitely, unless specifically asked to delete it.
If you request to receive no further contact from us, we’ll keep some basic information about you on our suppression list in order to avoid sending you unwanted materials in the future.
How do we interact with third-party processors?
Occasionally, at our discretion, we may include or offer links or notices for third parties on our website. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
How do we protect children?
We do not collect any information from anyone under 13 years of age. Our website and services are all directed to people who are at least 13 years old or older.
How can you change your information and what are your rights?
Contact us at DPO.India@new-delhi.msf.org if you’d like to change or update your personal information.
You have a number of rights under data protection legislation:
- You can request any information we hold on you. Email us at DPO.India@new-delhi.msf.org and ask for it in writing. You may be asked for proof of identity.
- You have the right to ask us to stop using or to restrict the processing of your personal data.
- You can withdraw your consent to us processing your data at any time (where such processing is based on consent eg. to send you electronic direct marketing).
- If you believe our records are inaccurate you have the right to ask for those records concerning you to be updated. To update your records please get in touch with us using the details above.
- In accordance with the privacy by design principle, you have a right to erasure (“to be forgotten” i.e. to have your personal data deleted from our database) or transferred to another organisation (“data portability”).
- If you have any concerns about the way your data is being used or if you’d like to make a complaint, please contact us using the details below.
- You are entitled to file a complaint about how MSF India treats your data. To do so, you may directly contact via email at: DPO.India@new-delhi.msf.org.
MSF neither posts/circulates/issues nor allows any person to submit/post/circulate/issue any content, slide, film, writing, drawing, painting, photograph, representation or figure on its website which contains/indicate/promotes indecent representation of any human being in any form, pornography, obscenity, or human depravity, etc. Further, MSF shall not indulge in any activity which qualifies to be an offence under applicable law, including under the provisions of the Information Technology Act, 2000, the Indecent Representation of Women (Prohibition) Act, 1986 and the Indian Penal Code, 1860.
Content published on our website, including graphics, written content, logos, pictures, images and software are the property of MSF and its partners or associates. In case of any articles, posts or comments by a user published on this website, such post/comment/article are the personal views expressed by the author.
Users must seek formal permission to use any content from MSF’s website failing which MSF will hold the (mis) user (whether an individual or an organization) liable for the same.
When do we update this notice?
We change this Privacy Notice when we need to. If we make any significant changes in the way, we treat your personal information we’ll make this clear on our websites or by contacting you directly.
Last updated on 29th June 2021
Any all rights on this document belong to MSF. Any reproduction, without written consent, is strictly forbidden.