Fundação Edite Ten Jua
en
pt-ptfr

Privacy Policy

Last updated: April 15, 2025

This Privacy Policy aims to inform users about how Edite Ten Jua Foundation collects, uses, shares, and protects personal data provided to us, in compliance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and Law No. 58/2019 of Portugal, which ensures the implementation of the GDPR.

1. Who we are

The Edite Ten Jua Foundation is a non-profit foundation based in São Tomé and Príncipe, dedicated to the development of young and inclusive leadership, with a special focus on women’s empowerment.

Although the foundation is based outside the European Union, all personal data collected through our website is stored and processed on servers located within the European Union, and therefore subject to European data protection law.

2. Personal data collected

We may collect the following personal data when users interact with our website or services:

  • Full name

  • Email address

  • Phone number

  • Physical address

  • Browsing data (IP address, device type, browser, pages visited, access date/time)

  • Additional information provided via forms (e.g., registrations, applications, volunteering, donations)

3. Purposes of data processing

We process the collected data for the following purposes:

  • Responding to contact requests

  • Managing event registrations, training programs or foundation initiatives

  • Processing donations and issuing receipts

  • Complying with legal obligations

  • Sending newsletters and informational/promotional content (with prior consent)

  • Improving website performance and user experience

4. Legal basis for processing

Data processing is based on:

  • The data subject’s consent (Article 6(1)(a) GDPR)

  • Performance of a contract or pre-contractual steps (Article 6(1)(b))

  • Compliance with legal obligations (Article 6(1)(c))

  • Legitimate interests of the foundation (Article 6(1)(f)), including website security and fraud prevention

5. Data retention

Personal data is retained only for the period strictly necessary to fulfill its purpose or as required by law.

Examples:

  • Contact data: up to 2 years after the last interaction

  • Donation records: up to 10 years (for tax purposes)

  • Browsing data: up to 1 year (for statistical purposes)

6. Data sharing

We do not sell or share personal data with third parties, except:

  • When required to comply with legal obligations

  • With service providers acting on behalf of the foundation (e.g., hosting, email, accounting)

  • With the data subject’s express consent

All service providers are contractually bound to comply with confidentiality and data protection standards under the GDPR.

7. International data transfers

No international transfers of data are made outside the EU. Although our foundation is based outside the EU, all data is processed exclusively within the European Union, ensuring compliance with the GDPR.

8. Rights of data subjects

You have the right to:

  • Access your personal data

  • Request rectification or update

  • Request erasure of your data

  • Object to processing

  • Request restriction of processing

  • Request data portability

  • Withdraw your consent at any time (when applicable)

To exercise these rights, please contact:

Data Controller: WebDig.PT by João Costa
Address: Rua José Coimbra, 186 – 2240-209 Beco – Portugal
Email:

9. Security measures

We apply appropriate technical and organizational measures to ensure the security of personal data against unauthorized access, loss, or alteration.

  • Hosting on secure EU-based servers

  • Encrypted communications (SSL/TLS)

  • Access restrictions

  • Regular backups

10. Changes to this policy

We reserve the right to amend this Privacy Policy at any time. Any changes will be posted on this page with the updated date.