MOVEMBER PRIVACY POLICY

Draft as at 15 July 2024

INTRODUCTION

Movember is committed to protecting your privacy and the confidentiality of any personal information that you provide to us. We value transparency and we want you to be 100% clear on why we ask you for personal information and what we’ll do with it.

This Policy describes how we collect, use, store and disclose your personal information in connection with our activities. It describes how you can have confidence that we treat your personal information lawfully and respectfully.

By accessing the Movember website or any of the Movember apps (together, “Websites”), or otherwise providing your personal information to Movember, you indicate your acceptance of this Policy (as amended from time to time). Please note that supplementary rules apply in relation to individuals whose personal information we collect, if you are located in the European Union or European Economic Area. For more information, refer to Appendix A: EU Privacy Notice.

WHO ARE WE?

Movember is the leading charity changing the face of men’s health globally. We’re addressing some of the biggest health issues faced by men: prostate cancer, testicular cancer, mental health and suicide prevention. We do this via our global fundraising event in the month formerly known as November, and by running awareness campaigns throughout the year. With the money raised by our global community, Movember funds (and sometimes undertakes) groundbreaking research and innovative health projects across the world that have significant global and local impact.

A reference in this Policy to Movember (or “we” or “us”) is a reference to the Movember Foundation (Australian Business Number 48 894 537 905), and its subsidiary and affiliated entities (the Movember Group Pty Ltd, the Movember Foundation (US), Movember Europe, Movember Europe Trading Ltd, Movember Canada, Movember New Zealand and Movember e.V.).

WHAT INFORMATION DO WE COLLECT?

The information we collect about you ultimately depends on who you are and the nature of your interaction(s) with us. However, we’ll only collect personal information that is reasonably necessary to fulfil the purpose for which it’s being collected (e.g. to process a donation, set you up as a Mo Bro or Mo Sister, to allow you to work for us, to enable your participation in research and evaluation that you’ve consented to be a part of etc.).

Below are some examples of the information we may collect about you:

PERSONAL INFORMATION

If you are… / We might collect:

A Mo Bro, Mo Sister or donor

  • Contact details (e.g. name, image, age, date of birth, address, postcode, phone number, email address).
  • Fitness tracking information (only if you connect a Fitness App to your Mo Space account).
  • Previous donation history or the amount you’ve donated (e.g. if you donate to a Mo Bro, Mo Sister, Mo Team, Mo Event or Mo Network) .
  • Historical member information from any of your associated Mo Teams, Mo Events and/or Mo Network during previous campaigns, including any information you have chosen to share on your profile.
  • Information you’ve provided if you’ve contacted us with a question, complaint or enquiry.

A visitor to our Websites

  • Information about the computer equipment and the version of operating system you’re using
  • The settings of the device you use to visit our Websites

An employee, contractor or volunteer

  • Contact details (e.g. name, image, age, date of birth, address, postcode, mobile number, personal email address).
  • Professional details (e.g. previous employer or business name, job title/occupation, previous employment information).
  • Family and beneficiary details for insurance and superannuation (e.g. names and dates of birth).
  • Financial information (e.g. taxes, bank details and superannuation details).
  • Medical history (e.g. your vaccination status or any allergies or other conditions that help us ensure your safety while at work).

A job applicant

  • Contact details (e.g. name, age, date of birth, address, postcode, mobile number, work phone number, personal email address, work email address).
  • Professional details (e.g. employer or business name, job title/occupation, previous employment information and any other information you provide while applying for an open role at Movember).
  • Educational details (e.g. high school and university attended, degrees undertaken etc).

A research participant

  • Contact details (e.g. name, age, date of birth, address, postcode, mobile number, work phone number, personal email address, work email address).
  • Medical history and other health information, as well as behavioural and lifestyle information, that might be relevant to the research.
  • Opinions and reactions to testing and research.
  • Emergency contact information.
  • Other information that you provide or have consented to us collecting in in connection with the project. Depending on the nature of the research or evaluation, this may also include your sensitive information.

SENSITIVE INFORMATION

Sensitive information (sometimes referred to as ‘special categories’ of personal information) is data that requires greater security and could be subject to special protections under the laws of your country. Examples of sensitive information include information about a person’s:

  • Race
  • Ethnic origin
  • Health
  • Genetics
  • Sex life, sexual orientation or practices
  • Political views and opinions
  • Religious beliefs or affiliations
  • Philosophical beliefs
  • Membership of a political association, professional or trade association or trade union
  • Criminal record
  • Biometric information that is to be used for certain purposes (e.g. ID purposes)
  • Biometric templates.

We don’t typically collect your sensitive information, however:

If you are… / We might collect your sensitive information in these ways:

A Mo Bro, Mo Sister or donor

  • You may choose to provide any information you like in your Mo Space, Mo Team, Mo Event or Mo Network profile. This could include sensitive information. Please be careful about what information you publish in this way.

An employee, contractor volunteer or job applicant

  • We may collect (with your consent) information about your health and/or information that may reveal criminal convictions or offences information about you.

A research participant

  • We may collect certain types of sensitive information from you, depending on the nature of the research or evaluation. We’ll only ever do so with your consent and will only collect information that is directly related to, or reasonably necessary for the research we’re conducting.

CREDIT CARD DATA

If you purchase products from us or make a donation to us, you may provide us with credit card details and other information which will allow us to process the transaction. Please note that Movember does not store credit card information.

DIRECT DEBIT DATA

By signing and/or providing us with a valid instruction in respect to your Direct Debit Request, you have understood and agreed to the terms and conditions governing the debit arrangements between you and Movember Foundation as set out in this Request and in your Direct Debit Request Service Agreement. You agree to execute this document by electronic signature and you are aware that by electronically signing this document you are executing a legally binding document.

FITNESS APP INFORMATION

If you connect your Fitness App to your Mo Space, then the Activity Data that Movember collects can include the types of activities you’ve undertaken, duration, distance, steps, calories, and related source information (including GPS coordinates in the case of some Fitness Apps). Activity Data from your Fitness App is provided to Movember by Thryve Health SDK.

UNSOLICITED INFORMATION

If you provide us with unsolicited personal information, which means personal information we receive but have not taken active steps to collect from you, we’ll usually destroy or de-identify the information as soon as practicable (where it isn’t otherwise addressed in this Policy, and of course only if it’s lawful and reasonable to do so).

HOW DO WE COLLECT PERSONAL INFORMATION?

BY RECEIVING IT DIRECTLY FROM YOU

Wherever possible, we’ll collect personal information from you directly. This can include, but is not limited to, online registration forms, online donation forms, email correspondence, social media, live chat discussions, job applications, hard-copy forms, and face-to-face meetings.

You might provide personal information to Movember for a variety of reasons, including to:

  • Receive information about or to participate in Movember
  • Receive information about or become involved with Movember’s campaigns, projects or activities
  • Receive information about the outcomes of the funds we’ve raised
  • Purchase Movember products or merchandise
  • Donate funds to us (either directly or via a Mo Bro, Mo Sister, Mo Team, Mo Event or Mo Network)
  • Provide us with your Movember ‘motivation’ or a personal story
  • Connect your personal fitness tracking app to participate in our Move challenge
  • Host or attend a Movember event
  • Apply for a job with or work for us
  • Participate in research or evaluations conducted by us
  • Submit an inquiry or chat to us via the live chat function on one of our Websites or social media accounts.

VIA SOCIAL MEDIA

If you register for or log in to a Mo Space profile using your Facebook account, we’ll collect the personal information from Facebook that we need to complete the registration or login. However, we will only collect the personal information that you’ve permitted Facebook to share with us. That information may include your name and email address and, depending on your privacy settings, additional details about you. Please review the privacy controls you’ve set on your Facebook account, so that you have control over how much information you want shared with us.

VIA COOKIES ON OUR WEBSITES

We may collect, log and process data about your use of our Websites. We do this in order to allow our Websites to function properly, collect anonymous website traffic data, and to provide you with the best possible user experience (e.g. to keep you logged in if you request this). We use cookies on our Websites for the following purposes:

  • Analytical purposes
  • Usage preferences
  • Session management
  • Function purposes

To make full use of our Websites, your computer or mobile device will need to accept cookies, as our Websites will not function properly without them. If you choose not to accept cookies, you’ll still be able to view our Websites, but some interactions may not work normally and will impair the Websites’ functionality. For more information about cookies, please refer to Appendix B.

WHEN YOUR FITNESS APP IS CONNECTED TO YOUR MO SPACE

When you connect your fitness tracking device or fitness app (Fitness App) to your Mo Space to participate in the Move challenge, Thryve Health SDK makes available to us all historical information relating to the Activity Data it holds from your Fitness App. By connecting your Fitness App to your Mo Space, you agree to allow Movember to access all historical Activity Data from your Fitness App, plus any new Activity Data created while your Fitness App is connected to your Mo Space. You can select which Activity Data from your Fitness App to display as a Move activity on your Mo Space page. We will continue to receive this Activity Data unless and until you choose to disconnect your Fitness App in the Manage Connections section of your Mo Space account. If you elect to disconnect your Fitness App, we will continue to have access to Activity Data created up until that time, but we will not have access to any future Activity Data after the time of disconnection.

VIA THIRD PARTIES

In limited circumstances we may collect information about you from third parties, for example:

If you are… / We might collect information from third parties in these ways:

A Mo Bro, Mo Sister or donor

  • If you donate to Movember via our Website using either PayPal or MasterPass, depending on where you live, these organisations may provide us with your address.
  • They will only do this if you have not entered your address onto the donation form yourself, and if you have set up your address as part of your PayPal or MasterPass account.
  • Alternatively, if you donate to us via a Facebook Fundraiser, your name and the amount of your donation will be shared with us. At the same time that you make your donation, you'll also have the option to share your email address with us to receive newsletters and updates. For more information on donating via a Facebook Fundraiser, visit the Facebook website.
  • If you chat to us via the live chat function on our Website, some of your personal information will be shared with us, including your name, email address and location (if you allow this to be shared via your web browser).

A job applicant

  • We may obtain your personal information if you apply for a job at Movember via a third party such as a recruitment agency or LinkedIn.

A research participant

  • We may obtain your personal information from:
  • organisations or research partners with whom we conduct research or evaluations, if you are a participant in the relevant research or evaluation; or
  • health professionals (such as a medical clinic treating you) or other organisations holding your records, with your consent.

USING DATA AVAILABLE FROM PUBLIC SOURCES

As a fundraising organisation, we undertake in-house research and may from time to time engage specialist agencies to gather information about you from publicly available sources, for example, Companies House, the Electoral Register, company websites, ‘rich lists’, social networks such as LinkedIn, political and property registers, and news archives.

We also may carry out wealth screening to fast track the research using our trusted third-party partners. You will always have the right to opt out of this processing. We may also carry out research using publicly available information to identify individuals who may have an affinity to our cause with whom we are not already in touch. This may include people connected to key supporters and lead volunteers. We also use publicly available sources to carry out due diligence activities, in line with guidance issued by the Chartered institute of Fundraising on major donor fundraising and gift acceptance.

This research helps us to understand more about you as an individual so we can focus conversations we have with you about fundraising and volunteering in the most effective way, and ensure that we provide you with an experience as a donor or potential donor which is appropriate for you. If you would prefer us not to use your data in this way please email us at privacy@movember.com.

HOW MUCH INFORMATION DO YOU NEED TO PROVIDE?

How much information you provide to Movember is up to you; however, if you want to use our Websites, donate to us, receive information from us, participate in our campaigns, programs and events, or participate in research and evaluations etc., we require certain information from you.

Most of the time you’ll be able to interact with us anonymously if you choose; in specific circumstances where that’s not possible, we’ll let you know.

HOW DO WE USE YOUR PERSONAL INFORMATION?

We make every effort to tell you what we’ll do with the personal information you provide us, at the time you provide it.

For general information, here’s a list of common ways we may use your personal information:

If you are… / We might use your personal information in these ways:

A Mo Bro, Mo Sister or donor

  • To provide you with products or merchandise you’ve requested
  • To provide you with information or other communications about Movember or any of Movember’s initiatives
  • To market Movember and/or our campaigns and events
  • To involve you in promotions, future campaigns and other initiatives undertaken by Movember
  • To include your image, name and details on our Websites if you register as a Mo Bro, Mo Sister, as part of a Mo team, or if you register to Host a Movember event (these details will appear in public search results unless you change the default setting)
  • Target ads to you via third party platforms, such as Facebook
  • To include your name, comments and amount of donation on our Websites if you make a donation to a Mo Bro, Mo Sister, Mo Team or Mo Event (unless you choose a private or anonymous donation)
  • To enter you into automatic prize draws if you’re a registered Mo Bro or Mo Sister, and meet the relevant prize draw criteria
  • To provide you with details of how we spend the funds raised by Movember
  • To analyse statistics in relation to the Movember community
  • To involve you in health initiatives
  • To acknowledge or reward you for your participation in Movember or any of Movember’s other initiatives.

An employee, contractor, or volunteer

  • If you’re employed or volunteer with us we’ll use the personal information you’ve provided us to manage your employment and our responsibilities to you.

A job applicant

  • If you apply for a job with us, we’ll use the personal information you’ve provided us for the purposes of assessing your job application.

A research participant

  • If you participate in research or evaluations with us, we'll use the personal information you've provided to:
  • record your involvement;
  • process the results of the relevant research, evaluations and clinical trials; and
  • contact you regarding participation in future studies.

Research participants enrolled in trials, research or evaluations will be given further information detailing how their personal information (including any sensitive and health information) will be handled by Movember.

HOW DO WE PROTECT YOUR PERSONAL INFORMATION?

Movember takes reasonable steps to ensure the security of all information we collect, including that the information is protected from misuse and loss, and from unauthorised access, modification or disclosure. We make use of:

  • Password protection;
  • Secure cloud-based servers; and
  • Multi-factor authentication.

Some of these services are hosted by third parties located in Australia and the United States.

For security of transactions, we use the Secure Sockets Layer (SSL) protocol, which encrypts any personal information you enter into Movember websites. The encryption process protects your information, by scrambling it before it is sent to us from your computer. We also make commercially reasonable efforts to ensure the security ofyour personal information on our system. Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure or to be fully protected from being accessed, tampered with or used in an unauthorised manner by third parties. With this in mind, we strive to protect your personal information, but we cannot warrant in absolute terms the security of any information you transmit to us.

HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION?

We’ll only keep your personal information for as long as we are required:

  • To fulfil the purpose for which it was collected (and in accordance with any consents you provided)
  • By applicable laws, regulations and professional standards.

WITH WHOM MIGHT WE SHARE YOUR PERSONAL INFORMATION?

Movember will only use or disclose your personal information in accordance with this Policy, unless you have consented to the additional use or disclosure, or where disclosure is necessary to prevent injury to life or health, to investigate any suspected unlawful activity or where the use or disclosure is required or authorised by law. We will never sell your personal information to other parties.

We may share your information with third parties who process data on our behalf, but only where we place obligations on them in relation to the security of the data and require them to use the data only as we instruct.

We may disclose your personal information to social media platforms (including without limitation Facebook), so that the social media platforms may send you advertisements about future Movember events and initiatives, and for analytics purposes.

If we send your details to Facebook they will be hashed before they are sent, and Facebook briefly uses the data for matching purposes only before deleting it. For more information, please refer to Facebook’s website.

If you wish to opt out of having your details provided to Facebook or other social media platforms, please contact us via email to privacy@movember.com.

INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

Regardless of where in the world you reside, Movember may transfer, process and store your personal information outside of your country of residence, including in Australia and the United States. Whenever we transfer your information we take steps to protect it, including making use of contractual data protection clauses.

LINKS TO OTHER WEBSITES

Our Websites contain links to other external websites. We are not responsible for the privacy practices or content of any other external website or service that is linked to our Websites, or for the privacy practices of any third-party social media platforms that you can access through our Websites. This Policy only applies to Movember Websites, so we encourage you to read the privacy policies of those other websites or service providers, including, but not limited to, Thryve Health SDK, Facebook, as well as Facebook Fundraisers and Facebook Donation functionality, which may require you to provide additional personal information. We may provide you with access to an augmented reality feature in our communications which allows you to upload a photo. The feature alters the photo in a creative way and lets you share the image on your favourite social networks. Movember is not responsible for the provision of this service.

YOUR RIGHTS

ACCESSING, CORRECTING AND DELETING YOUR PERSONAL INFORMATION

You may request access to, or correction or deletion of, your personal information collected by Movember. Please send an email to privacy@movember.com and we’ll endeavour to respond as soon as possible, and in any event within 30 days of receiving your request. There may be some legal or regulatory reason as to why access to, or correction or deletion of, your personal information is denied; if this is the case, we’ll tell you why.

MAKING A COMPLAINT

If you have a complaint about our handling of your personal information, please send an email to privacy@movember.com.

We’ll investigate your complaint and notify you in writing as soon as possible of any decision in relation to the complaint, and in any event within 30 days of receiving the complaint.

Data breaches will be handled in accordance with Movember’s data breach response plan, and notifications will be made as required by law.

If you’re not satisfied with the response to your complaint, you can refer your complaint to the relevant supervisory authority in your country. Please refer to Appendix D: How To Contact The Appropriate Supervisory Authority below for contact details.

WHEN WILL WE SEND YOU MARKETING COMMUNICATIONS?

If you’ve agreed to receive communications from Movember, we may use your personal information to contact you (including sending marketing emails) about the Movember campaign, charitable and programmatic activities and the outcomes achieved with the funds raised.

HOW DO I UNSUBSCRIBE FROM RECEIVING MARKETING COMMUNICATIONS?

You may opt out of receiving marketing communications from us at any time.

You’ll be provided with an opportunity in each communication to decline to receive further communications from Movember.

In addition, you can change your marketing preferences in the Notifications section of your Mo Space account.

CHILDREN UNDER THE AGE OF 16

We understand the importance of protecting the privacy of children, especially in an online environment, which is why it’s our policy to avoid handling information about any child under the age of 16. This is also why our Websites are not intentionally designed for or directed at children under the age of 16. However, sometimes Movember funds or delivers health initiatives that are intended to support children who are under the age of 16. In those circumstances we’ll ask for a parent or legal guardian’s verification of consent before collecting any personal data from or about a child. If you’re under the age of 16, please do not do any of the following without the consent of a parent or legal guardian:

  • Use or provide any personal data on our Websites
  • Sign up as a Mo Bro or Mo Sister
  • Donate any money to Movember
  • Use live chat
  • Make any public comments on anyone’s Mo Space pages
  • Provide any personal data about yourself to us, including your name, address, phone number or email address.

If we learn we’ve collected or received personal data from a child under the age of 16 without verification of parental consent, we’ll delete that personal data. If you believe we might have improperly collected or hold any personal data from or about a child under the age of 16, please contact us at privacy@movember.com.

CHANGES TO OUR PRIVACY POLICY

This Privacy Policy may change from time to time particularly as new rules, regulations and industry codes are introduced. We regularly review this Policy, and will post any changes to it on our Websites. If we consider that the changes are material, we’ll notify you by email.

HOW TO CONTACT US

If you have questions or comments about this Privacy Policy, the personal information that we hold about you, how we handle personal information, or would like to exercise one of your data protection rights, please send us an email at privacy@movember.com.

We aim to respond within 30 days from the date we receive privacy-related communications.

Please refer to Appendix D: How To Contact The Appropriate Supervisory Authority for contact details of the relevant supervisory authority in your country.

APPENDIX A: EU/UK PRIVACY NOTICE

If you’re a resident of the European Union (EU), European Economic Area (EEA), Switzerland or the United Kingdom (UK) and we collect your personal information, the following additional information applies to you.

INTRODUCTION

If you are resident in the EU, EEA, Switzerland or the UK and Movember knowingly collects your personal information, we’ll do so in accordance with applicable laws that regulate data protection and privacy. This includes, without limitation:

  • the EU General Data Protection Regulation (2016/679) ("GDPR")
  • EU member state national laws that implement or regulate the collection, processing and privacy of your personal data;
  • the UK General Data Protection Regulation EU/UK Data Protection Laws(“UK GDPR”); and
  • the Swiss Federal Data Protection Act of 19 June 1992,

(together known as “EU/UK Data Protection Laws”).

This EU/UK Privacy Notice ("EU/UK Privacy Notice") should be read in conjunction with Movember’s Privacy Policy, which provides further information as required under the EU/UK Data Protection Laws on how we collect, use, store or disclose your personal information and with whom we may share it. This EU/UK Privacy Notice also provides information on your legal rights under EU/UK Data Protection Laws and how you can exercise them.

CROSS-BORDER TRANSFER & STORAGE OF YOUR PERSONAL INFORMATION

As Movember is a global charity, we may transfer, process and store your personal information outside of your country of residence, including in Australia and the United States. US data privacy laws are currently not considered to meet the same legal standards of protection for personal information as those set out under EU/UK Data Protection Laws. To safeguard personal information transferred across borders we take steps to protect it, including making use of contractual data protection clauses.

DIRECT MARKETING

If Movember provides direct marketing communications to individuals in the EU/EEA, the UK and Switzerland this will be done in accordance with EU/UK Data Protection Laws. In particular, if we contact you for direct marketing purposes by SMS, email, social media, and/or any other electronic communication channels, this will only be after you’ve freely provided us with your consent by positively opting in to receive direct marketing. You’re also free to object or withdraw your consent to receive direct marketing from us at any time by contacting us at privacy@movember.com.

WHAT LAWFUL GROUNDS DO WE HAVE FOR PROCESSING YOUR PERSONAL INFORMATION?

Under the EU/UK Data Protection Laws, we collect and process your personal information for the purposes described in this policy, based upon the following legal grounds:

With your consent

We process your personal information when you have freely provided your specific, informed and unambiguous consent for us to process your personal information for particular purposes. You have the right to withdraw your consent at any time by contacting us at privacy@movember.com.

When we have a contract with you

We process your personal information in order to set up and perform our contractual obligations to you, and/or enforce our rights.

When we’re pursuing legitimate interests

We process your personal information when we need to use your personal information in connection with our legitimate interests, and need to be able to effectively manage and operate our global organisation in a consistent manner across all countries and territories. We’ll always seek to pursue these legitimate interests in a way that does not unduly infringe on your legal rights and freedoms, and, in particular, on your right to privacy.

When we’re complying with legal obligations

We process your personal information when we have a legal obligation to do so, or for the purpose of us being able to establish, exercise or defend legal claims.

To protect your vital interests

In the absence of your consent, in rare circumstances we may process your personal information to protect your vital interests.

DO WE COLLECT SENSITIVE/SPECIAL CATEGORY PERSONAL INFORMATION?

Please note that some of the personal information we receive and process may include what is known as "sensitive" or "special category" personal information about you. For example, this can include personal information regarding your ethnic origin, sexual orientation or preferences, or political, philosophical, and religious beliefs. Even though we don’t actively collect this type of personal information, you’re able to write it on your Mo Space if you choose to. If you do provide sensitive/special category personal information, we’ll only process it when:

  • You have provided us with your explicit consent to use it
  • We have a legal obligation to process such data in accordance with EU/UK Data Protection Laws
  • It’s needed to protect your vital interests (or those of someone else), such as in a medical emergency
  • You’ve clearly chosen to publicise such information
  • It’s needed in connection with a legal claim that we have or may be subject to.

DO WE SHARE YOUR PERSONAL INFORMATION WITH THIRD PARTIES?

We may occasionally share your personal information with trusted third-party organisations; however, these organisations are contractually bound to safeguard the data we entrust to them in accordance with our instructions (“Data Processors”). For example, the types of Data Processors that we may engage with include, but are not limited to:

  • Organisations that support our business and operations (e.g. providers of website or database hosting, website analytics, payment providers, agencies we use to conduct fraud/police checks, recruitment agents etc.)
  • Professionals we use (e.g. lawyers, insurers, auditors, accountants etc.)
  • Law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with, applicable law or regulation.

There are certain circumstances where we may also disclose your personal information to third parties known as “Data Controllers”. For example, if you work for Movember and travel as part of your role, we may share your personal information to travel agents, airlines, hotels, car rental agencies etc. Due to the nature of their business, these Data Controllers will make their own decisions about how they process your personal information. As Data Controllers, they are also required to follow the EU/UK Data Protection Laws, and are required to protect your personal information with adequate safeguards, along with notifying you if their processing goes beyond the instructions that we provided. You should check the privacy policies of these organisations and companies to understand how they may use and store your personal information.

Aside from the instances outlined above, we’ll always treat your personal information as private and will not disclose it to any third parties without you knowing about it. Sometimes there are exceptions, such as in relation to legal proceedings or where we’re required to do so by law and cannot tell you (e.g. for a criminal investigation). Your personal information will only be shared by us with third parties that we deal with for lawful purposes, and who observe the principles outlined by the EU/UK Data Protection Laws.

DO WE USE COOKIES?

Yes, our Websites use cookies. Where cookies are used, a statement will be sent to your browser explaining the use of cookies. To learn more, please refer to Appendix B for our Cookie Policy.

WHAT ARE YOUR DATA PROTECTION RIGHTS?

In accordance with your legal rights under the EU/UK Data Protection Laws, you have the following data protection rights:

The right to access

You have a "subject access request" right, under which you can ask us to verify whether we’re processing personal information about you, what that personal information is, what we use that personal information for, to whom we may disclose it, as well as certain other information.

The right to rectification

You can ask us to correct our records if you believe they contain incorrect or incomplete information about you.

The right to erasure

You can ask us to erase/delete your personal information after you withdraw your consent to processing, or when we no longer need it for the purpose it was originally collected.

The right to restrict processing

You can ask us to temporarily restrict our processing of your personal information if you contest the accuracy of your personal information, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction.

The right to object to direct marketing

You can object to our use of your personal information for direct marketing purposes. We may need to keep some minimal information to comply with your request to cease marketing to you.

Right to withdraw consent

You can withdraw consent that you have previously given to one or more specified purposes to process your personal information. This will not affect the lawfulness of any processing carried out before you withdraw your consent. It may mean we’re not able to provide certain products or activities to you and we’ll advise you if this is the case. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal information is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds. Usually, we will have 30 days to respond to any of the requests listed above. However, we reserve the right to verify your identity, and we may, in the case of complex requests, require a further two months (60 days) to respond. We may also charge for administrative time in dealing with any requests that we deem to be manifestly unreasonable or excessive. We may also require further information to locate the specific data you seek, and certain legal exemptions under EU/UK Data Protection Laws may apply when we respond to your subject access request. So that we can fully comply, please note that these requests may also be forwarded to third-party data processors that are involved in the processing of your personal data on our behalf. If you would like to exercise any of the rights set out above, please contact us at privacy@movember.com.

If you make a request and are not satisfied with our response, or you believe that we are illegally processing your personal data, you have the right to complain to the to the relevant supervisory authority in your country. Please refer to Appendix D: How To Contact The Appropriate Supervisory Authority for contact details.

HOW TO CONTACT US

If you’d like to make a complaint, would like to exercise one of your data protection rights, or have any questions about our Privacy Policy, do not hesitate to contact our Data Protection Officer directly via email at privacy@movember.com.

HOW TO CONTACT THE APPROPRIATE SUPERVISORY AUTHORITY

If your complaint is not resolved, you feel that we have not addressed your concern in a satisfactory matter, or to report any concerns that you may have about our data handling practices, you may contact the relevant supervisory authority in your country. Please refer to Appendix D: How To Contact The Appropriate Supervisory Authority below for contact details.

APPENDIX B: MOVEMBER COOKIE POLICY

WHAT ARE COOKIES?

Cookies are small text files that are stored in your computer’s memory and hard drive when you visit certain webpages. They are used to enable websites to function or to provide information to the owners of a website. We do not use cookies to collect personal information.

WHAT COOKIES DO WE USE AND WHY?

Cookies help us to provide customised services and information. For example, we use cookies on all of our Websites to collect anonymous traffic data and also to improve your experience with the Websites (e.g. to keep you logged in if you request this). In broad terms, we use cookies on our Websites for the following purposes:

Analytical purposes

We use analytical cookies that allow us to recognise, measure and track visitors to our Websites. This helps us to improve and develop the way our Websites work, for example, by determining whether site visitors can find information easily, or by identifying the aspects of our Websites that are of the most interest to visitors. For these purposes, we may store the following:

  • The name of the domain from which you accessed the internet
  • The date and time you accessed our Websites
  • The advert or internet address of the website from which you linked directly to our Websites
  • The pages you accessed while visiting our Websites
  • The device from which you accessed our Websites
  • The location from which you accessed our Websites.

In addition, we use third-party service providers to provide certain analytics services to us in connection with the operation of the Websites, including (without limitation) the collection and tracking of the data and information listed above. We may disclose visitor data, including personally identifiable information, to enable those third-party service providers to provide such services. Such data may be sent to those third-party service providers and their local overseas suppliers, where the standard of data protection may be lower than the country in which you reside.

Usage preferences

Some of the cookies on our Websites are activated when visitors to our Websites make a choice about their use of the site. Our Websites then ‘remember’ the settings preferences of the user concerned. This allows us to tailor aspects of our sites to the individual user.

Session management

The software that runs our Websites uses cookies for technical purposes needed by the internal workings of our servers and application. For instance, we use cookies to keep track of information about a user’s session and determine which options or pages to display in order for the site to function.

Functional purposes

We use these cookies to store information that is needed by our applications to process and operate. For example, they’re used to recognise you if you’ve visited our Websites before, or to remember any preferences you’ve selected previously, such as your preferred language or location.

HOW YOU CAN CONTROL YOUR COOKIE PREFERENCES

To make full use of our Websites, your computer or mobile device will need to accept cookies, as our Websites will not function properly without them. In addition, cookies are required in order to provide you with personalised features on our Websites.

THIRD PARTY COOKIES

When you visit our Websites, you may receive cookies that are set by third parties. For example, you may receive a cookie set by Google. These cookies are used for the purposes described in the “What Cookies Do We Use & Why?” section of this policy. We do not control the setting of these third-party cookies, so we suggest you might wish to check the third-party websites for more information about their use of cookies and how to manage them.

AMENDING COOKIE PREFERENCES

If you wish to remove cookies set by our Websites from your browser in the future, you may delete them. The instructions for removing cookies from your computer or mobile device depend on the operating system and web browser you use. Please note, however, that withdrawing your agreement to the use of cookies on our Websites may impair your experience in using some of our Websites’ functionality.

WILL THE WEBSITES WORK WITHOUT COOKIES?

You’ll still be able to view our Websites, but some interactions may not work normally and will impair the Websites’ functionality.

ANY OTHER QUESTIONS?

If you have any other questions about cookies and the use of them on our Websites, contact us at privacy@movember.com.

APPENDIX C: HOW VISIBLE IS YOUR PERSONAL INFORMATION?

In certain circumstances we may give you the option to limit the public view of your personal information.

YOUR DONATIONS

If you don’t want your donation to be made public, you have the option to make:

A private donation

Your name and amount of your donation will only be disclosed to the registered Mo Bro or Mo Sister you’ve chosen to support in fundraising for Movember. That information will be available in their private view of their Mo Space; however, your donation amount will be included in the total calculation on their Mo Space.

An anonymous donation

The amount of your donation will be displayed on the public and private view of the Mo Space for the registered Mo Bro or Mo Sister you’ve chosen to support in fundraising for Movember; your name will not be displayed in either the public or private view of their Mo Space.

YOUR MO SPACE

If you would like to limit the public view of your Mo Space, you have two options:

Movember only

You can change the Privacy settings for your Mo Space to Movember Only. This means that your Mo Space will be visible everywhere on our Websites; however, it will be hidden from internet search engines (e.g. Google), so they won’t be able to display your Mo Space in their search results.

Limited Movember view

Changing your Privacy setting for your Mo Space to Limited Movember View, means that your Mo Space will only be visible to your supporters to enable them to donate to you (and to your team members if you’re part of a Movember Team or Movember Challenge). Your Mo Space will be hidden from internet search engines (e.g. Google), and even from the search functionality on our Websites. This means that you’ll need to forward a link to your Mo Space directly to your supporters in order to receive their donations; they cannot search for your Mo Space page themselves.

YOUR MO TEAM

If you’re part of a Movember Team, your Mo Team Captain will be able to access your email address and the email addresses of any member of your Mo Team. Changing the default privacy settings in your Mo Space to Limited Movember View will ensure that your Mo Space will not be displayed on your public Mo Team page.

YOUR MOVEMBER EVENT

You have the option to select Limited View for any Movember Event you create. This means that your Movember Event will be hidden so that it’s not visible to internet search engines (e.g. Google), and won’t appear in their search results. Similarly, it won’t appear in the results of a general search of our Websites. In order to invite guests to attend your Movember Event, you’ll need to send them a link to your Event page. Please be aware that if you change your Mo Space from public to a Limited Movember View, and/or your Movember Event from public to Limited View, your Mo Space and/or Movember Event may have already been indexed by an internet search engine. It may therefore appear in searches conducted on that search engine, until it re-indexes your Mo Space and/or Movember Event. In some cases, the search engines do not re-index their searches, so your Mo Space and/or Movember Event may still appear on those search engines after you’ve changed your profile settings. If you have a concern that a particular search engine hasn’t removed your Mo Space and/or Movember Event from their search results, please contact us at privacy@movember.com and we’ll contact the search engine directly to request deletion of the reference to your Mo Space and/or Movember Event in their search results.

APPENDIX D: SUPERVISORY AUTHORITY CONTACT DETAILS

The following are the contact details for the Supervisory Authorities of the larger countries in which we operate.

The following are the contact details for the Supervisory Authorities of the larger countries in which we operate.

  • Country
  • Authority
  • Website link