WEBSITE PRIVACY POLICY

ChangeX International ("we", "us" or "our") is committed to protecting and respecting your privacy. This Privacy Statement tells you about your privacy rights and sets out how we, as a Data Controller, collect, use, process and disclose your personal data relating to your interactions with our website www.changex.org (the Site). This Privacy Statement should be read in conjunction with our Cookie Policy.

The use of our Website by minors under the age of 18 is subject to the consent of their parent or guardian. This Privacy Statement addresses the use of personal data of both adults and minors, as the personal data of both groups is used in the same manner. Section 7 (Parental Rights) addresses choices that parents or guardians have related to minors under their care.

Please read the following carefully to understand our use of your personal data.

1. Information we may collect from you

"Personal data" under Data Protection Law (including the EU General Data Protection Regulation 2016/679 (GDPR), the EU Privacy and Electronic Communications Directive 2002/58/EC, and all national implementing legislation) means any information about an individual from which that person can be identified. You can use our Site without being required to provide any personal data to us. We only collect personal data about you when you sign up to ChangeX on the Site or when you sign up to to receive emails from ChangeX. In addition to the information you provide to us, we collect certain information when you visit our Site.

In providing our services, we may also receive personal data indirectly. Categories of such personal data include names, contact information and other information that is relevant to the provision of our services.

If you do not provide the requested information, we may not be able to provide you with our services or respond to any questions or requests you submit to us via our website. We will tell you when we ask for personal data whether it is a contractual requirement or needed to comply with our legal obligations.

We may collect and process the following types of personal data about you:

  • Identity Data including your name, date of birth and profile picture.
  • Contact Data including your address, e-mail address, and telephone numbers.
  • Financial Data including bank account and payment card details.
  • Transaction Data including details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data including internet protocol (IP) address, your login data (date of sign up/sign in), browser type and version, time zone setting and location, browser plug-in types and versions, browser language, operating system and platform and other technology on the devices you use to access this Site.
  • Profile Data including your user ID and password, user bio, profile image, your interests, your location, your messages/conversations, your role(s), your notification preferences, your social media handles, your motivation statement and feedback and survey responses.
  • Usage Data including information about how you use our Site, products and services.
  • Marketing and Communications Data including your preferences in receiving marketing from us and our third parties and your communication preferences.

2. How we use personal data we collect

We will only use your personal data for the purposes and legal bases set out in the table below.

Purpose(s) for Processing Legal Basis for Processing
To register and create an account on our website and provide you with support for starting ideas.
  • To perform our contract with you
To manage our relationship with you, to provide our services, to offer you direct support, new opportunities and ideas to improve your community.
  • The processing is necessary to perform our contract with you
  • To comply with our legal obligations, including tax and accounting rules
  • To support our legitimate interests provided such interests are not overridden by your interests and rights- you have the right to object at any time
For the prevention and detection of fraud, money laundering or other crimes.
  • To comply with legal and regulatory obligations
To send you updates on what’s happening in the ChangeX community.
  • Your consent - which you can withdraw at any time
  • To support our legitimate business interests provided such interests are not overridden by your interests and rights - you have the right to object at any time
To customise your experience on the Site, or to serve you specific content that is relevant to you.
  • The processing is necessary to support our legitimate interests in managing our business (to define types of customers for our products and services, to keep our Site updated and relevant, to develop our business and to inform our marketing strategy) provided such interests are not overridden by your interests and rights- you have the right to object at any time
Transferring information to third parties, including to our own service providers.
  • To support our legitimate interests in managing our business provided such interests are not overridden by your interests and rights - you have the right to object at any time
  • To comply with our legal obligations
  • To protect vital interests

We will store your personal data only for as long as necessary for the purposes of providing access to our Site and related services to you; as required by law, and for the exercise or defence of legal claims.

3. Disclosure of your information

We may disclose your personal data to third parties who provide a service to us, including our Internet Service Provider who records data on our behalf and is bound by confidentiality provisions, or in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets or if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or where necessary for our legitimate business interests to protect the rights, property, or safety of ChangeX International, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

The transmission of information via the Internet is not completely secure and may involve the transfer of personal data to a third party outside of the European Economic Area (EEA) including to Heroku our Internet Service Provider in the US. To the limited extent that it is necessary to transfer your personal data outside of the EEA, we will ensure appropriate safeguards are in place to protect the privacy and integrity of such personal data, including the Privacy Shield.

Please contact us if you wish to obtain information concerning such safeguards (see Contact Us below).

4. Links to other sites

Our site may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites.

5. Your rights

You have the right to request access to, rectification, or erasure of your personal data, or restriction of processing or object to processing of your personal data, as well as the right to data portability. The following is a summary of your rights:

  • The right of access enables you to receive a copy of your personal data.
  • The right to rectification enables you to correct any inaccurate or incomplete personal data we hold about you.
  • The right to erasure enables you to ask us to delete your personal data in certain circumstances, including where:
    • It is no longer necessary for us to process your personal data;
    • You consider the personal data is being unlawfully processed;
    • You withdraw your consent (where the processing is based on consent);
    • You object to the processing and there are no overriding legitimate grounds justifying the processing; or
    • The personal data have to be erased to comply with a legal obligation.

    We may refuse your request if the processing is necessary to comply with a legal obligation or for the establishment, exercise or defence of legal claims.

  • The right to restrict processing enables you to ask us to halt the processing of your personal data in certain circumstances, including where:
    • You contest the accuracy of your personal data;
    • You consider the processing is unlawful, but you do not want your personal data erased;
    • We no longer need the personal data but you require it for the establishment, exercise or defence of legal claims; or
    • You have objected to the processing, and verification as to our overriding legitimate interests is pending.

    We may continue to process your personal data:

    • Where we have your consent to do so;
    • For the establishment, exercise or defence of legal claims;
    • The processing is necessary to protect the rights of other individuals or legal persons; or
    • For important public interest reasons.
  • The right to object enables you to object to us processing your personal data on the basis of our legitimate interests (or those of a third party). We will stop such processing unless we can demonstrate compelling legitimate grounds for the processing which override your interests or the processing is necessary for the establishment, exercise or defence of legal claims. You also have the right to object to us processing your personal data for direct marketing purposes.
  • The right to data portability enables you to request us to transmit personal data that you have provided to us, to a third party without hindrance, or to give you a copy of it so that you can transmit it to a third party, where technically feasible. The right only applies where:
    • The processing is carried out by automated means; and
    • The processing is based on your consent or for the performance of a contract with you.

You have the right to lodge a complaint with the Data Protection Authority, in particular in the Member State of your residence, place of work or place of an alleged infringement, if you consider that the processing of your personal data infringes the GDPR.

If you wish to exercise any of these rights, please contact us (see Contact Us below). We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request. We may request proof of identification to verify your request. We have the right to refuse your request for the reasons set out above, or if it is manifestly unfounded or excessive, or to the extent necessary for important objectives of public interest.

6. Security and where we store your personal data

We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our database, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We have implemented strict internal guidelines to ensure that your privacy is safeguarded at every level of our organisation. We will continue to revise policies and implement additional security features as new technologies become available. Where we have given you a password which enables you to access certain parts of our Site, you are responsible for keeping that password confidential. We ask you not to share your password with anyone.

Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Site. Any transmission of personal data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorised access or disclosure.

7. Parental Rights

This Privacy Statement and associated Cookie Policy. tells you about the kinds of information that we may collect relating to all individuals using the website, including minors. If you are a parent or guardian of a minor that is using the website you may request that we delete from our records the Personal Data we have collected relating to that minor. Please keep in mind that a request to delete records may lead to a termination of an account. If you have any questions or concerns about our approach to children's privacy, or you, as a parent or guardian, want to access the data of your child, or request the deletion of your child's data, please submit a request via [email protected].

8. Changes to this Privacy Statement

We reserve the right to change this Privacy Statement from time to time at our sole discretion. If we make any changes, we will post those changes here and update the “Last Updated” date at the bottom of this Privacy Statement. However, if we make material changes to this Privacy Statement, we will notify you by means of a prominent notice on the Site prior to the change becoming effective. Please review this Privacy Statement periodically for updates.

9. Contact Us

Questions, comments, requests and complaints regarding this Privacy Statement and the personal data we hold are welcome and should be addressed to [email protected] or sent in writing to ChangeX, Dogpatch Labs, CHQ Building, Docklands, Dublin 1. All requests will be dealt with promptly and efficiently.

For a list of the third parties that we might share your personal data with, please click here

Last Updated: 07.10.2022

×