Skip to main content

Privacy Policy

This privacy policy sets out how (“NNEF Public Foundation (‘NNEF’)”, “we”, “us”) collects, uses and protects your personal data.

  1. The types of personal data we collect about you

Personal data means any information about an individual from which that person can be identified.

We may collect, use, store and transfer different kinds of personal data about you during the course of doing business. This can include, but is not limited to, the following groups of data:

  • Identity Data includes first name, last name, any previous names, username or similar identifier, marital status, title, date of birth and gender.
  • Contact Data includes billing address, delivery address, email address and telephone numbers.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access this website.
  • Usage Data includes information about how you interact with and use our website, products and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals’ Usage Data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our service offering.

This website is not intended for children and we do not knowingly collect data relating to children.

  1. How is your personal data collected?

We use different methods to collect data from and about you, including through:

  • Your interactions with us. You may give us your personal data by filling in online forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you give us feedback or contact us.
  • Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns, unless you have opted out of this type of data collection. We collect this personal data by using cookies, and other similar technologies. Please see our cookie policy for further details.
  • Third parties who you have authorised us to engage with on your behalf or for your benefit.
  1. How we use your personal data

Legal basis

The law requires us to have a legal basis for collecting and using your personal data. We may rely on one or more of the following legal bases:

  • Consent: We may use your personal data where you have consented to such processing. We will rely on this form of consent only where we have obtained your active and informed agreement to use your data for a specified purpose, for example, if you subscribe to an email newsletter.
  • Performance of a contract with you: We may use your personal data where it is necessary for the performance of our contractual relationship with you, with the aim of concluding, amending or terminating a contract, or in order for us to take steps at your request prior to entering into a contract.
  • Compliance with legal obligations: We may use your personal data where it is necessary for compliance with a legal obligation that we are subject to.
  • Legitimate interests: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests or the legitimate interests of a third party. Your personal data may be used in circumstances such as to prevent, detect and investigate crime, including fraud, and analysing and managing other risks.
  • Protection of vital interests: We may use your personal data where it is necessary for the protection of your vital interests or the vital interests of another person.
  • Protection of public interests: We may use your personal data where it is necessary for the protection of the public interest or in the exercise of official authority vested in the controller.

Purposes for which we will use your personal data

We have set out below, in a table format, a description of the most common ways we would use the various categories of your personal data, for which we have legal bases to do so, as described above.  

Type of Data

Purpose/Use

(a) Identity

(b) Contact

(c) Marketing and Communications

To manage our relationship with you which may include:

(a) Notifying you about changes to our terms or privacy policy.

(b) Dealing with your requests, complaints and queries.

(c) Corresponding with you.

(a) Identity

(b) Contact

(c) Technical

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

(a) Technical

(b) Usage

To use data analytics to improve our website, products/services, customer relationships and experiences and to measure the effectiveness of our communications and marketing.

Third-party marketing

We will get your express consent before we share your personal data with any third party for their own direct marketing purposes.

Opting out of marketing

You can ask us to stop sending you communications at any time by following the opt-out links within any marketing sent to you or by contacting us using the details below.  

Cookies

For more information about the cookies we use and how to change your cookie preferences, please see our cookie policy.

  1. Sharing Your Information

We do not sell, trade, or otherwise transfer your personal information to outside parties, except as required by law or with your consent. We may share your information with trusted third parties who assist us in operating our website and conducting our business, provided they agree to keep your information secure and confidential. We will only provide those companies with information they need to deliver the specific services and they will be prohibited from using that information for any other purpose. In any instance where we are required to transfer your personal information outside of France, NNEF will take all steps reasonably necessary to ensure that your Information is treated securely and in accordance with this privacy policy.

  1. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We will notify you and any applicable regulator of a personal data breach where we are legally required to do so.

  1. Data retention

We will not keep personal data for any longer than is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed.

We will retain data for the purposes of direct marketing as long you consent to receive marketing from us or for as long as we have a legitimate interest in retaining it.

  1. Your legal rights

You have a number of rights under data protection laws in relation to your personal data.

You have the right to:

  • Request access to your personal data (commonly known as a “subject access request”).
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data in certain circumstances.
  • Object to processing of your personal data.
  • Request the transfer of your personal data to you or to a third party.
  • Withdraw consent at any time where we are relying on consent to process your personal data.
  • Request restriction of processing of your personal data. If you wish to exercise any of the rights set out above, please contact us.

Please note that these requests will be subject to the grounds upon which the data is being processed, and it is not a guarantee that we can action your request. Any decisions made will be explained to you in writing.

  1. Contact details

If you have any questions about this privacy policy, please contact us at dpo@dinara-kulibayeva.com.   

  1. Complaints

You have the right to make a complaint at any time to the Commission Nationale de l’Informatique et des Libertés.  We would, however, appreciate the chance to deal with your concerns before you approach the relevant complaint body so please contact us in the first instance.

  1. Changes to the privacy policy and your duty to inform us of changes

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated effective date.

  1. Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.