• +49 152 233 62353
  • info@pillarofangels.org

Privacy Policy

  • Home
  • Privacy Policy

   14 May 2025

Pillar of Angels ("we," "us," or "our") operates the website https://pillarofangels.org. We prioritize the privacy and security of your personal data. This Privacy Policy outlines in detail how we collect, process, store, and protect your information, ensuring compliance with:

    • General Data Protection Regulation (GDPR) (EU)

    • California Consumer Privacy Act (CCPA/CPRA)

    • Kenya Data Protection Act (2021)

    • Other applicable global privacy laws.

By accessing our website, you acknowledge that you have read, understood, and agreed to this policy. If you disagree, please discontinue use immediately.

1. Information We Collect

We gather data through:

A. Personal Information (Voluntarily Provided)

    • Identity & Contact Details:

        • Full name, email address, phone number, physical address (e.g., when donating, subscribing, or contacting us).

        • Example: "When you fill out our ‘Contact Us’ form, we collect your name and email to respond."

    • Financial Information:

        • Credit card numbers, bank details (processed securely via PayPal and Stripe)

        • Note: We do not store raw payment data; third-party processors handle transactions.

    • Demographic Data:

        • Age, gender (optional, for program tailoring).

    • Sensitive Data:

        • Religious affiliation (if relevant to services, collected with explicit consent).

B. Automated Data Collection (Via Technology)

    • Device & Technical Data:

        • IP address, browser type (Chrome, Safari), operating system (Windows, iOS), device model.

    • Usage Analytics:

        • Pages visited, session duration, click patterns (via Google Analytics, Hotjar).

    • Cookies & Tracking Tools:

        • First-party (essential) and third-party (marketing) cookies (see Section 4).

C. Data from Third Parties

    • Social media platforms (if you interact with our profiles).

    • Partner NGOs (shared only with consent).

2. How We Use Your Information

We process data for the following lawful bases (GDPR Article 6):

PurposeLegal BasisExamples
Service DeliveryContractual NecessityProcessing donations, sending automated receipts.
CommunicationConsent/Legitimate InterestResponding to inquiries, newsletters (opt-in).
AnalyticsLegitimate InterestImproving website UX via Google Analytics.
Legal ComplianceLegal ObligationFraud prevention, tax reporting.

Detailed Examples:

    • Donor Management:

        • Issue tax-deductible receipts (where applicable).

        • Acknowledge contributions in annual reports (unless anonymity requested).

    • Personalization:

        • Recommend relevant programs (e.g., youth initiatives for donors under 30).

    • Security:

        • Detect brute-force login attempts via IP monitoring.

3. Data Sharing & Disclosure

We do not sell your data. Disclosures occur only under these circumstances:

A. Service Providers (Data Processors)

    • Payment Processors: PayPal (encrypted transactions).

    • Email Services: System email

    • Hosting: Cloud (data stored in secure servers).

    • Legal Requirement:

        • If subpoenaed by Kenyan courts or regulatory bodies.

B. International Transfers

    • Data may transit through Germany-based tools (e.g., Google). We ensure safeguards like:

        • EU-U.S. DPF Certification (for GDPR compliance).

        • Standard Contractual Clauses (SCCs).

4. Cookies & Tracking Technologies

A. Cookie Types

CategoryPurposeExample Tools
EssentialSite functionalitySession cookies.
AnalyticsTraffic measurementGoogle Analytics (_ga).
MarketingAd targeting (opt-in)Facebook Pixel.

B. Consent Management

    • EU/UK Visitors: Display cookie banner (prior consent for non-essential cookies).

    • Global Users: Browser-based opt-out (via settings).

5. Data Security Measures

We implement:

    • Technical Safeguards:

        • TLS 1.2 Encryption (HTTPS).

        • Firewalls & DDoS Protection (Cloudflare).

        • Regular penetration testing.

    • Administrative Protocols:

        • Staff training on data handling.

        • Access controls (role-based permissions).

    • Breach Response:

        • Notify affected users within 72 hours (per GDPR).

6. Third-Party Links Disclaimer

Our site links to:

    • Donation portals (GiveWell, Patreon).

    • Social media (Facebook, Instagram).

Warning: We are not liable for their privacy practices. Review their policies separately.

7. Children’s Privacy (COPPA/GDPR-K)

    • Under 13 (16 in EU): No deliberate data collection.

    • Parental Rights: Contact us to delete a child’s data at privacy@pillarofangels.org.

8. Your Legal Rights

A. GDPR/CCPA Rights

    • Access: Request a copy of your data (free within 30 days).

    • Rectification: Correct inaccurate details.

    • Erasure ("Right to Be Forgotten").

    • Portability: Receive data in a machine-readable format.

    • Objection: Opt out of marketing or profiling.

B. Exercise These Rights

Submit requests to:
Email: info@pillarofangels.org
Postal Address: [Physical address for formal requests]

We may verify your identity before processing.

9. Policy Updates & Notification

    • Material Changes: Notify users via email or site banner.

    • Archive: Previous versions available upon request.

10. Contact Information

Data Controller:
Pillar of Angels:  Sonnenstrasse 8, 76599 Weisenbach, Germany
Email: info@pillarofangels.org
Phone: +49 152 233 62353