Privacy Policy

4. OUR LEGAL BASIS FOR PROCESSING

All of our use of personal data is in accordance with the applicable data protection law. The law requires us to only process data where we have a valid legal basis for doing so. Most commonly, we will use your personal data in the following circumstances: 

• Where we need to perform the contract we are about to enter into or have entered into with you, such as providing you with the service you have requested, (for example adoption updates or subscription magazines, and to contact you about these in order to administer your request). 
• Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (as set out below). 
• Where we need to comply with a legal or regulatory obligation, (for example regulatory bodies to satisfy our legal, regulatory and compliance obligations). 
• Your consent to us doing so.  

EN - WWF’s legitimate interests include administering your support, sending you marketing materials by phone, email and post, and understanding our supporters. A summary of each of these and some examples of how we may use your personal data in these ways on the basis of it being within our legitimate interests to do so are set out below: 

4.1 ADMINISTRATION OF FUNDS COLLECTED 
As an environmental charity, our mission is to build a future where people and nature thrive. In order to deliver against these imperative purposes, we need to undertake certain processing activities. Some of these will be to govern our entity, and some will be for operational administration reasons. 
 
Specific examples of processing activities under this legitimate interest include: 

• Recording your communication and marketing preferences and maintaining suppression files so we don’t contact you when you have asked us not to 
• Keeping a record of who our supporters are, your relationship with us, and your order, subscription, sponsorship and payment history 
• Reviewing our database of supporters across the organisation for historical, scientific and statistical purposes 
• Operational administration such as: 

• Recruiting and processing job applications 
• Keeping employee records and monitoring 
• Management and planning purposes 
• Thanking you for your support 
• Keeping you up to date with the work you are supporting and the latest conservation news 

• Administering your payments by sending your bank details to our third party payment processor, YallaGive 
• Financial management and controls such as: 

• Processing supplier invoices 
• Taking steps to prevent fraud, knowing our supporters, and taking steps to ensure there is no misuse of services or money laundering 
• Enforcing legal claims including debt collection and out of court expenses 

4.2 TO CONTACT YOU BY POST, EMAIl AND PHONE 
Contact with our supporters is vital to the way we operate – when you join EN - WWF, you are joining a worldwide movement and showing your support for environmental issues. We want to keep in touch with you and, along with telling you how your support is helping and what we have achieved together, we also want to keep you up to date with the numerous activities you can get involved with. We believe it is in our legitimate interest to send you such materials by post, only when necessary, as we opt for digital communications such as email, and to speak to you by phone, unless you have told us you prefer us not to. In order to achieve our mission we need people like you to support us, and to gather your support we need to be able to contact you. 
 
Specific examples of processing activities under this legitimate interest include:- 

      sending marketing materials as detailed below, including: 

• Asking for financial and non-financial support 
• Inviting you to take part in campaigns and support our advocacy work 
• Inviting you to events by email and phone 
• Sending you details of services you can purchase 
• Providing you information on similar services you may purchase, if you have previously purchased from us, and have not opted out of receiving such information 

4.3 UNDERSTANDING OUR SUPPORTERS 
It is important that we understand our supporters. If we don’t understand you, then we cannot communicate with you in a meaningful way, and in a way which will be engaging and interesting. If we understand you, then we are better able to direct communications to you which you will be interested in. This helps us safeguard your funds and ensure value for money across our communication activities. In order to understand our supporters better, we undertake a number of processing activities including analysis, research, profiling and customising your experience as detailed in this policy. 
 
Specific examples of processing activities under this legitimate interest include: 

• Analysing our database and seeing what has worked and what hasn’t. This helps us develop our products and services, and helps inform our marketing strategy so we only send you information that we think will be of interest to you, and so that we understand the effectiveness of the marketing we serve you. 
• Researching your interests - we want to utilise your funds in the most cost effective way, and so we don’t send blanket messages to the entirety of our database. Rather, we deliver content we think will be relevant to you and personalised when appropriate. 
• In limited circumstances, analysing the personal data we collect about you and using publicly available information to better understand your interests, preferences and level of potential funds so that we can contact you more effectively. 
• Customising your experience and displaying more relevant information (including adverts) to you. 

 
If you would like more information on our uses of legitimate interests or to change our use of your personal data in this manner, please contact us.

5. WHAT WE COMMUNICATE WITH YOU ABOUT

WHAT YOU’VE REQUESTED
We communicate with you about what you have asked us to – to provide the services you have requested. For example, if you have signed up to a campaign, we will keep you in touch with our campaigns. 

We will keep you up to date with the latest conservation news and updates. If you have subscribed to the Leaders of Change programme, then you will periodically receive updates on our latest work. 

MARKETING
In addition to conservation news and updates on our work, we may also contact you about three other things (note: these are detailed examples of the types of communications we may send, and are not exhaustive): 

• Marketing: Your support is vital to our work and without you we would not be able to continue our conservation efforts. We may ask you to make a payment, contribute to an appeal, upgrade your support or change its type. We may also as you to renew or restart your support. We‘d also love to show you what you can purchase via the Leaders of Change programme inspired by our natural world through activities on this platform, events, campaigns, activities on the field, virtual activities, courses, workshops, seminars, majlises, and MOOCs. 
• Campaigning: We’d love to tell you about our campaigning activities and advocacy work so that you can get involved. This could be telling you about activities such as how to make greener lifestyle choices, signing a petition, contacting businesses or sharing campaign communications to influence for positive change for the environment. 
• Events: We run a host of events, which we may like to invite you to. We’d love to tell you about our challenge events which we’d love you to get involved with. We’d also like to tell you about community opportunities where we can support you with your own events, or days where you can join a movement like Earth Hour. 

The law distinguishes between the channels you choose to receive this information, and so we give you different options when we ask to use your personal data in this way. 

We will always ask for your consent if we want to contact you by email or text message, however we do not normally ask for consent to make telephone calls to you or write to you about any of these three things (provided you haven’t specifically told us you don’t want to receive them). This is because each of these activities is fundamental to how we work, so we have a legitimate interest to contact you, as described in section 4 above. 

When you give us your details, we will tell you what we are going to do with them. You will always be given the opportunity to opt-out of receiving these materials by phone, email and post if you prefer not to. You can unsubscribe at any time - see Terms and Conditions for further information. 

While we don’t usually ask, there are some instances where we may have expressly asked you for consent to receive telephone calls or letters from us (for example, if you gave us your details in person). If you have consented for us to contact you in these ways, we will continue to do so unless you tell us not to. 

In addition, where you have visited our online shop and provided us your details, we may send you information about similar products which we think will be of interest to you, where you have not opted out of receiving such information. We will also always provide an opportunity for you to opt-out in every communication we send you about these products. 

6. MARKETING PREFERENCES

We make it easy for you to tell us how you want us to communicate with you. Our communications have clear marketing preference questions and we include information on how to opt out when we send you marketing or any other materials, which in the case of emails, is by means of an unsubscribe link. 

Where you have previously provided us with your telephone number, please note that we may use that telephone number to call you. You can, of course, change your preferences at any time if you wish to as detailed above. 

Please note that changing your subscription preferences will not affect the communications we send you where it constitutes the service you have requested – for example, if you have signed up to the Leaders of Change programme and then tell us you do not wish to receive information on our activities on this platform, events, campaigns, activities on the field, virtual activities, courses, workshops, seminars, majlises, and MOOCs, you will still receive your programme updates. 

7. COOKIES

Cookies are small files that are sent to a computer’s hard drive by a web server, enabling a website to remember who you are. Information from cookies may include information relating to your use of our websites, information about your computer (such as IP address and browser type), and demographic data. We use cookies to improve our Platforms.

Specifically, we use Google Analytics, and other similar products to track unique visitors to our website and app (storing a unique visitor ID, the date and time of first visit, the time their current visit started, and the total number of visits they have made); to register session details (so as to attribute visit information, including conversions and transactions to a traffic source); and to register that a website visit has ended and the browser closed. Most internet browsers have a mechanism notifying you when you receive a new cookie, and telling you how to reject new cookies or disable cookies altogether (if you wish to do so).

8. WHO WE SHARE YOUR PERSONAL DATA WITH

THIRD PARTY FOR THEIR MARKETING
We do not sell your personal data with third parties so that they can market to you. 

As with other organisations, we do not undertake all of our processing activities ourselves and we appoint suppliers to help us out. In order to do this we need to share your personal data with them so they know where to send it. Similarly, we don’t print all our letters in our office, nor do we print all of our design-work. 

In these cases and others, we ensure that we have a contract with the supplier and as part of that agreement the supplier agrees to respect the security of your personal data and to treat it in accordance with the law. We only permit suppliers to process your personal data for specified purposes and in accordance with our instructions. 

We may need to transfer your personal data to suppliers based in the US, inside European Economic Area (EEA) and other regions globally, from the UAE to allow them to perform services on our behalf (such as when you sign up for a petition to help safeguard the natural environment). In doing so, your personal data may be stored or otherwise processed outside of the UAE. 

In most cases, we do not transfer your personal data outside of the UAE. However, as we are part of a global WWF Nnetwork, there are some instances in which we may share your data within our Network. These instances are limited and are mainly where one of our Network offices wants to refer a contact to another office who would be better placed to contact the individual or manage the relationship, for example, where they live or work in that country. 

Whenever we transfer your personal data out of the UAE, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards are in place: 

• the country has been deemed to provide an adequate level of protection for personal data by the UAE; 
• a specific contract which is approved by and gives personal data the same protection it has in UAE has been entered into with the supplier.

SOCIAL MEDIA
Depending on your settings and the privacy policies for social media and messaging services like Facebook and Twitter, you might give us permission to access personal data from those accounts or services. For example, we occasionally participate in Facebook’s “Custom Audience” program which enables us to display adverts to our existing or potential supporters via Facebook. We provide personal data such as your email address to Facebook to enable them to determine if you are a registered account holder with Facebook. Our adverts may then appear when you access Facebook and on your Facebook feed. Your personal data is sent in an encrypted format that is deleted by Facebook if it does not match with a Facebook account. For more information please read the Facebook Business page about Custom Audiences and Facebook’s Data Policy. 

In other cases we will not disclose any of your personal data except in accordance with this policy, or when we have your permission, or under special circumstances, such as when we believe in good faith that the law requires it or to protect the rights, property and safety of us, WWF Network, or others. This includes disclosing your details if required to the police, regulatory bodies or legal advisors.

9. HOW WE KEEP YOUR PERSONAL DATA SAFE

We have appropriate physical, technical and managerial controls in place to protect your personal data; for example our online forms are always encrypted and our network is protected and routinely monitored. Within our offices only those who have a business need to access your information and who are trained in handling data securely will have access to your personal data. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Whilst we hope it will never happen, we have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are required to do so. 

When we use external companies to collect or process personal data on our behalf we undertake due diligence on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, including keeping and using your data securely. 

Our website may, from time to time, contain links to third party websites. If you follow a link to any of these websites, please note that these websites will have their own cookie policies and privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. 

Despite all of our precautions however, no data transmission over the internet can be guaranteed to be 100% secure. So, whilst we strive to protect your personal data, we cannot guarantee the security of any information which you disclose to us and so wish to draw your attention that you do so at your own risk. 

Where we have given you (or you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential, and we ask you not to share this with anyone.

10. KEEPING YOUR INFORMATION UP TO DATE

We really appreciate it if you let us know if your personal data details, or circumstances change. 

You can also update your personal data details online at any time via our change contact page: 

Phone: +971 (4) 383-9305 
Online: [email protected]

11. HOW LONG WE KEEP YOUR PERSONAL DATA FOR

We will only keep your personal data for as long as is necessary for the purpose for which it is collected, which may include the purpose of satisfying any legal, accounting or reporting requirements. If you request that we stop sending you marketing materials, we will keep a record of your contact details and the appropriate information to enable us to comply with your request not to be contacted by us. 

In order to determine how long we keep your data we look at the category of data and the reason we collected and have processed it, . We look at whether that reason is ongoing and whether you are an active supporter or not. We consider you to be an active supporter if you have opened our mailings and have interacted with us in some way such as if you have corresponded with us, signed up for a petition and/or financially supported us any time within the preceding five years. 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve these purposes through other means, and the applicable legal requirements. 

If at any time you cease to become an active supporter,  we will continue to send you communications for a limited period of time. We will keep your details for a further period of time for legitimate purposes such as legal and regulatory reasons. We will keep some personal data indefinitely (for example your name, address and payment history), as knowing that you were a supporter in the past is important for us to know. This can be decades after the last interaction with us. In these cases, we will only retain personal data which is necessary for these purposes and will delete or anonymise other parts of your record. 

As detailed above, we may hold personal data about individuals who interact with us in other ways. 

When we anonymise or delete your personal data, we will ensure that it is no longer identifiable to you. We may keep anonymised data for future analysis on aggregated data so that we can understand our supporters better. This may be for research or statistical purposes, or for any other purpose, and we may use this information indefinitely without further notice to you.

12. HOW TO FIND OUT WHAT INFORMATION WE HAVE ABOUT YOU

You can request the details of the personal data we hold about you. 

If you want to access your information, please contact us and send a description of the personal data you want to see and proof of your identity. 

We may then need to ask you for further information in order to service your request, such as confirmation of your identity, or whether there is any specific personal data you would like or from a specific time period. We may send you a form in order to assist you in this. 

We will respond to you in accordance of your legitimate request. You will not have to pay a fee to access your personal data however we reserve the right to charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively we may refuse to comply with your request in these circumstances.

13. YOUR RIGHTS

Under data protection laws you have various rights over your personal data. If you would like to exercise any of these rights then please contact us.

• You have the right to request access to your personal data, commonly known as a ‘subject access request’. This enables you to receive a copy of the personal data we hold about you. 

See: HOW TO FIND OUT WHAT INFORMATION WE HAVE ABOUT YOU. 

• You can request that we correct the personal data we hold about you. This enables you to have incomplete or inaccurate data we hold about you corrected, although note that we may need to verify the accuracy of the new data you provide to us 
• You have the right to ask us to erase your personal data in certain circumstances. Please note however that there may be circumstances where you ask us to erase your personal data but we are legally required or entitled to retain it. 

Where we are processing your personal data under the legitimate interest condition, then you may object to this processing, or request that the processing is restricted, if there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. Note that there may be circumstances where you object to, or ask us to restrict, our processing of your personal data but we are legally required or entitled to continue to processing your personal data and/or to refuse your request. 

In some cases, we may demonstrate that we have a compelling legitimate ground to process your personal data which overrides your rights and freedoms. 

• In certain circumstances you are able to request a transfer of your personal data from one service provided to another, such as from one service provider to a competitor. 
   
• Where we have asked you for consent to process your personal data, you may withdraw this consent at any time by contacting us. Please note however that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so.

14. CHANGES TO THIS POLICY

This policy was last updated in May 2024. It was re-worded to give you further information about how we collect, use and store your personal data, and to reflect the changes in applicable data protection legislation and to give you more clarity on how we use your personal data, and your rights in relation to it. 

We may amend or update this policy at any time to take account of any changes to data protection law or other legislation. When further updates to the policy are made they will be posted on this page, so please check back here regularly. Any significant changes will be notified to you.