Privacy Policy

Introduction

Welcome to Emirates Nature Association.

We are an Emirati non-profit association (licensed by the UAE Ministry of Community Development No. 162 of 2022), working in partnership with the WWF global network, which operates in over 100 countries worldwide (hereinafter referred to as “Emirates Nature–WWF” or “we/us/our”).

In all our conservation efforts, the trust and support of individuals like you is vital. We take your privacy very seriously and are committed to collecting, using, and protecting your personal data in a transparent and secure manner, in accordance with the UAE Federal Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and, where relevant, international standards (such as the GDPR for cross-border activities).

Please read this Privacy Policy carefully, alongside any other documents or terms we may refer to.

1. Who We Are

Emirates Nature–WWF is a charitable association in the UAE, dedicated to safeguarding nature and promoting sustainable practices. As part of the wider WWF global network, we collaborate with organizations worldwide to protect biodiversity and advance conservation. This Privacy Policy applies only to Emirates Nature–WWF’s activities and data processing in the UAE.

Where you see “we,” “us,” or “our,” it refers to Emirates Nature–WWF in the UAE. When you see “you,” “your,” or “yourself,” it refers to you as the individual engaging with us or providing personal data to us.

2. Why We Collect Your Data

Our mission is to create a future where people and nature thrive. To achieve this:

  • Effective Communication: We want to keep you updated about our initiatives, campaigns, and achievements, such as our “Leaders of Change” program.
  • Resource Allocation: By understanding what matters to you, we can direct financial and operational resources to the most impactful conservation efforts.
  • Service Delivery: We may need your details to fulfill requests, process donations, or facilitate event registrations.
  • Legal & Regulatory Obligations: We also collect certain data to comply with UAE law and ensure transparency, prevent fraud, and maintain proper records.

3. When We Collect, What We Collect, How We Collect It, and What We Use It For

3.1 When We Collect

We collect your personal data whenever you interact with us, including (but not limited to) when you:

  • Join or sponsor any of our activities (events, workshops, field campaigns, MOOCs, etc.).
  • Subscribe to our newsletters, request information, or donate to support our conservation work.
  • Use our websites or mobile applications (including the “Leaders of Change” app).
  • Apply for a job or volunteer with us.
  • Contact us by email, phone, or in person for any other reason.

3.2 What We Collect

Depending on the nature of your engagement, we may collect:

  • Basic Personal Data: Name, address, email, phone number, date of birth/age, gender, nationality, Emirates ID if required, passport or visa copy if necessary (for certain field activities or official processes).
  • Financial Data: Payment information (e.g., credit card details) to process secure transactions, typically handled by trusted third-party processors like YallaGive.
  • Technical Data: IP address, browser type, device information, cookies, and other online identifiers.
  • Sensitive Personal Data: In limited cases (e.g., job applications or health-related volunteer programs), we may collect health data or background checks with your explicit consent.
  • Audio-visual content: Images, photographs, or videos if you participate in events or volunteer activities.
  • Supporter records: Donation history, campaign participation, communication preferences, or reasons for supporting us.

Note: If you buy a subscription or donation gift for someone else, we may need their name and address to send the relevant updates, but we will not use their details for anything else unless they expressly request it.

In specific, limited circumstances, we may collect special categories of personal data (subject to your explicit consent). These may include:

  • Job Applications: Data about your race or ethnicity, gender, marital status, parental status or dependents, professional history, Emirates ID, passport copy, visa copy, health and disabilities, and criminal convictions—used solely for equal opportunities monitoring.
  • Surveys and Research: Information provided in equal opportunities monitoring surveys or other surveys we initiate.
  • Financial and Credit Card Information: Billing details to securely process transactions.

3.3 How We Collect Your Data

  • Direct Interaction: Online forms, event registrations, volunteer sign-ups, phone calls, emails, or job applications.
  • Automated Technologies: Cookies and analytics tools (e.g., Google Analytics) to track usage on our Platforms.
  • Social Media: If your settings or the platform’s privacy policies allow, we may access certain data from your accounts.
  • Third Parties: If you consented elsewhere for your data to be shared with us (e.g., partner databases).
  • Publicly Available Sources: For major donor research or verifying address changes.

3.4 Desk Research

In certain limited cases, we conduct Desk Research or limited profiling to understand potential major supporters or donors’ backgrounds and interests using publicly available information—such as media articles, public directorship listings, or typical income brackets. This helps us:

  • Engage more effectively with those genuinely interested in our environmental cause, thereby avoiding mass outreach that may be irrelevant.
  • Direct resources and communications more efficiently and cost-effectively.
  • Maintain transparency about our methods of collecting publicly accessible data, without violating personal privacy.

For instance, if someone’s name appears in the media as a supporter of environmental initiatives or a donor to wildlife conservation, we may rely on that information to reach out to them about our own campaigns and programs—always in compliance with applicable laws. This way, we focus our efforts on individuals who may welcome engagement about our work.

Note: We adhere to strict ethical and legal guidelines when performing any Desk Research, using personal data solely for legitimate, mission-related purposes.

3.5 What We Use Your Data For

We use your personal data to:

  • Provide services or resources you request (events, campaigns, course enrollments, volunteering opportunities).
  • Keep you informed about conservation news, updates, and the work you’re supporting.
  • Administer your donations and payments (receipts, confirmation).
  • Manage your relationship with us (communication preferences, history of engagement).
  • Send tailored communications or display relevant ads based on your interests.
  • Invite you to events or campaign actions supporting our advocacy work.
  • Analyze data (statistical or marketing research) to enhance our efficiency, ensuring data is anonymized or aggregated where possible.
  • Fulfill any legal or regulatory requirements in the UAE.

4. Our Legal Basis for Processing Data

Under the UAE Federal Personal Data Protection Law (PDPL), we rely on one or more of the following legal grounds to collect and process your data:

  • Explicit Consent: Particularly if we need to process sensitive personal data or send certain direct marketing messages.
  • Performance of a Contract: For example, if you request a service or register for an event, we use your data to fulfill that request.
  • Legal Obligations: Complying with UAE laws, regulatory bodies, or legitimate government requests.

If our processing relies on your consent, you can withdraw that consent at any time (see Section 13).

5. What We Communicate With You About

  • What You Specifically Asked For: Details of campaigns, event updates, or program news (e.g., “Leaders of Change”).
  • Marketing & Fundraising:
    • Donations: We may ask for financial or in-kind support or invite you to renew or upgrade your contributions.
    • Campaigning: We inform you about petitions, pledges, or other advocacy actions you might join to make a greener impact.
    • Events: We host various events, workshops, or volunteer activities and may invite you to participate.

You can always opt out of these marketing communications (see Section 6).

6. Marketing Preferences

We strive to make it straightforward for you to control how and when we communicate:

  • Email or Text: Usually, we require your opt-in. You can unsubscribe via a link or email us.
  • Phone Calls: If you provided your number, we may call unless you prefer otherwise.
  • Subscription Changes: Changing marketing preferences won’t affect critical service communications (e.g., updates about a volunteer role).

7. Cookies

Cookies are small files stored on your device that remember who you are and how you use our Platforms. They help us:

  • Operate our website effectively.
  • Analyze visits (through Google Analytics or similar) to see which content is most popular.
  • Customize or target ads and messages relevant to your interests.

You can modify your browser settings to reject or disable cookies, but some functionalities may be affected.

8. Who We Share Your Personal Data With

  • Service Providers: E.g., hosting services, payment processors (like YallaGive), marketing agencies, or printing companies—bound by our instructions and data security obligations.
  • Accreditation Partners: For instance, Baadr if they issue certificates for successfully completed courses or programs.
  • WWF Global Network: In limited cases, we may refer your request to another WWF office better suited to respond or manage your relationship.
  • Government or Regulatory Bodies: When required by UAE law, court order, or legitimate authority requests.
  • No Third-Party Sales: We do not sell or trade personal data for commercial marketing by other entities.

Cross-Border Transfer

Where data is transferred outside the UAE (e.g., to the US or the EEA):

  • We ensure an equivalent level of protection, possibly via recognized adequate jurisdictions or contractual clauses.
  • We inform you if there’s a material international transfer beyond typical processes.

9. How We Keep Your Personal Data Safe

  • Technical Measures: Encryption (SSL), firewalls, intrusion detection, and regular cybersecurity reviews.
  • Organizational Measures: Access is limited to authorized staff bound by confidentiality, following a “need-to-know” principle.
  • Incident Response: If a significant data breach threatens your privacy, we’ll promptly notify the relevant UAE authority and inform you when required by law.
  • User Responsibility: We encourage you to keep passwords confidential and avoid sharing them.

10. Keeping Your Data Up to Date

We appreciate your help in keeping your personal data accurate. Should you change your address, phone number, or email, you can:

Where lawful and suitable, we may also use publicly available sources to update addresses or contact details, strictly for relevant conservation or fundraising needs.

11. How Long We Keep Your Data For

We only retain your personal data as long as necessary for its original purpose or to meet legal, regulatory, accounting, or reporting obligations. Specifically:

  • Active Supporters: If you have engaged with us (e.g., opened our mails, signed a petition, donated) within the last five years, we consider you an Active Supporter. We keep relevant data to update you on projects and invite ongoing support.
  • Archived Records: If you become inactive for a certain period, we may retain minimal data (e.g., name, donation history) for legitimate regulatory or historical reasons. We may anonymize other data so it no longer identifies you.

When retention is no longer needed or legally mandated, we either delete or anonymize your data.

12. How to Find Out What Data We Have About You

You have the right to access the personal data we hold about you. If you wish to:

  • Submit a request (email or post), specifying which data you want and providing proof of identity.
  • We may seek further details (timeframe, data category) to clarify the request.
  • We aim to respond within the timeframe required by UAE law.
  • We typically do not charge unless the request is clearly excessive or unfounded, in which case we’ll inform you of any fee in advance.

13. Your Rights

Under PDPL and other relevant data protection laws, you have various rights regarding your personal data:

  • Right of Access: Obtain a copy of your personal data (“subject access request”).
  • Right to Rectification: Correct any inaccurate or incomplete personal data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion where legitimate grounds apply.
  • Right to Object or Stop Processing: If your data is processed under legitimate interests or for direct marketing, you may oppose that processing.
  • Right to Restrict Processing: Ask to limit the use of your data in certain circumstances.
  • Right to Data Portability: In specific cases, request to transfer your data to another provider.
  • Right to Withdraw Consent: If processing is based on consent, you can withdraw it at any time without affecting the legality of previous processing.

We may refuse specific requests if we’re legally required to keep certain data (e.g., financial records). We will clarify our reasons if we do so.

14. Changes to This Policy

Last Updated: March 2025.

We reserve the right to modify or update this policy periodically to reflect changes in legal requirements or operational needs.

Significant changes will be announced through a prominent notice on our website or by email. We encourage you to revisit this page from time to time.

15. Data Security

We and our third-party service providers take all the appropriate technical and organisational measures to ensure that your personal information is protected, in compliance with our legal obligations. However, in case you become aware about any breach of your personal data, please note that you have the right to contact us or the UAE Data Office.

16. Further Information

Our processing of personal data primarily follows the UAE Federal Personal Data Protection Law No. 45 of 2021 (PDPL). Where relevant for cross-border activities, we may also reference international standards like the EU General Data Protection Regulation (GDPR).

17. How to Contact Us

For any queries, requests, or concerns about this Privacy Policy or our data processing, you can reach us through: