GDPR Policy

At myveca.org, we are committed to protecting your personal data and ensuring transparency in how your information is collected, used, and stored. This GDPR Policy explains your rights under the General Data Protection Regulation (“GDPR”) and how we comply with data protection laws when handling personal information of individuals located in the European Union (EU) and European Economic Area (EEA).

1. Data Controller

myveca.org is the Data Controller responsible for determining how and why your personal data is processed.
If you have any questions about this policy or wish to exercise your rights, please contact us at:
Email: support@myveca.org

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

Identity Data: name, address, date of birth (if provided).

Contact Data: email address, phone number, billing/shipping address.

Transaction Data: donations, orders, payment information (processed securely by payment partners and never stored directly by us).

Technical Data: IP address, browser type, device information, cookies, and analytics data.

Usage Data: website interactions, page visits, product views, and form submissions.

Communication Data: messages sent through contact forms or support channels.

3. How We Collect Your Data

We collect data through:

Direct submissions (checkout, donations, forms).

Account creation or profile updates.

Email or customer support communication.

Website cookies and analytics tracking tools.

Automated systems detecting browsing behavior.

4. Legal Basis for Processing

We process personal data under the following lawful bases:

Contractual Necessity: to process orders, donations, and deliver services.

Consent: for marketing emails, cookie usage, or optional account details.

Legitimate Interests: improving website functionality, preventing fraud, and analyzing user behavior.

Legal Obligation: tax, accounting, and compliance requirements.

5. How We Use Your Personal Data

We use your data to:

Process and deliver donations, purchases, and account services.

Communicate order updates or customer support responses.

Improve website performance and user experience.

Send marketing communications (only with your consent).

Maintain security and prevent fraudulent activity.

Comply with legal obligations and reporting requirements.

6. Sharing Your Data

We may share your personal data with:

Trusted payment processors (Stripe, PayPal, etc.).

Email service providers for communication.

Analytics tools (e.g., Google Analytics).

Fulfillment partners for shipping or delivery.

Legal authorities when required by law.

We never sell or rent your personal data.

7. International Data Transfers

If personal data is transferred outside the EU/EEA, we ensure adequate protection through:

Standard Contractual Clauses (SCCs),

GDPR-compliant service providers, or

Approved protection mechanisms.

8. How Long We Keep Your Data

We only retain your personal data for as long as necessary to fulfill the purposes outlined in this policy, such as:

Order and donation records (per legal retention requirements).

Account data (until deleted by the user).

Marketing data (until consent is withdrawn).

After this period, your data will be securely deleted.

9. Your GDPR Rights

You have the right to:

Access your data – request a copy of the information we hold.

Rectify your data – correct inaccurate or incomplete information.

Erase your data – request deletion where no longer needed.

Restrict processing – limit how your data is used.

Data portability – receive data in a transferable format.

Object to processing – including marketing or profiling.

Withdraw consent – at any time without affecting lawful processing.

To exercise any rights, contact: support@myveca.org

10. Cookies & Tracking Technologies

We use cookies to:

Improve website functionality

Analyze performance and usage

Provide personalized experience

Enable shopping cart and donation processing

Visitors may customize or disable cookies through their browser settings or cookie banner controls.

11. Data Security

We implement strict security measures to safeguard your data, including:

Encrypted connections (HTTPS)

Secure checkout and payment gateways

Access controls and authentication

Regular system monitoring and updates

However, no online system is 100% secure, and users should exercise caution when sharing personal information online.

12. Changes to This Policy

We may update this GDPR Policy to reflect changes in legal requirements or operational practices. Updates will be posted on this page with a revised “Last Updated” date.

13. Contact Information

For questions, requests, or concerns regarding this policy, please contact:
Email: support@myveca.org