Data collected from visitors to our websites
How we treat data that is regulated under the GDPR (the EU’s General Data Protection Regulations).
Data collected from Visitors
The Merlin Foundation collects information from visitors to our website so that we may communicate with you about Foundation activities. Communication includes email, telephone, direct mail, social media or other communication formats subject to ensuring that such communications are provided to you in compliance with applicable law.
We do not sell, give, or trade the personal information or statistics we store to any third parties for data-mining or marketing purposes. At any time, you may unsubscribe from our promotional communications by simply clicking on the unsubscribe link included in every general email or newsletter we send, or by contacting us at firstname.lastname@example.org. After you unsubscribe, we will not send you further emails, but we may continue to contact you to the extent necessary for the purposes of other specific information you have requested.
Why We Collect Your Information
Merlin may index and use your personal data, as reasonably necessary and in accordance with your consent to:
Send you information requested via the website.
Send you general communications.
Send you email notifications which you have specifically requested.
Send you our newsletter and other information which we think may be of interest to you, such as online event invitations).
Respond to inquiries you have made relating to the Foundation and our activities.
Improve your browsing experience on our website.
How We Collect Information
Web forms: We use web forms to collect basic personal data that will enable us to communicate with you. You are the sole source of information provided to us on our website. Our website may collect any or all of the following: name (first, last), business email address, business phone number, job title, company name, and mailing address.
Data Subject to GDPR Regulations
Although the Merlin Foundation is not currently registered under the Privacy Shield program, we are committed to handling personal information coming from EU countries in accordance with the Privacy Shield framework. That program would authorize the Merlin Foundation to store and host EU personal data with appropriate procedures for data subjects to request a copy of, or modifications to personal data.
Here is more information about how Merlin handles EU data subject to the GDPR.
Data Controller and Data Processor
For our users and visitors, we act as data controllers. Our client determines what data to store in the Merlin platform, who can sees that data, and the ultimate disposition of that data. Our clients must obtain permission or have other legitimate bases to collect and process information in accordance with the GDPR. As a data processor, our responsibility is to provide services and keep the data we maintain secure in accordance with client instructions.
We regularly review our policies, processes, and procedures to ensure that they are addressing our obligations to GDPR as a data controller. In general, we employ what we believe are reasonable efforts to maintain the accuracy and integrity of personal data received from our members and visitors.
Right to Access, Change or Delete Personal Data
The Merlin Foundation stands ready to change or delete any personal data you provide and to provide information upon request about what data we maintain. You may contact Director@merlindm.com for help with SAR requests.
Should there be a dispute with the data subject over the right to correct, edit, amend, block, erase or otherwise change their personal data, we will seek guidance from an appropriate authority before taking any action.
Questions and Compliance