Privacy Policy
A legal disclaimer
Privacy Policy – ShahMellat
Effective Date: [Jan 24,2026] | Last Updated: [Date]
We ShahMellat protect your privacy under GDPR (EU) 2016/679 where applicable, and other data laws. We are the data controller.
What We Collect
Name, email, address, phone, donation details, petition signatures, preferences, IP/device data, and (with explicit consent) special category data (e.g., political opinions).
How we collect
Directly from you, automatically (cookies), or from trusted partners.
Lawful Bases (GDPR Art. 6 & 9)
-
Consent (newsletters, special category data)
-
Contract (services/donations)
-
Legitimate interests (advocacy updates, analytics—balanced via assessment)
• Legal obligation (tax, reporting)
Purposes
Deliver campaigns, send updates, improve services, comply with law.
Sharing
Only with GDPR-compliant processors (e.g., email/payment providers), partners (with consent), or authorities if required. We do not sell data.
International Transfers
To non-EEA countries (e.g., U.S.) using Standard Contractual Clauses or other safeguards.
Your GDPR Rights
Access, rectify, erase, restrict, object, portability, withdraw consent. Contact [privacy@ngo-domain.org] to exercise rights. We respond within 1 month. You may complain to your supervisory authority.
Security & Retention
We use reasonable safeguards. Data kept only as needed (e.g., 6–7 years for financials; until withdrawal for marketing).
Cookies
Used for functionality/analytics. Manage via banner.