Data Privacy Policy

Sunaulo Sansar NGO takes the protection of your personal data very seriously and strictly
adheres to the applicable data protection laws, in particular to the provisions of Regulation (EU)
2016/679 (General Data Protection Regulation) (hereinafter referred to as “GDPR”).
Our digital services may contain links to other websites of third party service providers to which
this data protection declaration does not apply.

1. Responsible authority

Responsible for the processing of your personal data is
Sunaulo Sansar NGO
Lazimpat 2, Kailash Chaur Marg 281
P.O. Box 25310
Kathmandu, Nepal
Tel. + 977 1 4441634 / + 977 9841311158
This email address is being protected from spambots. You need JavaScript enabled to view it.


If you have any questions regarding data protection, please contact us at the e-mail address
This email address is being protected from spambots. You need JavaScript enabled to view it.


2. Purposes of the processing of personal data

The use of our website is usually possible without providing personal data. Personal data, such
as names, addresses or e-mail addresses are always provided on a voluntary basis if possible.
These data will not be passed on to third parties without your express consent, with the
exception of the service providers named below, who support us in providing our services.

2.1. Communication data

We process your communication data (name, e-mail address) in order to be able to contact you.
Personal data that you provide to us by e-mail and/or via the contact form on this website will
only be processed for correspondence with you or only for the purpose for which you have
made the data available to us (donation receipt).
The basis for this data processing is Art. 6 para. 1 lit. b GDPR, which permits the processing of
data for the fulfilment of a contract or pre-contractual measures.

2.2. Data processing for the fulfilment of legal obligations

In addition, we may process your data to fulfil legal obligations (e.g. regulatory requirements,
commercial and tax storage and proof obligations).
The basis for data processing is Art. 6 para. 1 lit. c GDPR, which permits processing for the
fulfilment of a legal obligation.

2.3. Log files

Whenever our websites are accessed, usage data is transmitted through the respective Internet
browser and stored in log files, the so-called server log files. The data records stored in this way

contain the following data: Date and time of access, name of the page accessed, shortened IP
address, referrer URL (originating URL from which you accessed the website), the amount of
data transferred, as well as product and version information of the browser used. The shortened
IP addresses of the visitors are deleted or made anonymous after the end of use.
The basis for data processing is Art. 6 para. 1 lit. f GDPR, which permits the processing of data
to protect the legitimate interests of the data controller, provided that the interests or
fundamental rights and freedoms of the data subject do not prevail.

2.4. Social buttons

On many of the pages of the site you will see 'social buttons'. These enable users to share or
bookmark the web pages. In order to implement these buttons, and connect them to the
relevant social networks and external sites, there are scripts from domains outside. You should
be aware that these sites are likely to be collecting information about what you are doing all
around the internet. So if you click on any of these buttons, these sites will be registering that
action and may use that information. In some cases these sites will be registering the fact that
you are visiting our site and the specific pages you are on, even if you don't click on the button if
you are logged into their services, like Twitter, Xing and Facebook. You should check the
respective policies of each of these sites to see how exactly they use your information and to
find out how to opt out, or delete, such information.

3. Categories of receipt of personal data

Insofar as we make use of the services of third parties to carry out our services, we process
personal data according to the provisions of the GDPR. Service providers who support us in
providing our services to you are the it-service providers, hosting providers and e-mail service
providers.

4. Duration of data storage

In principle, we delete your data as soon as it is no longer required for the above-mentioned
purposes, unless temporary storage is still necessary. Thus we store your data on the basis of
legal proof and storage obligations.

5. Rights of the persons concerned

You can request information about your personal data stored by us and under certain conditions
request the correction or deletion of your data by contacting us via our contact data given under
section 1. You may also have the right to restrict the processing of your data and to have the
data you provide disclosed in a structured, common and machine-readable format. If you have
given us your consent to process personal data for specific purposes, you can revoke your
consent at any time with effect for the future. You may object to the processing of your data for
direct marketing purposes. If we process your data to protect legitimate interests, you may
object to such processing for reasons arising from your particular situation. You can also contact
a data protection supervisory authority. If you have any questions regarding data protection,
please contact us at This email address is being protected from spambots. You need JavaScript enabled to view it.