The Rotary Club
Management System (hereinafter referred to as the « Polaris
») also known as Harmony is an initiative of:
Media Association of Rotary Switzerland-Liechtenstein(hereinafter referred to as
the « MAR »)c/o Juris Treuhand
AGIndustriestrasse 476304 ZugSWITZERLAND+41 (0)43 299 66 firstname.lastname@example.org
International » : Rotary's central organization that provides logistical and
structural support to national divisions;
Rotary » : Rotary organizations within the territory of a district
using the Polaris (hereinafter "Rotary" and "We");
« User » : Any member
(including, if applicable, the aspiring member or other non-Rotarian guest) of a Rotary club
registered on the Polaris platform and is therefore granted a right
« Personal data
» : any information relating directly or indirectly to an identified or identifiable
» : Any operation or set of operations carried out or not using automated
processes and applied to data or sets of personal data, such as collection, registration,
organization, structuring, preservation, adaptation or modification, extraction, consultation, use,
transmission, dissemination or any other form of provision, reconciliation or interconnection,
limitation, erasure or destruction;
Limitation of processing » : the marking of personal data held in
order to limit their future processing;
Controller » means the natural or legal person, public authority,
service or other body which, alone or jointly with others, determines the purposes and means of
the processing; where the purposes and means of such processing are determined by Union
law or by the law of a Member State, the controller may be designated or the specific criteria
applicable to his appointment may be provided for by the law of the Member State Union or by
the law of a Member State; in this case, it is "Rotary";
« Processor » means the natural or legal person, public
authority, service or other body that processes personal data on behalf of the controller; in this
case, it is "MAR".
Any person (hereinafter referred to as the « User »)
visiting and / or using the Polaris website (hereinafter referred to
as the « Site ») or our Services disclose a certain amount of
personal data. Personal data is information that allows us to identify you directly or indirectly as
a natural person.
Rotary collects and processes your personal data in accordance with
the relevant legal provisions, namely the European Regulation of 27 April 2016 on the protection
of individuals with regard to the processing of personal data and the free movement of such
data. (« Regulation » or « GDPR »).
accepts the collection and processing of his personal data in the manner described in this
Any substantial change will always be clearly communicated to Users. Rotary nevertheless
advises you to consult this document regularly.
Rotary is the Controller (« Decision maker ») and
determines, alone or jointly with others, the personal data that is collected, the purposes and
means of the processing.
As Controller, Rotary ensures compliance with the principles
of lawfulness and proportionality when collecting personal data. Rotary will collect and process
personal data only to the extent that the above data are adequate, relevant and not excessive in
relation to the purpose of the treatment.
Rotary undertakes to take all necessary steps
to ensure the secure processing of personal data. As a result, Rotary places a high priority on
ensuring the necessary safeguards with respect to the technical and organizational safeguards
for treatment. Rotary applies this commitment in all its relationships with processors. The User
may, upon written request, take note of the measures taken as part of the protection
Rotary is free to
use processors. The processor is a natural or legal person who processes your personal data at
the request and on behalf of the controller. The processor is required to ensure the security and
confidentiality of your data and always acts on instruction of the controller.
MAR, as the
main Processor, uses third parties, for example the developer of Polaris
and SEMDA. Both are subprocessors, each depending on their respective activity.
The MAR cannot therefore be held responsible for failures of the de facto subprocessors to
comply with the technical and organizational protection measures required. And this, except in
case of serious negligence occurred in the head of the MAR during the mission of the de facto
The MAR is also not responsible for the accidental or unlawful
destruction, accidental loss, alteration, access and any other unauthorized processing of
personal data provided the necessary technical and organizational measures have been taken.
In accordance with the GDPR Regulations, Rotary processes your personal data based on
the following legal grounds:
As a member of a Rotary
Based on the execution of the contract
to which you are a party or contractual measures taken at your request for the use of our Site
and the provision of our services and / or products.
On the basis of our legal obligations for all matters relating to the management of the
contractual relationship, including invoicing.
our legitimate interest in sending information and newsletters to our members as well as for the
"in memoriam" directory after the death of members.
In the first place, a large part of the
personal data is obtained directly from the Rotary member concerned. This collection of data
will be done in two ways, namely by the club to which the member is affiliated or by the user
himself when he adds, modifies or deletes data in his profile on Polaris
. The heads of the individual clubs and districts of which the user is a member, are in
charge of the collection of data, and decide which data will in turn be transmitted to Rotary
International. This collection of data is an integral part of Rotary membership and is necessary
for the proper functioning of the organization.
Thus, the following relevant identification
data will be collected, the list is not exhaustive.The Access to these data is only granted to
limited number of persons.
landline and mobile number, email address
In addition, the matter also
concerns data collection through the use of the Polaris
, which is necessary for the optimal functioning of the platform both with respect to the
direct user and for future changes.
It is not excluded that new features and add-ons will be added to the platform in the
future. These future operations will also be considered as relevant for data collection, as long as
they take place within the original purpose of Polaris.
your personal data for the sole purpose of providing you with an optimal, personalized and safe
use experience. The processing of your personal data is therefore essential to the proper
functioning of the site and the provision of our services. If data is missing, incorrect or
incomplete, Rotary reserves the right to suspend or cancel certain operations.
agrees to treat your Personal data exclusively for the following purposes:
Management of the members: administration, management of the activities,
invoicing, provision of support, sending of newsletters.
Protection against fraud and offenses.
By visiting our Site, certain
data is collected for statistical purposes. These data allow us to optimize your user experience.
This is your IP address, geographic area of access, day and time of access, and pages viewed.
By visiting the Site, you expressly agree to the collection of such data for statistical purposes.
data entered by the user himself is in principle visible to all other Users of
Polaris, this only if the user allows it. In addition, this data may be
published in the monthly magazine for members, the directory and your Rotary club's
Personal data collected through the use of
Polaris is only visible to the parties who collaborate on the platform.
This data is rigorously processed as part of the smooth operation (technical) of the platform.
Rotary is part of the Rotary International organization, which has an influence on local
operations. Any member of a local Rotary club is in the first place a member of Rotary
International. Part of the personal data is transmitted to these general structures.
data collected via the Polaris, are in principle made available to
the following third parties, within the framework of the above objectives:
Rotary International in Evanston;
MAR and its processors
Given the location of the aforementioned
third parties, the transfer to third parties also implies a transfer to third countries, which does not
guarantee a level of protection similar to that in force in the EU. However, Rotary takes all
necessary measures to ensure an adequate level of protection.
Your personal data will
not be sold, transmitted or communicated to other third parties, except with your prior consent.
Your data is
kept as long as necessary to achieve the purposes pursued. They will be erased from our
database as soon as they are no longer necessary for the purpose pursued or if you validly
exercised your right to erasure.
9.1 Guarantee of a legitimate and secure process of your personal data
Your personal data is solely processed for the legitimate purposes explained in Article 4.
Your personal is collected and processed in an appropriate, relevant and non-excessive
manner, and is not kept longer than necessary to achieve the intended purposes.
9.2 Right to access
If you can prove your identity, you have the right
to obtain information about the processing of your personal data. Thus, you have the right to
know the purposes of the processing, the categories of personal data concerned, the categories
of recipients to whom the personal data is transmitted, the criteria used to determine the data
retention period, and the rights that you can exercise on your personal data.
9.3 Right to rectification
Inaccurate or incomplete personal data may
be corrected. It is primarily the responsibility of the User to make the necessary changes in his
"user account" himself, but you can also request this in writing.
9.4 Right to
erasure (or « right to be forgotten»)
You also have the right to obtain the
erasure of your personal data under the following cases:
personal data is no longer necessary for the intended purposes;
You withdraw your consent to the processing and there is no other legal ground
You have validly exercised your right
Your personal data has been unlawfully
Your personal data must be deleted to
comply with a legal obligation.
9.5 Right to limitation of
In certain cases, you have the right to request the limitation of the
processing of your personal data, in particular in case of dispute as to the accuracy of the data,
if the data are necessary in the context of a judicial procedure or the time necessary to Rotary to
verify that you can validly exercise your right to erasure.
9.6 Right to
You also have the right to object at any time to the processing of your
personal data for the purpose of direct marketing, profiling or for the purposes of the legitimate
interest of the controller. Rotary will cease to process your personal data unless it can
demonstrate that there are compelling legitimate reasons for the treatment that prevails over
your right to object.
9.7 Right to data portability
You have the
right to obtain any personal data you have provided us in a structured, commonly used and
machine readable format. At your request, this data may be transferred to another provider
unless it is technically impossible.
9.8 Right to withdraw your consent
You may withdraw your consent to the processing of your personal data at any time, for
example for direct marketing purposes.
To exercise your rights, you must make a written request (mail or email) to the
manager of your club for your authentication (proof of identity) and informing the club of your
request. The club will respond as soon as possible, and no later than one (1) month after receipt
of the request.
Under the General Data
Protection Regulations, Rotary is under an obligation of confidentiality with regard to personal
data processed in connection with the service. This confidentiality obligation applies equally to
Rotary staff and to Processors and their own personnel.
This obligation of confidentiality
takes effect as soon as the storage of the User's backups of data by Rotary is put into service.
This confidentiality obligation does not apply when Rotary is required to disclose
personal data to the supervisory authority, by virtue of a legal provision or judicial decision,
when the information is already known to the public, or where the communication of personal
data has been authorized by the User.
Under the General Data Protection Regulation, Rotary undertakes to implement technical
and organizational measures (hereinafter "the security measures") to protect personal data
against destruction, either by accident, whether unlawfully, against loss, fraud, dissemination or
unauthorized access or against any other form of unlawful processing or use.
security measures guarantee a level of security taking into account the risk that the treatment
entails. In determining the appropriate security measures, the Parties shall take into account the
state of the art, the costs of implementation and the nature, scope, context and purpose of the
processing as well as the risks to the rights and freedoms of the persons concerned.
Rotary strives to make every reasonable effort to ensure that their processing systems and
services meet the requirements of ongoing confidentiality, integrity, availability, and resiliency,
taking into account the state of the art and the costs of implementation. implemented.
Under the General Data
Protection Regulation, Rotary shall notify the User of any personal data breach as soon as
possible and no later than 24 hours after becoming aware of it. This notification is accompanied
by all useful documentation to enable the User, if necessary, to notify this violation to the data
protection authority and / or to the persons concerned. Rotary must communicate to the User
the following information: the nature of the data breach, the categories and the approximate
number of persons involved, the categories and the approximate number of personal data
concerned, the likely consequences of the data breach and measures taken to remedy the data
breach or to mitigate any negative consequences.
At the request of the User, Rotary
notifies the data breach in the name and on behalf of the User to the supervisory authority as
soon as possible and, if possible, not later than 72 hours after finding the violation, unless the
violation in question is not likely to create a risk for the rights and freedoms of natural persons.
At the request of the User, Rotary notifies the data breach in the name and on behalf of
the User to the persons concerned as soon as possible, when this violation is likely to create a
high risk for the rights and freedoms of individuals physical.
The decision whether or not
to inform the data protection authority and / or data subjects of a data breach lies with the User.
A cookie is a small text file placed on the hard
disk of your computer or mobile device when you visit a website. The cookie is placed on your
device by the website itself ("internal cookies") or by partners of the website ("third party
cookies"). The cookie recognizes your device when you return to the site with a unique
identification number, facilitating access to the site without having to re-enter your username
and password, and collect information about your navigation.
On this platform, Rotary
has integrated a software tool for web analytics. Web analytics is the collection and evaluation
of visitor behavior data from websites thus for improving the efficeincy and the quality of the site.
The purpose of the software tool is to analyze visitor flows on the platform. The data
controller uses the data and information obtained, in particular to evaluate the use of the
platform in order to compile online reports presenting the activities on our Internet pages.
improve your visit to our website and to offer you an experience of optimal use. However, you
remain free to delete or limit cookies at any time by changing the settings of your browser.
By enabling or disabling cookies, you must change your browser settings (via the
"preferences" or "options" tab). You can also consult the "help" tab of your browser.
If you are not satisfied with the
processing of your personal data by Rotary, you have the right to lodge a complaint with the
National Data Protection Authority.
solution. In the absence of an amicable resolution, the dispute will be submitted to the courts of
the Canton of Zurich (Switzerland).
Polaris PP-ICE-EN-1.1 - May 2022