Last updated: April 2, 2026

1. Who we are

This Privacy Policy explains how Charity and sponsorship fund “Helping War Victims” / Labdaros ir paramos fondas “Helping War Victims” (“Helping War Victims,” “War Victims Fund,” “we,” “us,” or “our”) processes personal data in connection with this website. The fund’s legal identity, registration code, registered address, and official public contact routes are reflected in the public information used on this site.

Data controller

Charity and sponsorship fund “Helping War Victims”
Labdaros ir paramos fondas “Helping War Victims”
Registration code: 306054239
Registered address: Perkunkiemio st. 19, Vilnius 12120, Lithuania

Privacy contact

privacy@warvictimsfund.com

General contact

contact@warvictimsfund.com

The main language of this website is English. This website may also be published in German, French, Spanish, Portuguese, Arabic, Japanese, Chinese, and Korean.

2. Scope of this Privacy Policy

This Privacy Policy applies to personal data processed through:

• your use of this website;
• your contact with us by email;
• donation-related interactions handled through Stripe-hosted checkout;
• analytics and advertising technologies used on the website, where applicable.

This Privacy Policy does not replace the privacy notices of third-party providers such as Stripe, Google, or Meta. If you interact with their services, their own privacy terms and notices may also apply. Depending on the activity, Stripe may act as a data controller and/or a data processor.

3. Personal data we may process

3.1. Information you provide directly

If you contact us by email, we may process:

• your name, if you provide it;
• your email address;
• the contents of your message;
• any attachments or other information you choose to send.

Please do not send more personal data than is necessary for your request.

3.2. Donation-related information

Donations are processed through Stripe-hosted checkout. This means payment details, including card or other payment method information, are processed by Stripe rather than directly on our website. Stripe processes personal data related to payment services under its own privacy framework and may act as a controller and/or processor depending on the activity.

We may receive limited donation-related information from Stripe where needed for:

• confirming a donation;
• maintaining donation records;
• donor support;
• responding to payment-related questions;
• handling refunds, disputes, or chargebacks where applicable;
• complying with accounting, legal, and regulatory obligations.

Depending on the case, this may include information such as:

• donor name;
• donor email address;
• donation amount and currency;
• transaction date;
• payment status;
• limited billing or payment-related details available to us through Stripe;
• refund, dispute, or support information.

3.3. Website usage information

If analytics or advertising technologies are active on the website, we may process limited technical and usage-related information such as:

• IP-related information;
• browser and device information;
• language preference;
• pages viewed;
• referral source;
• event and session data;
• approximate location derived from technical data;
• cookie identifiers and similar online identifiers;
• campaign, ad, and measurement data.

Personal data can include IP addresses and cookie IDs.

4. How we collect personal data

We may collect personal data:

• directly from you when you contact us;
• from Stripe in connection with donations or donation-related support;
• through technologies deployed on the website, including Google Tag Manager, Google Analytics 4, Google Ads, and Meta Pixel, where applicable and where lawfully used.

5. How we use personal data

We may use personal data to:

• respond to your messages and requests;
• administer donations and donation-related support;
• maintain internal records;
• comply with legal, accounting, tax, and regulatory obligations;
• protect the website and prevent misuse;
• understand how the website is used;
• improve website structure, content, and user experience;
• measure the effectiveness of outreach, analytics, and advertising activities;
• handle disputes, complaints, and related support.

6. Legal bases for processing

Where the GDPR applies, we may rely on one or more of the following legal bases.

6.1. Consent

We rely on consent where required for non-essential analytics and advertising technologies, including the use of Google Analytics 4, Google Ads, and Meta Pixel. Google’s consent documentation notes that website owners should have a mechanism to obtain user consent, such as a banner, and that Google tags should be configured to respect user choices.

6.2. Legitimate interests

We may process certain personal data where necessary for our legitimate interests, including:

• operating and maintaining the website;
• responding to communications;
• ensuring security and abuse prevention;
• improving website structure and content;
• handling donation-related administration and support.

6.3. Legal obligation

We may process personal data where necessary to comply with applicable legal obligations, including accounting, record-keeping, legal, tax, and regulatory requirements.

6.4. Steps taken at your request

Where relevant, we may process data to respond to your request before or in connection with a donation-related support matter.

Privacy information should clearly state the controller, purposes, categories of data, legal basis, retention, recipients, transfers, and rights, and that it should be presented in clear and plain language.

7. Stripe and donations

Donations on this website are processed through Stripe-hosted checkout. Stripe processes payment-related data under its own privacy documentation and may process transaction, device, activity, and support-related data depending on the service and context.

Before making a donation, you may also review Stripe’s own privacy information.

8. Google Tag Manager, Google Analytics 4, Google Ads, and Meta Pixel

8.1. Google Tag Manager

We may use Google Tag Manager to manage and deploy website tags.

Google Tag Manager may collect limited aggregated diagnostics and standard request-log data, but does not otherwise collect, retain, or share information about visitors to customers’ properties for Tag Manager customers’ use. Tags deployed through Tag Manager may collect data depending on how they are configured.

8.2. Google Analytics 4

We may use Google Analytics 4 to understand website traffic, user interactions, page performance, and general site usage.

GA4 JavaScript tags use first-party cookies to distinguish users and sessions. For EU traffic, GA4 does not log or store individual IP addresses, while using IP data for limited location derivation before discarding it.

8.3. Google Ads

We may use Google Ads for campaign measurement, attribution, and advertising-related reporting and optimization, where enabled and lawfully permitted.

Where required by law, relevant advertising and measurement activity should operate in line with valid user consent choices.

8.4. Meta Pixel

We may use Meta Pixel for campaign measurement, ad performance analysis, and audience insights, where enabled and lawfully permitted.

Meta Business Tools include Meta Pixel, and Meta may use cookies and similar technologies on websites and apps that use Meta Products and Business Tools.

9. Cookies and similar technologies

We do not intend to use unnecessary tracking tools beyond the technologies described in this Policy. However, if Google Analytics 4, Google Ads, and Meta Pixel are active on the website, then cookies and/or similar technologies may be used for analytics, measurement, and advertising-related purposes.

GA4 uses first-party cookies. Cookie IDs can also be treated as personal data.

Where required by applicable law, especially for users in the EEA, non-essential analytics and advertising technologies should only be activated after valid consent.

You may be able to:

• accept or decline non-essential technologies;
• withdraw or update your choices later through the consent mechanism made available on the site, where implemented.

10. Recipients of personal data

We may share personal data, where necessary and lawful, with:

• Stripe, for payment processing and related support;
• Google, if Google Tag Manager, Google Analytics 4, or Google Ads are used;
• Meta, if Meta Pixel is used;
• competent public authorities, regulators, courts, or law enforcement bodies where required by law;
• professional advisers or service providers where reasonably necessary and lawfully permitted.

11. International transfers

Because Stripe, Google, and Meta are international service providers, personal data may be transferred to, stored in, or accessed from countries outside Lithuania and, where applicable, outside the European Economic Area.

Where relevant, such transfers may rely on lawful transfer mechanisms used by the relevant provider, such as Standard Contractual Clauses or other recognised safeguards. Stripe participates in the EU-U.S. Data Privacy Framework for relevant data flows.

12. Data retention

We keep personal data only for as long as necessary for the purposes described in this Privacy Policy, including:

• responding to your request;
• administering donations and donor support;
• maintaining records;
• complying with legal and accounting obligations;
• handling disputes, fraud prevention, and security matters where relevant.

Retention periods may vary depending on:

• the type of data;
• the purpose of processing;
• legal and regulatory requirements;
• the settings and practices of the relevant provider.

Personal data should be kept no longer than necessary and limited to what is needed for the stated purpose.

13. Your rights

If the GDPR applies to you, you may have the right to:

• be informed about how your personal data is processed;
• access your personal data;
• correct inaccurate or incomplete personal data;
• request erasure in certain circumstances;
• request restriction of processing in certain circumstances;
• request data portability in certain circumstances;
• object to certain processing;
• withdraw consent at any time where processing is based on consent;
• lodge a complaint with a supervisory authority.

These are core privacy rights available under the GDPR, where it applies.

To exercise your rights, please contact:

privacy@warvictimsfund.com
or
contact@warvictimsfund.com

14. Complaints to a supervisory authority

If you believe that your personal data has been processed in violation of applicable data protection law, you have the right to lodge a complaint with the State Data Protection Inspectorate of the Republic of Lithuania.

State Data Protection Inspectorate
L. Sapiegos str. 17, LT-10312 Vilnius, Lithuania
Email: [email protected]

15. Data security

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, unlawful disclosure, or alteration.

However, no online system can guarantee absolute security. If you contact us by email, please avoid sending unnecessary sensitive personal data.

16. Third-party links and services

This website may contain links to third-party services, including Stripe and services connected to analytics, advertising, or social media. When you leave our website or interact with those services, their own privacy terms, cookie policies, and platform rules may apply.

17. Language versions

This Privacy Policy may be made available in multiple languages for convenience. The English version is the primary version of this Policy. If there is any inconsistency between language versions, the English version should prevail unless applicable law requires otherwise.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time, including if:

• applicable law changes;
• the website tools or service providers change;
• the donation flow changes;
• new processing activities are introduced.

The current version should always be published on this page with its latest update date.

19. Contact

For privacy-related questions, requests, or concerns, please contact:

privacy@warvictimsfund.com

General contact:

contact@warvictimsfund.com