Privacy Notice: Use of Personal Data Acquired for Direct Marketing

At Worldreader, we value your privacy and are committed to protecting your personal data. This notice is intended to inform you about how your data is used when we acquired a marketing list from Exact Data.

1. Who we are 

Worldreader is an international non-profit organisation. We champion digital reading in underserved communities to create a world where everyone can be a reader. 

The processing of your personal data is carried out by or on behalf of Worldreader International (known hereafter as ‘Worldreader’). Worldreader is registered in Spain as a Foundation under the Ministry of Education (Registration number 1361). We are also registered in the UK as a Charitable Incorporated Organisation under the Charity Commission  (Registered Charity Number 1158030), in the USA as a 501(c)3 charity (EIN-27-2092468), in Ghana as a Private Company limited by Guarantee (Registration Number D.S.W/5568), in Kenya as an International NGO (Registration number OP.218/051/13-0274/10902)  and in India as a Company limited by shares and not for profit (CIN U74900DL2015NPL288080). 

If you have any questions or concerns regarding this Privacy Notice or our processing of your personal information or want to exercise any of your rights in accordance with the applicable regulations, please contact us at:

C/ Diputación, 211
08011 Barcelona

Or by email at

2. Source of Data: We have acquired temporarily your personal data from Exact Data, a trusted and reputable source of marketing lists. For how we collect and process personal data on an ongoing basis, see Our Privacy Notice for Worldreader Visitors & Donors.

3. Purpose of Data Processing: We process your personal data for marketing purposes, including sending you newsletters to  inform individuals who may have an interest in learning about our activities and financially supporting us.

4. Legal Basis for Processing: The processing of your data for marketing is based on consent obtained by Exact Data to receiving newsletters from us.

5. Sharing of Personal Data. Worldreader will only use your data within Worldreader for the purposes we obtained it. Worldreader will never sell, rent or trade this information to a third party.

We might need to share data with service providers or partners who help us implement our projects and store and manage data. In all cases, Worldreader will continue to be the controller of your data and the service providers will be the data processors that will only act under our instructions. We sign agreements    with all the organisations we share data with to ensure they comply with the applicable data regulations. These partners or service providers will never be allowed to use your data for their own commercial purposes or disclose it to third parties without our consent.  

Worldreader reserves the right to disclose your personal information to third parties if required to comply with any legal obligations (e.g. to inform tax authorities about your donation) or in order to enforce or apply any other agreements or to protect the rights, property or safety of Worldreader, our visitors, subscribers, donors, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Finally, with your written authorisation, we will confirm details of your donations to Worldreader to your employer, so that Worldreader can benefit from your employer’s matching gift commitments. The legal basis for this processing is your consent.

If you want to exercise your right to data portability, please contact us at

6. Data Security: While no data transmission over the Internet is 100% secure, Worldreader takes all available precautions to protect the confidentiality of your personal and financial information in compliance with the applicable data protection regulations.

We ensure that there are appropriate technical controls in place to protect your personal details. For example, our online forms are always encrypted and our network is protected and routinely monitored. 

We use third party vendors to collect and/or process personal data on our behalf. We do comprehensive checks on these companies before we work with them and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they collect on our behalf or have access to.

7. Retention Policy

We will retain information on visitors and donors for a minimum period of 7 years  since their last visit or donation in order to comply with the applicable regulations. If you request us not to send you marketing information, we will keep a record of your contact details and appropriate information to enable us to comply with your request not to be contacted by us. If you want to exercise your right to erasure (“right to be forgotten”), please contact us at

8. Your Rights: Under the General Data Protection Regulation, you have the right to be informed, of access, to rectification, to erasure (“right to be forgotten”), to restrict processing, to data portability, to object and other rights in relation to automated decision making and profiling. You can find detailed information about your rights here.

If you want to exercise your rights, please contact us at  We will respond to an individual request without undue delay and in any event within 30 days of receipt of the request. 

9. Data Protection Officer (DPO): If you have any questions or concerns related to the processing of your data, you can reach our Data Protection Officer at

10. Right to lodge a complaints: We encourage you, in the first instance, to lodge your complaint with us using the contact details in Section 1 above.

You also have the right to make a complaint directly to the relevant data protection supervisory authority link or to seek a remedy through the courts if you believe that your rights have been breached.


19 October 2023