Data Privacy Policy
effective since 01 May 2022
Introduction
This policy encompasses the Real Deal project website, email communications and membership roll.
If you sign up to our events or subscribe to our newsletter we mainly collect this data: First name, last name, e-mail, organisation, position. In some cases, we may collect other information that may be relevant to the event or project.
We collect your data for the following purposes
Mainly to send you our newsletters, information about events and any other information that might be relevant to you. In case of an event, we will use the data provided to share relevant information with you about it. Also we might use information for identification purposes and to carry out the process of registration.
Period of storing your data
We keep your data for the period of time that is strictly necessary and as long as we have your consent. It will be stored until the purpose for which it was processed has been fulfilled or until you tell us to delete your data.
Data Controller
European Movement International (EMI) Place du Luxembourg 2, 1050 Ixelles, Belgium Belgian business registry number: BE0408310216 [email protected]
Data Protection Officer
Alex Pitts
Head of Digital Production, EMI
Partner Organisations
The Real Deal project is comprised of the following consortium of partner organisations. The Data Controller is the only partner organisation with access to personal data and is solely responsible for it.
1. INSTITUTE FOR ADVANCED SUSTAINABILITY STUDIES EV (IASS) established in BERLINER STRASSE 130, POSTDAM 14467, Germany
2. TRILATERAL RESEARCH LIMITED (TRI IE) established in FDW HOUSEBLACKTHORN BUSINESS PARK COES ROAD, DUNDALK LOUTH, Ireland
3. ALLEANZA ITALIANA PER LO SVILUPPO SOSTENIBILE (ASviS) established in VIAFARINI 17, ROMA 00185, Italy
4. ASSOCIATION DES AGENCES DE LA DEMOCRATIE LOCALE (AADL) established in PLACE DES ORPHELINS 1A MAISON DES ASSOCIATIONS, STRASBOURG 67000, France
5. KOZEP-EUROPAI EGYETEM (CEU) established in NADOR UTCA 9, BUDAPEST 1051, Hungary
6. CLIMATE ACTION NETWORK EUROPE ASBL (CAN EUROPE) established in RUE DEDIMBOURG 26, BRUXELLES 1050, Belgium
7. DIALOGIK GEMEINNUTZIGE GESELLSCHAFT FUR KOMMUNIKATIONS UNDKOOPERATIONSFORSCHUNG MBH (DIA) established in LERCHENSTRASSE 22, STUTTGART 70176, Germany
8. MOUVEMENT EUROPEEN (EMI) established in PLACE DU LUXEMBOURG 2, BRUXELLES 1050, Belgium
9. GCF - GLOBAL CLIMATE FORUM EV (GCF) established in NEUE PROMENADE 6,BERLIN 10178, Germany
10. EUROPEAN ENVIRONMENTAL BUREAU (BEE / EEB) established in RUE DES DEUXEGLISES 14-16, BRUXELLES 1000, Belgium
11. FORENINGEN NYT EUROPA (NYT EUROPA) established in NYBROGADE 22, ST. TH.,COPENHAGEN K 1203, Denmark
12. SOLIDAR (SOLIDAR) established in AVENUE DES ARTS 50/5, BRUXELLES 1000, Belgium
13. TECHNISCHE UNIVERSITAT BERLIN (TUB) established in STRASSE DES 17 JUNI 135,BERLIN 10623, Germany
14. STICHTING WAGENINGEN RESEARCH (WR) established in DROEVENDAALSESTEEG 4, WAGENINGEN 6708 PB, Netherlands
15. WOMEN ENGAGE FOR A COMMON FUTURE EV (WECF) established in SANKTJAKOBS PLATZ 10, MUNCHEN 80331, Germany
16. YOUTH AND ENVIRONMENT EUROPE (YEE) established in VINOHRADSKA 2165/48, PRAHA 2 120 00, Czech Republic
1. General information
1.1. The European Movement International (EMI) takes your privacy seriously and manages your data in accordance with the European General Data Protection Regulation (GDPR) and other applicable data protection regulations. This Privacy Policy seeks to inform you, in a transparent manner, about the data we collect, the purpose of collecting it, how long we store it for, the way we use it and the rights you have regarding the processing of such data.
1.2. This Privacy Policy explains how we collect, process and use personal data in connection with the operation of our website and email communications. Personal data comprises of details about your personal or factual circumstances. We process your personal data that we collect, store and use exclusively within the framework of the applicable legal regulations.
1.3. We invite you to read this data privacy policy thoroughly. If you have any other questions, do not hesitate to contact us at the following e-mail address: [email protected].
1.4. By signing up on our webpage, subscribing to our newsletter or registering to our events, you (hereinafter also referred to as Data Subject) will give your consent for the processing of your personal data in accordance with the following terms and conditions. The processing of personal data is necessary for the purposes referred to in this Data Privacy Policy.
1.5. As the data controller, EMI has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through our website. However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every Data Subject is free to transfer personal data to us via alternative means, e.g. by telephone.
2. Processing of personal data and transfer to third parties
2.1. The data controller liable for the use of personal data is The European Movement International (hereinafter also referred to as Data Controller or EMI), address Place du Luxembourg 2, 1050 Brussels, Belgium, e-mail [email protected], Belgian business registry number BE0408310216.
2.2. The Data Controller shall have the right to authorise other persons or institutions (hereinafter also referred to as Authorised Processor) to process the personal data of the Data Subject, provided that the Data Controller and Authorised Processor have entered into an agreement, pursuant to which the Authorised Processor shall be obligated to keep the data to be processed confidential and ensure the performance of obligations arising from the applicable laws to the Authorised Processor.
2.3. The Data Controller shall make an up-to-date list detailing the names, addresses and other contact information of all of the Authorised Processors available to the Data Subject upon the Data Subject’s request.
2.4. Some of the Authorised Processors may use cookies. In any case, they do not receive Data Subject’s personal data from EMI.
2.5. This website uses two sets of cookies: one set that is built in to the NationBuilder platform, and another that accompanies our use of Google Analytics. Both Authorised Processors are GDPR compliant and their cookie and privacy policies can be found below.
2.6. We use Google Analytics, which is a web analysis service from Google Inc., that uses text files which are stored on your device and allow the analysis of your use of the website. We use this service in order to track interest in our campaign over time and across locations. We do NOT collect personal data to this end, other than what the Data Subject provides via membership form.
2.7. The Data Controller currently uses or may use the following third party services that have been authorised as processors. The Authorised Processors have confirmed their status as GDPR compliant. Below are links to their privacy policies, as well as their cookie policies, in which the Data Subject can change their cookie preferences for each processor. · NationBuilder; · NationBuilder cookie policy and consent forms; · Google Analytics; · Google Analytics cookie policy; · Vimeo videos; · Vimeo cookie policy; · Twitter feeds and public information; · Twitter cookie policy; · Public Facebook posts; · Facebook cookie policy; · Overarching Google privacy policy (includes YouTube, reCAPTCHA, Translate, Maps, and Fonts, as well as Analytics where applicable); · Overarching Google cookie policy (includes YouTube, reCAPTCHA, Translate, Maps, and Fonts, as well as Analytics where applicable);
· YouTube videos;
· reCAPTCHA;
· Google Translate;
· Google Maps;
· Google Fonts.
2.8. This personal data is processed on the basis of Article 6(1)(f) GDPR. The protection of our website and the optimisation of our services constitute a legitimate interest of the European Movement International.
2.9. Any information collected by analysing services is anonymous and is carried out within the scope of this privacy policy. It is not possible to establish a connection to a visitor. This is done in particular by anonymising the IP address.
2.10. EMI has no influence on what information will be used with the suppliers and processes, and will not receive any personal information on the service providers. For details, contact the Privacy Policy pages of the Authorised Processors.
3. Personal data processing
3.1. The provision of your personal data is voluntary. You are not legally obliged to make your personal data available to us. If you choose not to make your personal data available to us, this holds no consequences for you, except that you cannot take part in our activities.
3.2. Personal data that you make available to us via our website will only be stored until the purpose for which it was processed has been fulfilled or until you tell us to delete your data.
3.3. Personal data comprises of any information which allows us to identify you. We may collect the following personal or other data from you, depending of the nature of the event or project:
· first name
· last name
· country of residence
3.4. We might ask for the following additional information, due to accreditation requirements or in the case of a specific age-restricted activity:
· date of birth/age;
· passport or ID number and expiry date;
· place of birth;
· residence (full home address).
3.5. NationBuilder may automatically match your profile with your public Twitter or Facebook accounts. This will only access information that is publicly available on those platforms, addressed in their privacy policies listed above.
3.6. We may collect other information that may be relevant to the project or event. In those cases we will ask for specific consent from the Data Subject.
3.7. Please note that photographs may be taken at our events. For networking purposes, we may share the participant list with the attendees and the partner organisations. By registering to our events, you give consent that your photo may be taken and published and your full name, organisation and position may be shared.
3.8. Throughout the process of becoming a member of EMI, we need to collect the following information:
· name of the organisation;
· address;
· legal form of the organisation;
· contact details of the legal representatives and certain employees (full name, e-mail address, telephone number).
4. Purposes for processing the personal data
4.1. We use the personal information provided only to ensure the selected application or performance.
4.2. In the organisation of events, we will use the provided data for identification purposes and for the registration processes. Also for providing you with any further, additional information concerning the event.
4.3. By subscribing to our newsletter, we will use the given data to provide you with our updates, newsletters and campaigns, which are sent to inform you about the Real Deal project and other relevant news and information. Also, we intend to inform you about the upcoming events and to share any other relevant information that is in your interest.
4.4. When registering to our events, participants are given the choice to opt in or out of our contact database, and/or sign up for future email communications.
4.5. Your data will not be shared with any other party, except with the Authorised Processors or if said otherwise. In case of an event your first name, last name, organisation and position might be shared with other participants for networking purposes.
5. Rights of the Data Subject
5.1. If a Data Subject wishes to avail of this right of confirmation, he or she may, at any time, contact us by e-mail [email protected].
5.2. Right of confirmation: Each Data Subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether and which personal data concerning him or her are being processed.
5.3. Right of access: Data Subject has the right to obtain free information about his or her personal data stored at any time and to obtain a copy of this information. Furthermore, the European directives and regulations grant the Data Subject access to the following information:
· the purposes of the processing;
· the categories of personal data concerned;
· the recipients or categories of recipients to whom the personal data have been or will be disclosed;
· where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
· the existence of the right to request from the controller rectification or erasure of personal data, or restriction of processing of personal data concerning the Data Subject, or to object to such processing;
· the existence of the right to lodge a complaint with a supervisory authority.
5.4. Right to rectification: the Data Subject has the right without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the Data Subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
5.5. Right to erasure (Right to be forgotten): Data Subject has the right for the erasure of personal data concerning him or her without undue delay, and the Data Controller shall fulfil the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
· the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
· the Data Subject withdraws consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, and where there is no other legal ground for the processing;
· the Data Subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the Data Subject objects to the processing pursuant to Article 21(2) of the GDPR;
· the personal data have been unlawfully processed;
· the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
· the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.
6.6. If a Data Subject wishes to avail of this right of confirmation, he or she may, at any time, contact us by e-mail [email protected].