Personal Data Protection
Your personal data is important both to you and to us as an organisation. That's why we are committed to working with you to make sure you always know what data we hold about you, how we process it and what rights you have over it. We invite you to read the information provided on this page and feel free to contact us if you have any questions or concerns.
What data do we collect?
In general, we process personal data in the following situations: application forms for projects/activities, application forms for volunteering or employment, contact details for newsletters and communications/news; applications for scholarships, summer schools, workshops or conferences
Data processed usually includes: contact details such as email, phone, social media account; full name; address (if there are programmes where you are to receive materials from us, by post or courier), sometimes date of birth (in programmes where there are age eligibility criteria) or answers to questions that help us to carry out the selection of participants where there is competition and a selection process respectively;
On an anonymised level, we use Google Analytics to evaluate the traffic on our websites, but without being able to personally identify visitors. It analyses at a collective level information such as: time spent on the site, most visited pages, country of origin, etc..;
How do we get the data?
We process directly only data that you submit to us (e.g. through a registration form or online application) and only with your consent (expressed through opt-in, by ticking boxes expressing your consent, which are never pre-ticked by us);
Before collecting any personal data, we inform you and ask for your consent. We do not collect your data from third parties, we do not buy your data, we do not buy databases from partners and we do not sell them.
Data collection must always have a legal basis. Thus, we collect your data on the basis of: consent expressed by you, legitimate interest, legal or contractual obligations.
How do we use the data?
We use your data for the purposes we mention in this procedure, as follows: database administration, managing recruitment and selection processes for all our programmes, archiving, fulfilling legal obligations, sending newsletters and news emails, general communication, volunteer management, management of external scholarships, such as FLEX scholarships (in which case your data may be transferred to the partners hosting the scholarship in which you are going to participate);
When you benefit from our activities that are funded by external grants, we are usually obliged to archive your data for up to 5 years. This data will be used strictly for archiving or/and the purposes for which you have already given your consent;
What rights do YOU have?
You can ask us, via e-mail or telephone, to update your data or to carry it over, depending on the case. In time, all this will be able to happen automatically online, directly from our website;
You can ask us to tell you what personal data we currently hold about you. You can expect us to have strictly the data you yourself have provided us with, for example by filling in an application form for one of our projects or after we have met at a trade fair or conference;
You have the right to request the deletion and destruction of personal data we hold about you. However, in some cases this request may also mean withdrawing from a particular activity (e.g. if you ask us to delete your data during a selection process or while you are benefiting from an ongoing programme, we will consider that you have withdrawn from that process because we would otherwise be unable to process your application or participation in the programme). This request cannot be made when data is processed under legal obligations;
Where do we store your data?
We use the following services to store your data: Google Apps / Drive, Dropbox, MailChimp. Your data is in the cloud and we make sure it is protected at high levels of security. For example, Dropbox uses file encryption at a banking security level;
We store your data strictly for the purpose for which you have given us permission to collect it, and access to it is given only to people who have direct duties in achieving that purpose. We do not sell databases to third parties or partners.
We store data on paper only when this is mandatory or strictly necessary. For example, for accounting purposes in the case of an invoice we have made to you for transport or if you have ever sent us a paper application; in other cases where we need to print out some data stored online, this is used for a very short period of time, strictly for the purpose mentioned and then destroyed in the office shredding machine.
Our commitment to you
We want to have a relationship based on mutual trust. To this end, we are committed to protecting your personal data and using it strictly for the purpose for which you have entrusted it to us and encourage you to contact us if anything is unclear to you;
Before using a service to collect/store/process your data, we will check that it complies with the European Union GDPR Regulation. We are committed to only using services that comply with European law;
We believe that you give us your data because you trust us so we will not sell or transfer it without your consent to another organisation, use it for illegitimate purposes or for which you have not given your consent;