Privacy Policy - Effective Date: May 17, 2018

JCI Europe GDPR & Privacy Policy - Updated 15/08/2019

German Version: https://stepupforeurope.eu/page-private-policy-german.html

Privacy Notice

The ‘Controller’ of the personal data you provide to us is:

JCI Europe e.V.

Breite Strasse 29

10178 Berlin, Germany

Phone: +49 (0)30 20 308 1527

Email: [email protected]

Website: https://europe.jci.cc/

 JCI Europe also contains local branches, for the purposes of clarity, references to JCI Europe below include all branches of JCI Europe as well as the Board of Officers. We are committed to the security of your data. If you have any questions, please reach out to us.

Legal basis for the processing of personal data.

Legal basis for the processing of personal data is Article 6(1)(f) of the GDPR providing that processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

What data do we collect?

Each time you access our website, our system automatically collects data and information from the computer system of the accessing computer. 
The following data is collected:

  • Information about the browser type and the version used
  • The user's operating system
  • The IP address of the user (anonymised)
  • Date and time of access
  • Websites from which the user's system accesses our Website 
  • Websites accessed by the user's system through our Website
The data are stored in the log files of our system. These data are not stored together with other personal data of the user.
 

We further collect and process the following data that general users provide us with voluntarily if they fill in the contact form on our website:

  • Personal identification information (name, email address)

Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session. 

The data is stored in log files in order to ensure the functionality of the website. The data is also used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. 

We use your basic personal data in order to reply to any of your requests. We will not collect any personal data from you that we do not need . For the contact form the data we collect is required to verify your identity and respond to your request.

Website Cookies

We use so-called session cookies to ensure the proper functioning of the website. Session cookies are automatically deleted after the end of your visit. We do not set site preference cookies, third-party cookies or track personal details.

Legal basis for the processing of personal data using cookies is Article 6(1)(f) of the GDPR.

How we store data in JCI Europe

Website

Our data is encrypted and stored on servers located within Ireland, provided by AWS. Further information on the AWS GDPR policy may be found here https://aws.amazon.com/privacy/. No third parties have access to your personal data unless the law allows them to do so. Any personal data submitted through the website is done on an opt-in basis, provided at the time of data submission.

Google Drive

All data that you provide us with through the contact form is stored on Google Drive. Google Drive is fully GDPR compliant and is part of Google’s cloud platform, which is covered by Google GDPR compliance (https://privacy.google.com/businesses/compliance/).

How long do we keep your data?

JCI Europe does not keep your personal data longer than necessary for the processing of your request. Your personal data will be erased as soon as the purpose of storage no longer applies and after a time period of maximum two years.

In the case of the collection of data to provide the website, the data will be erased when the respective session is terminated. With regard to data stored in log files, this is the case after seven days at the latest. A storage going beyond this is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the user is no longer possible.

Security & Authentication

All personal data stored on Google Drive is protected by secure login and 2-step verification, which greatly reduces the risk of unauthorized access by asking users for additional proof of identity when logging in.

What are your data protection rights?

Under GDPR, you have the following rights:

  • Right to be informed: You have the right to be informed about the collection and use of your personal data.
  • Right to access: You have the right to request copies of your personal data.
  • Right to rectification: You have the right to request that we correct any information you believe is inaccurate. You also have the right to request to complete information you believe is incomplete.
  • Right to erasure: You have the right to request that we erase your personal data, under certain conditions.
  • Right to restrict processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • Right to object to processing: You have the right to object to the processing of your personal data, under certain conditions.
  • Right to data portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
  • Right not to be evaluated based on automated processing: You have the right not to be subject to a decision that is based solely on automated processing and which significantly affects you.

If you make a request, we will reply without undue delay and within one month of the receipt of the request. If you would like to exercise any of these rights, please contact us at our email: [email protected].

Repeat requests

In the case that requests are unfounded or excessive, in particular in the case of repeat requests, we will charge a €6.35 administration fee for each repeat request for the same data. This is to cover the administration costs of multiple requests, as provided for in Article 15 of the EU GDPR policy https://gdpr-info.eu/art-15-gdpr/

Privacy Policies of other websites

This website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Changes to our privacy policy

JCI Europe keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 15 August 2019.

How to contact us

If you have any questions about JCI Europe’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection right, please do not hesitate to contact us via email at [email protected]

How to contact the appropriate authority.

Should you wish to report a complaint or if you feel that JCI Europe has not addressed your concern in a satisfactory manner, you may contact the competent supervisory authority:

Berliner Beauftragte für Datenschutz und Informationsfreiheit (The Commissioner for Data Protection and Freedom of Information in Berlin)

Friedrichstrasse 2019

10969 Berlin, Germany

+49 (0)30 13889-0

[email protected]