Because we take your privacy very seriously at NGI, we summarise below the most essential information about how we process your personal data.
We collect your personal data when you visit our website, subscribe to our newsletter, register for one of our events, and when you collaborate or communicate with us. We mainly process your identity and contact details (such as your e-mail address).
We use your personal data solely for the purpose for which you provided it, such as making our website available to you, sending our newsletter if you are subscribed, organizing our events, and communicating with you to collaborate with you or to answer your question or request.
We collect and use your personal data when you:
- Use our website (ngi.eu);
- Work with us or communicate with us in that context;
- Communicate with us by e-mail, phone or any other digital communication channel;
- Subscribe to our newsletter;
- Register for one of our events.
2. Who are we?
In certain circumstances, third parties may (also) be responsible for the processing of your personal data. For example, if you click on a link and leave our website. In that case, we recommend that you consult the privacy policies of these third parties. In particular,
3. Which personal data do we process and why?
WHEN YOU USE OUR WEBSITE
When you visit our website, we process personal data about you (e.g. in our server log files). The personal data we process is mainly technical information such as (1) the browser types and versions used, (2) the operating system used, (3) the website from which you reach our website (so-called referrers), (4) the sub-websites, (5) the date and time of access, (6) an IP address, and (7) the ISP.
We use this technical information (1) to deliver the content of our website correctly, (2) to ensure the most fault-free operation of our website and (3) to detect and prevent malware, illegal content and conduct and other forms of potential abuse.
We rely on our legitimate interest in keeping our online presence safe.
WHEN YOU SUBSCRIBE TO OUR NEWSLETTER
When you subscribe to our newsletter, we process (1) your e-mail address, (2) an IP address, (3) the date and time of your subscription (4).
We use this information (1) to send a confirmation e-mail, (2) to send you our newsletter, and (3) to keep track of our newsletters (i.e. whether you opened the newsletter or clicked on a link in the newsletter) and to improve future newsletters.
We rely on your consent for this. You can withdraw your consent (i.e. unsubscribe from our newsletter) at any time by clicking the “unsubscribe” link at the bottom of our newsletter. When you unsubscribe from our newsletter, we will delete your e-mail address from our mailing list.
We use MailerLite to send our newsletters and manager our mailing list. MailerLite has technical and organizational measures in place to ensure that your personal data is adequately protected. We have concluded a Data Processing Agreement (DPA) with MailerLite. You can review the DPA here.
WHEN YOU REGISTER FOR AN EVENT
When you register for an event, we process (1) the identity and contact details provided by you to us, (2) your e-mail address, and (3) other information that is required to complete your registration for the event in question.
We use this information (1) to process your registration and prepare, organize and secure our events, and (2) to evaluate the event and improve future events.
We rely either on (1) our agreement with you by your acceptance of the applicable terms and conditions or (2) our legitimate interest to be able to organize interesting events or to promote the NGI initiative.
WHEN YOU WORK WITH US
When you work with us (e.g. if you were a speaker at one of our events or if we have had contact with you as a journalist to highlight the NGI initiative), we process (1) the identity and contact details provided by you to us, (2) your e-mail address, and (3) in some cases, the name of the organization you work for and your job title.
We use this information to contact you for (future) collaborations, opportunities or events.
We rely either on (1) our agreement with your or (2) our legitimate interest in building up our network of contacts.
WHEN YOU COMMUNICATE WITH US
When you communicate with us, we process (1) the identity and contact details provided by you to us, (2) the content of the communication, and (3) the technical details of the communication itself (e.g. date and time).
We use this information to enable communication between you and us.
We rely on our legitimate interest in being able to respond to requests, questions or comments or to contact you proactively for questions of any kind.
IN ALL OF THE ABOVE CASES
The above-mentioned personal data can also be used for the following purposes:
- To comply with our legal obligations or to comply with any reasonable request from competent police authorities, judicial authorities, government institutions or bodies, including competent data protection authorities. We rely on our legal obligation for this.
- To prevent, detect and combat fraud or other illegal or unauthorized activities. We rely on our legal obligation for this.
- To defend us in legal proceedings. We rely on our legitimate interest in using your personal data in these proceedings.
- To inform a third party in the context of a possible merger with, acquisition of/by or demerger by that third party, even if that third party is located outside the EU. We rely on our legitimate interest in entering into business transactions.
4. With whom do we share your personal data?
In principle, we do not share your personal data with anyone other than the persons who work for us, as well as with the NGI4ALL.E project partners and with the suppliers who help us process your personal data. Anyone who has access to your personal data will always be bound by strict legal or contractual obligations to keep your personal data safe and confidential. This means that only the following categories of recipients will receive your personal data:
- Your employer or business partners, but only when this is necessary for the purposes mentioned above (e.g. when your employer is our supplier or customer);
- Our employees and suppliers; and
- Government or judicial authorities to the extent that we are obliged to share your personal data with them (e.g. tax authorities, police or judicial authorities).
We do not transfer your personal data outside the European Economic Area (EEA) (the European Economic Area consists of the EU, Liechtenstein, Norway and Iceland). We will only transfer your personal data outside the EEA if you or your employer, as a customer or supplier, have offices outside the EEA with which we need to communicate. If a transfer were to take place, we will take sufficient safeguards to protect your personal data during the transfer (e.g. by entering into an agreement based on standard data protection clauses approved by the European Commission).
The NGI initiative is a project funded by the European Commission, meaning that it is a possible that another (consortium of) partner(s) will take over the NGI initiative in the future as a result of a new funding round. In that case, your personal data may be transferred to the new (consortium of) partner(s) in order to ensure the continuity of the NGI4ALL.E project and after you have been informed thereof.
5. How long do we keep your personal data
Your personal data will only be processed for as long as necessary to achieve the purposes described above or, when we have asked you for your consent, until you withdraw your consent. As a general rule, we will de-identify your personal data when it is no longer needed for the purposes described above or when the maximum legal retention period has expired. However, we cannot delete your personal data if there is a legal or regulatory obligation or a court or administrative order preventing us from doing so.
We retain all personal data collected through our website for as long as necessary to protect the legitimate interests stated above. We retain technical information such as our server log files until 6 months after your visit to our website, after which it will be deleted or de-identified. We retain all personal data related to an event until 2 years after the event.
All personal data we collect through our interactions with you through telephone, email or other digital communication channels will be retained for as long as necessary to communicate with you, but also to maintain a historical record of our communications. This allows us to return to previous communications when you come back to us with new questions, requests, comments or other input.
6. How do we keep your personal data secure?
The security and confidentiality of the personal data we process is very important to us. That is why we have taken measures to ensure that all personal data processed is kept secure. These measures include technical and organizational measures to protect our infrastructure, systems, applications and processes. We’ve also taken other measures, such as taking internal policy measures, limiting the processing to the personal data necessary for the fulfilment of the purposes and minimizing the processing of personal data.
7. Your rights regarding your personal data
You have certain rights related to the processing of your personal data: the right of access, rectification, erasure, and data portability as well as the right to object to or limit the processing of your personal data and to withdraw your consent. To exercise one of your rights, you can submit a written request to [email protected] stating the right to which your request relates. You can also submit your request via our GDPR form here. If you are still dissatisfied, you have the right to contact the competent data protection authority.
9. How can you contact us?
Should you have any further questions about the processing of your personal data, please do not hesitate to contact us at [email protected].