Privacy Notice

Please scroll down to view the Privacy Notice concerning the GPA Mobile Application.

Privacy Notice: Website

Last updated: 20 October 2020

  1. GENERAL
    1. It is of utmost importance to the European Parliamentary Forum for Sexual & Reproductive Rights ("EPF", "we", "us") to protect the personal data of our members and partners.
    2. This privacy notice ("Notice") explains the nature, extent, and purposes of the processing of visitors' personal data when using the European Parliamentary Forum for Sexual & Reproductive Rights Website (" Website", "EPF Website").
    3. The Website provides a platform for EPF members ("user", "users", "you", "your") to access information on what EPF does, who its members are, how it operates, and which research outputs it produces.
    4. We comply with the applicable data protection laws, in particular, the EU General Data Protection Regulation 2016/679 ("GDPR") concerning the protection, lawful processing and confidentiality of personal data provided through the Website.
  2. Who are we and how to contact us

EPF is a not for profit organisation with its registered office at Rue Montoyer, 23 1000 Brussels, Belgium. If you have any comments, concerns, complaints or questions regarding this Notice or how we use your personal data please contact us at secretariat@epfweb.org.

  1. WHAT PERSONAL DATA DO WE COLLECT, FOR WHICH PURPOSES, AND ON WHICH LEGAL BASIS DO WE PROCESS IT?
    1. When you use the EPF Website, you may be asked to provide the following categories of personal data:
      1. Your contact information, such as your first name, surname, email address, when you choose to sign up to the newsletter. If you sign up to the newsletter on someone else’s behalf, you must have their authority to provide such personal data to us, to enable us to use it as set out in this Notice. Prior to providing any personal data relating to another individual you must provide them with a copy of this Notice.
      2. Special categories of Personal Data. In certain circumstances, where required by law or where you have provided your consent, we may collect special categories of your personal data (i.e. information relating to your political opinions or philosophical beliefs, data concerning health or data concerning sexual orientation).  

When you participate in campaigns, petitions or provide comments, you consent to your political opinions or philosophical beliefs being made available to members of the public as set out in this Notice.

Our signed petitions and "calls to action" are made available to the public and sent to specified politicians as set out in the relevant document. As a signatory to a petition or "call to action", you acknowledge and consent to making any special category personal data included in the relevant document available for use by us as set out in this Notice.

We are not able to include anonymous support on petitions or campaigns. Therefore if you do not want your name included or affiliated with a petition, campaign or "call to action" we ask that you do not sign-up. If you have signed up to a petition and subsequently change your mind and would like to withdraw your support please contact us at secretary@epfweb.org and we will remove your name.

    1. When you use the Online Services and Website, we may also automatically collect the following information about your use of such services:
      1. Data relating to access to and use of our Website, such as usage metrics (including usage rates, occurrences of technical errors, diagnostic reports, settings preferences, backup information, API calls, and other logs), content interactions (including searches, views, downloads, prints, shares, streams, and display or playback details), and user journey history (including clickstreams and page navigation, URLs, timestamps, content viewed or searched for, page response times, page interaction information (such as scrolling, clicks, and mouse-overs), and download errors), advertising interactions (including when  and how you interact with marketing and advertising materials, click rates, purchases or next steps you may make after seeing an advertisement, and marketing preferences), and similar data.
      2. Online identifiers, such as network and connection information (including Internet Service Provider (ISP) and Internet Protocol (IP) addresses), device and browser identifiers and information (including device, application, or browser type, version, plug-in type and version, operating system, user agent, language and time zone settings, and other technical information), advertising identifiers, cookie identifiers and information, and similar data.

In some cases we aggregate and anonymise this data for our own internal analysis and statistical purposes, including to identify trends and ways to further develop or services.

We retain personal data in accordance with our legal and regulatory obligations. We calculate retention periods based upon and reserve the right to retain personal information for the periods that the personal information is needed to: (a) fulfil the purposes described in this Notice, (b) meet the timelines determined or recommended by regulators, professional bodies, or associations, (c) comply with applicable laws, legal holds, and other legal obligations (including contractual obligations), and (d) comply with your requests.

  1. The Purposes and Legal Bases on which we process your Personal Data
    1. To provide our services

When you access the Website and accept the terms and conditions [Note to EPF: insert link to terms and conditions.][RS1] , it is important that if you do not agree with the terms and conditions or the way in which we use your personal data that you do not use the Website.

    1. For analytical purposes and to improve our Website services

It is in our legitimate interest to continue to develop the Website so that it is designed to best serve you. In order to do this we use information collected automatically through the website, such as online identifiers and information about the way in which you interact with the Website.

    1. To comply with our legal and regulatory obligations and requests anywhere in the world

It is in our legitimate interest, where there is a law in a non-European Member State with which we need to comply, to retain certain categories of your personal data such as your contact information, in order to comply with such legal and regulatory obligations.

We may also retain such personal data in order to comply with a legal or regulatory obligation under European Member State Law.

If you would like further information about any of the ways in which we process your personal data please contact us at secretariat@epfweb.org.

  1. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
    1. We will share your personal data with other users to the extent necessary to provide our services. Such data includes but is not limited to your name, surname, contact details, details of events you are attending, and petitions you have signed.
    2. We entrust your personal data to the extent necessary to the following external service providers (data processors) that support us with the performance of our services:
  • IT-service providers and/or providers of data hosting solutions or similar services;
  • Other service providers, providers of tools and software solutions that support us with the performance of our Online Services and operate on our behalf.

All our data processors process the personal data only on our behalf and on the basis of our instructions so that we can provide you with our online services. Save as set out in this Notice, we do not sell or share your personal data with third parties.

    1. Apart from that, we transmit your anonymised data to the extent necessary to the following recipients:
  • EPF official staff, solely for the purpose of providing good quality services via the Website and ensuring its stability.
  • Potential third parties that are participating in the provision of services for the fulfilment of our contractual obligations (e.g. IT support);
  • Authorities, courts and other public entities to the extent legally necessary (e.g. financial authorities).
  1. IS THE PERSONAL DATA TRANSFERRED OR PROCESSED OUTSIDE THE EU?

We will not routinely transmit your data outside of the European Union (EU) or the European Economic Area (EEA). In case such transmission is necessary, EPF will notify Users about such transfer and shall ensure that any international transfers of personal data are implemented in accordance with appropriate safeguards and in accordance with applicable data protection laws.    

  1. HOW LONG DO WE STORE THE PERSONAL DATA?
    1. We store your personal data for as long as is necessary for the purposes as set out in this Notice and in accordance with our legal obligations.  
    2. We store and process anonymised user data for archiving purposes in the public interest, scientific research, statistical or other purposes.
    3. In some circumstances it may also be in our legitimate interest to retain personal data for such periods as required in order to:
      1. enforce, clarify, defend or establish a legal claim between a user and us and until such time as the definitive clarification of an incident or legal dispute; or
      2. respond to requests from government administrations and courts in the exercise of their functions and to defend ourselves against possible claims.
  2. WHICH DATA PROTECTION RIGHTS DO USERS HAVE?

Under applicable data protection laws, including the GDPR, you have a number of rights, including:

      1. Right of access: you have the right to obtain from us confirmation of whether or not we are processing your personal data and where we are, you are entitled to a copy of such personal data and certain other details about our processing of such personal data. You can make a request for access to any of your personal data we are processing free of charge by contacting us.
      2. Right of rectification: it is your responsibility to keep your personal data up to date. If any of your personal data changes, such as your contact information, please contact us as soon as possible to let us know to update our records. In addition, if you become aware that any information we hold about you is inaccurate, you have the right to request that we rectify any mistakes or complete any incomplete personal data we store.
      3. Right of erasure: in certain circumstances, you have the right to request that we erase any personal data of yours that we hold. We are only required to comply with such a request in certain circumstances – if you would like to make such a request, please contact us to discuss whether we can comply.
      4. Right to restrict processing: in certain circumstances, you have the right to restrict how we process your personal data. Again, we are only required to comply with such a request in certain circumstances-– if you would like to make such a request, please contact us to discuss whether we can comply.
      5. Right to data portability: in certain circumstances you have a right to (i) receive from us any of your personal data we hold, in a structured, commonly used and machine-readable format; and (ii) transmit such personal data to another data controller without interference from us. As with the above, we are only required to comply with such a request in certain circumstances-– if you would like to make such a request, please contact us to discuss whether we can comply.
      6. Right to object: in certain circumstances you can object to our processing of your personal data, such as where our processing is based on your consent or our legitimate interest. As with the above, we are only required to comply with such a request in certain circumstances-– if you would like to make such a request, please contact us to discuss whether we can comply.
      7. Right to withdraw consent: where we process your personal data on the legal basis of consent, you may withdraw your consent at any time. Where you withdraw your consent, such withdrawal with not affect the lawfulness of our processing based on consent prior to such withdrawal.
      8. Right to complain: if you are unhappy about how we have processed or are processing your personal data, please contact us in the first instance and we will try our best to resolve the issue. If we are unable to resolve the issue, or if you do not wish to raise the issue with us directly, you have the right to complain to the relevant competent supervisory authority.

Our contact details are:

European Parliamentary Forum for Sexual & Reproductive Rights
secretariat@epfweb.org
Rue Montoyer 23
1000 Brussels, Belgium
Phone: +32 (0)2 500 86 50

  1. HOW DO WE SECURE THE PERSONAL DATA?

We have implemented appropriate technical and organisational security measures considering the risks, and we guarantee an appropriate data protection level, especially to protect personal data against accidental or unlawful destruction, alteration or against loss and against unauthorised disclosure or unauthorised access. Our security measures include:

      1. The use of secure and proven solutions for database service, server website, web container, user interface and integration.
      2. System design and implementation procedures based on good practices and guidelines to protect the system against the most common attacks.
      3. Systematic anonymisation or deletion of personal data, which is no longer necessary for the purposes for which they were collected and processed.
  2. AMENDMENTS OF OUR PRIVACY NOTICE FOR USERS AND ADMINISTRATORS

This Notice was last updated on the date set out above. We reserve the right to update and change this Notice from time to time as required to reflect any changes to the way in which we process your personal data or changing legal requirements. Any amended Notice will apply from the date it is posted on our Website or made available to you.

Privacy Notice: GPA Mobile Application

Last updated: 15 November 2020

  1. GENERAL
    1. It is of utmost importance to the European Parliamentary Forum for Sexual & Reproductive Rights ("EPF", "we", "us") to protect the personal data of our members and partners.
    2. This privacy notice ("Notice") explains the nature, extent, and purposes of the processing of members’ and partners' personal data (including personal data provided to us on behalf of other people) when using the Global Parliamentary Alliance Mobile Application ("GPA Mobile", "App").
    3. GPA Mobile provides a platform for EPF members ("members", "user", "users", "you", "your") to network, communicate and share knowledge with each other.
    4. We comply with the applicable data protection laws, in particular, the EU General Data Protection Regulation 2016/679 ("GDPR") concerning the protection, lawful processing and confidentiality of personal data provided through GPA Mobile. Under certain data protection laws, we are a controller. As a controller we make decisions on the purposes and means of processing personal data in the App.
  2. Who are we and how to contact us

EPF is a not for profit organisation with its registered office at Rue Montoyer, 23 1000 Brussels, Belgium. If you have any comments, concerns, complaints or questions regarding this Notice or how we use your personal data please contact us at GPAapp@epfweb.org.

  1. WHAT PERSONAL DATA DO WE COLLECT, FOR WHICH PURPOSES, AND ON WHICH LEGAL BASIS DO WE PROCESS IT?
    1. When you register on the GPA Mobile App and create a personal account for the use of any of our online services, you may be asked to provide the following categories of personal data:
      1. Your contact information, such as your first name, surname, affiliated organisation/employer, [function/job title], phone, email address, social media account information (i.e Twitter handle) and country of residence.
      2. Personal data about authorised delegates. In certain circumstances you may also  provide the contact details (such as first name, surname and email address) of up to two of assistants who can be contacted on your behalf via the contact list “GPA Community”. Assistants can have their own user accounts and can also manage their Parliamentarian’s account provided they are authorised to do so by their Parliamentarian.  
      3. Special categories of Personal Data. In certain circumstances, where required by law or where you have provided your consent, we may collect special categories of your personal data (i.e. information relating to your political opinions or philosophical beliefs, data concerning health or data concerning sexual orientation).

When you participate in campaigns, petitions or author messages in the forums in the GPA Mobile App you consent to your political opinions or philosophical beliefs being made available to other users of the App and made available to members of the public as set out in this Notice.

Our signed petitions and "calls to action" are made available to the public and sent to specified politicians as set out in the relevant document. As a signatory to a petition or "call to action", you acknowledge and consent to making any special category personal data included in the relevant document available for use by us as set out in this Notice.

We make our events attendance and interested list available to other attendees and interested users. Therefore when you register to attend our events (both in person or online) your name will be added to the attendance list. If you would prefer that your name does not appear on an attendance list do not indicate your attendance or interest.

We are not able to include anonymous support on petitions or campaigns. Therefore if you do not want your name included or affiliated with a petition, campaign or "call to action" we ask that you do not sign-up. If you have signed up to a petition and subsequently change your mind and would like to withdraw your support please contact us at GPAapp@epfweb.org and we will remove your name.

In connection with the registration for and provision of access to an event or seminar, we may ask for information about your health for the purpose of identifying and being considerate of any disabilities or special dietary requirements you may have.

      1. Your image, such as still profile pictures or other shared images. Your profile picture will be displayed in your profile on the GPA Mobile App contact list and will be visible to us and other users of the App. If you decide to share images on the forum of an event, these will be visible to other invited and attending users of the App.

We may also take videos at events or record webinars which we may republish on our website or through other media channels as promotional material. We will let you know at the time if we will be recording any events. If you do not wish to be included in such recordings please let us know. 

    1. When you use the Online Services and the GPA Mobile App, we may also automatically collect the following information about your use of such services:
      1. Data relating to access to and use of our App, such as usage metrics (including usage rates, occurrences of technical errors, diagnostic reports, settings preferences, backup information, API calls, and other logs), content interactions (including searches, views, downloads, prints, shares, streams, and display or playback details), and user journey history (including clickstreams and page navigation, URLs, timestamps, content viewed or searched for, page response times, page interaction information (such as scrolling, clicks, and mouse-overs), and download errors), advertising interactions (including when and how you interact with marketing and advertising materials, click rates, purchases or next steps you may make after seeing an advertisement, and marketing preferences), and similar data.
      2. Online identifiers, such as network and connection information (including Internet Service Provider (ISP) and Internet Protocol (IP) addresses), device and browser identifiers and information (including device, application, or browser type, version, plug-in type and version, operating system, user agent, language and time zone settings, and other technical information), advertising identifiers, cookie identifiers and information, and similar data.

In some cases we aggregate and anonymise this data for our own internal analysis and statistical purposes, including to identify trends and ways to further develop or services.

We retain personal data in accordance with our legal and regulatory obligations. We calculate retention periods based upon and reserve the right to retain personal information for the periods that the personal information is needed to: (a) fulfil the purposes described in this Notice, (b) meet the timelines determined or recommended by regulators, professional bodies, or associations, (c) comply with applicable laws, legal holds, and other legal obligations (including contractual obligations), and (d) comply with your requests.

  1. The Purposes and Legal Bases on which we process your Personal Data
    1. To provide our services

We use your contact information, information about authorised delegates to provide you with our services pursuant to our terms and conditions, including accessing the GPA Mobile App, communicating with you about registering and facilitating your attendance at events, signing petitions, joining campaigns and providing a contact list to other members and partners.

When you download the GPA Mobile App and accept the terms and conditions: https://www.epfweb.org/node/685 , it is important that if you do not agree with the terms and conditions or the way in which we use your personal data that you do not use the GPA Mobile App.

Please note: It is completely optional for you to provide any information about your political opinions or other special category personal data, including through public participation in petitions, comments on the App’s forum functionality or by attendance at our events. When you provide this information you consent to your information being used and made available to other participants using the GPA Mobile App. Only petitions will be shared with the public in the form of press releases and social media coverage to increase attention to the cause in accordance with this Notice. If at any time you do not want your special category personal data to be used in this way you can contact us as at GPAapp@epfweb.org and ask us not to use your special category personal data for this purpose. Where you withdraw your consent, such withdrawal will not affect the lawfulness of our processing based on consent prior to such withdrawal.

    1. To publish your feedback on events and comments made in our App

We may publish your comments and feedback made through the App or in relation to events offered through the App, your contact information, your image, comments made, political opinions and other special category personal data where you have provided your explicit consent. You will be personally asked for consent on a case by case basis.

If you have attended an event and provided feedback or comments, we may ask for your consent to publish the comments and feedback on our website and attribute such comments to you. Any consent to publish such messages or feedback will be obtained on a case-by-case basis.

    1. For analytical purposes and to improve our App services

It is in our legitimate interest to continue to develop the GPA Mobile App so that it is designed to best serve you. In order to do this we use your contact information and information collected automatically through the App, such as online identifiers and information about the way in which you interact with the GPA Mobile App.

    1. To comply with our legal and regulatory obligations and requests anywhere in the world

It is in our legitimate interest, where there is a law in a non-European Member State with which we need to comply, to retain certain categories of your personal data such as your contact information, and comments you make in order to comply with such legal and regulatory obligations.

We may also retain such personal data in order to comply with a legal or regulatory obligation under European Member State Law.

We may also be required to retain certain information including your special category personal data where it is necessary for the establishment, exercise or defence of legal claims.

If you would like further information about any of the ways in which we process your personal data please contact us at GPAapp@epfweb.org.

  1. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
    1. We will share your personal data with other users to the extent necessary to provide our services. Such data includes but is not limited to your name, surname, contact details, details of events you are attending, and petitions you have signed.
    2. We entrust your personal data (if applicable, also the personal data you provide us with from other persons, i.e. assistants) to the extent necessary to the following external service providers (data processors) that support us with the performance of our services:
  • Professional translators;
  • IT-service providers and/or providers of data hosting solutions or similar services;
  • Other service providers, providers of tools and software solutions that support us with the performance of our Online Services and operate on our behalf.

All our data processors process the personal data only on our behalf and on the basis of our instructions so that we can provide you with our online services. As set out in this Notice, we do not sell or share your personal data with third parties.

    1. Apart from that, we transmit your personal data to the extent necessary to the following recipients:
  • EPF official staff, solely for the purpose of providing good quality services via the GPA Mobile App and ensuring its stability.
  • Potential third parties that are participating in the provision of services for the fulfilment of our contractual obligations (e.g. IT support);
  • External third parties based on our legitimate interests to the extent necessary (e.g. auditors and tax consultants, insurance providers in case of insured events, legal representatives in case of incidents, courts and competent authorities); and
  • Authorities, courts and other public entities to the extent legally necessary (e.g. financial authorities).
  1. IS THE PERSONAL DATA TRANSFERRED OR PROCESSED OUTSIDE THE EU?

We will not routinely transmit your data outside of the European Union (EU) or the European Economic Area (EEA). In case such transmission is necessary, EPF will notify Users about such transfer and shall ensure that any international transfers of personal data are implemented in accordance with appropriate safeguards and in accordance with applicable data protection laws.    

  1. HOW LONG DO WE STORE THE PERSONAL DATA?
    1. We store your personal data for as long as is necessary for the purposes as set out in this Notice and in accordance with our legal obligations.  
    2. We store and process anonymised user data for archiving purposes in the public interest, scientific research, statistical or other purposes.
    3. In some circumstances it may also be in our legitimate interest to retain personal data for such periods as required in order to:
      1. enforce, clarify, defend or establish a legal claim between a user and us and until such time as the definitive clarification of an incident or legal dispute; or
      2. respond to requests from government administrations and courts in the exercise of their functions and to defend ourselves against possible claims.
  2. WHICH DATA PROTECTION RIGHTS DO USERS HAVE?

Under applicable data protection laws, including the GDPR, you have a number of rights, including:

      1. Right of access: you have the right to obtain from us confirmation of whether or not we are processing your personal data and where we are, you are entitled to a copy of such personal data and certain other details about our processing of such personal data. You can make a request for access to any of your personal data we are processing free of charge by contacting us.
      2. Right of rectification: it is your responsibility to keep your personal data up to date. If any of your personal data changes, such as your contact information, please contact us as soon as possible to let us know to update our records. In addition, if you become aware that any information we hold about you is inaccurate, you have the right to request that we rectify any mistakes or complete any incomplete personal data we store.
      3. Right of erasure: in certain circumstances, you have the right to request that we erase any personal data of yours that we hold. We are only required to comply with such a request in certain circumstances – if you would like to make such a request, please contact us to discuss whether we can comply.
      4. Right to restrict processing: in certain circumstances, you have the right to restrict how we process your personal data. Again, we are only required to comply with such a request in certain circumstances-– if you would like to make such a request, please contact us to discuss whether we can comply.
      5. Right to data portability: in certain circumstances you have a right to (i) receive from us any of your personal data we hold, in a structured, commonly used and machine-readable format; and (ii) transmit such personal data to another data controller without interference from us. As with the above, we are only required to comply with such a request in certain circumstances-– if you would like to make such a request, please contact us to discuss whether we can comply.
      6. Right to object: in certain circumstances you can object to our processing of your personal data, such as where our processing is based on your consent or our legitimate interest. As with the above, we are only required to comply with such a request in certain circumstances-– if you would like to make such a request, please contact us to discuss whether we can comply.
      7. Right to withdraw consent: where we process your personal data on the legal basis of consent, you may withdraw your consent at any time. Where you withdraw your consent, such withdrawal with not affect the lawfulness of our processing based on consent prior to such withdrawal.
      8. Right to complain: if you are unhappy about how we have processed or are processing your personal data, please contact us in the first instance and we will try our best to resolve the issue. If we are unable to resolve the issue, or if you do not wish to raise the issue with us directly, you have the right to complain to the relevant competent supervisory authority.

Our contact details are:

European Parliamentary Forum for Sexual & Reproductive Rights
Rue Montoyer 23
1000 Brussels, Belgium
Phone: +32 (0)2 500 86 50, Email: secretariat@epfweb.org or GPAapp@epfweb.org       

  1. HOW DO WE SECURE THE PERSONAL DATA?

We have implemented appropriate technical and organisational security measures considering the risks, and we guarantee an appropriate data protection level, especially to protect personal data against accidental or unlawful destruction, alteration or against loss and against unauthorised disclosure or unauthorised access. Our security measures include:

      1. Authentication, authorisation, and access restriction mechanisms at the level of the GPA Mobile App.
      2. The use of secure and proven solutions for database service, server website, web container, user interface and integration.
      3. System design and implementation procedures based on good practices and guidelines to protect the system against the most common attacks.
      4. Obligatory use of secure passwords.
      5. Full admin control over the users.
      6. Access to information on a need-to-know basis and role-based access control.
      7. Systematic anonymisation or deletion of personal data, which is no longer necessary for the purposes for which they were collected and processed.
  2. AMENDMENTS OF OUR PRIVACY NOTICE FOR USERS AND ADMINISTRATORS

This Notice was last updated on the date set out above. We reserve the right to update and change this Notice from time to time as required to reflect any changes to the way in which we process your personal data or changing legal requirements. You will be informed about any amended Notice and it will apply from the date it is posted on our App or made available to you.  

 [RS1]Place on the website

Sign up to newsletter

By clicking on SUBMIT, you agree to receive EPF’s newsletter. You can revoke your consent at any time. Please note that you must confirm the registration in an e-mail (double opt-in procedure). Your e-mail address will of course only be used for the purpose of sending the newsletter.

EPF

EPF is a not-for-profit international organisation that is legally registered in Belgium and recognised by Royal Decree in 2000. 

EPF is a network of parliamentarians across Europe who are committed to protecting the sexual and reproductive health and rights of the world's most vulnerable. 

Contact

European Parliamentary Forum for Sexual & Reproductive Rights (EPF)
Sq. de Meeûs 18
1050 Brussels, Belgium

Phone: +32 (0)2 500 86 50
secretariat@epfweb.org

Follow us