Confidentiality and security are paramount values for ENCOD and, consequently, we are committed to always ensuring your privacy and not to collect unnecessary information. In this Privacy Policy we share all the information about the personal data we collect. You can learn:
– Who is responsible for the processing of your data.
– For what purposes do we collect your personal data
– What is our legal basis to process this data
– How long we keep it for.
– Who do we share your with
– What are your rights
Who are we?
We are the European Coalition for Just and Effective Drug Policies (ENCOD), a non-profit organization, registered under Belgium law on June 26, 2004, with registration number 0472.682.681 with the Griffie van de Rechtbank van Koophandel, hereinafter “ENCOD”, “we”, “us” or “Data Controllers”.
For the purposes of the data protection laws of the European Union, in particular the General Data Protection Regulation (REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC) and the Organic Law 3/2018 of 5th December on the Protection of Personal Data and guarantee of digital rights, the European Coalition for Just and Effective Drug Policies (ENCOD) is responsible for all the data processing. Strategic decisions regarding the purposes and means of the processing of personal data collected through our website are always taken by our team.
If you have any questions or concerns regarding this Privacy Policy or the processing of your personal data, or wish to exercise any of your rights under the applicable law, please contact ENCOD at:
European Coalition for Just and Effective Drug Policies (ENCOD) VZW
Guldensporenstraat 61
2140 Antwerpen/Borgerhout
Belgium
Or send us an e-mail to office@encod.org.
How do we collect personal data?
ENCOD collects personal data directly from people who join ENCOD community by visiting this website, subscribing to our email newsletter, contacting us through the contact form and attending our events. We also collect your personal data when you donate or partner with us.
You may also give us information indirectly when you contribute to ENCOD through fundraising sites, when you visit and browse our website (for example, by using cookies to understand how you use our website. You can read our cookie policy here) or when you access ENCOD social media channels, such as Facebook, Twitter, or YouTube.
ENCOD may also obtain publicly available data on individuals who may be interested in supporting organizations such as ours. This information may include newspaper or other media coverage and open postings on social media sites.
What data do we collect and why?
There are several reasons why we collect and process personal data from people who sympathize with ENCOD, make donations to us, or use ENCOD services among other people:
-
- Because we have a legitimate interest in providing you with information about our activities and services that we believe will benefit our mission. When processing your personal data for our legitimate interests, we will consider and balance any potential impact on you and your rights under data protection laws and any other relevant laws. We will not use your personal data for activities where our interests are outweighed by the impact this processing could have on you (unless we have your consent or are required by law to do so);
-
- Because you have given us your consent to process your personal data;
-
- Because we must comply with a contractual and/or legal obligation.
We only collect personal data relevant to the type of transactions you conduct with ENCOD. ENCOD does not intend to collect personal data from persons under the age of 18. Persons under the age of 18 should never provide personal information on this website and may not make donations on this website without parental consent.
ENCOD will never sell, lease, or trade the information we collect from you, either on or off the Internet.
Here we explain in detail the personal information we process:
1. If you visit our website
If you visit our website, we may obtain, collect, and process your personal data for the following purposes:
-
- To provide you with access to the website and improve, test and track its effectiveness;
-
- To track certain parameters such as total number of visits, traffic data and demographic patterns;
-
- To ensure that the website content is presented to you in the most effective manner and to enhance your user experience; and
-
- To inform you of changes on the website and/or our services.
We obtain, collect, and process this personal information based on our legitimate interest to ensure that the website runs smoothly and to analyze what content is of most interest to our visitors. This helps us to keep the website available and to improve your experience when you visit it. It is always up to you to allow or reject our cookies by accepting or rejecting them or by changing your browser settings. You can review our Cookie Policy here
2. If you follow or interact with our social media
If you visit our social media profiles (Facebook, Twitter YouTube, Instagram, Telegram or LinkedIn, among others), we may obtain, collect, and process your personal data publicly available on the website for the following purposes:
-
- To understand the demographics, preferences and interests of our audience and provide the most relevant information and news on our social media profiles;
-
- To optimize our audience and segment it;
-
- To send personal and individual messages through social media channels.
We have access to and process public information about our users such as your contact information and name. We only use this data within the social media platform itself. We do not transfer your personal data to any other data processing system or database.
We use this data to monitor and improve all our communications on social media and on our website. Our legal basis for doing so is our legitimate interest. When you join our page, you give us your consent to process the personal data that you publish in your profile.
You can review the specific social media channel privacy policies, as well as configure your settings to ensure your privacy.
3. If you have joined the ENCOD Community (Newsletter)
If you have joined ENCOD Community by signing up to receive our newsletter, we will always collect your email address.
We will use this information to keep you informed. We will send you our general newsletter, communications about our activities, and information about our fundraising campaigns.
All your data is stored in Salesforce, our ENCOD Customer Relationship Management system (CRM) including details of our email correspondence that are incorporated to our CRM by an email integration system.
Salesforce is hosted outside the EEA, and is only accessible to staff with an individual login secured with password.
Salesforce has certified some of its services under the EU-US Privacy Shield. For more information on the privacy policies of its services, click Salesforce.
This data is shared with a third party, SendinBlue also hosted outside the EEA, who sends the newsletter on our behalf. The services of the processing companies we use comply with the requirements of the GDPR. You can read more about their services here.
We will process the data provided because you have given us your consent. You will be given the option to remove your email from our email list and/or update your preferences at the end of each email update.
4. If you contact ENCOD
If you interact with us by email, through our contact forms, by telephone, or in person, we may also collect and process information about the date, time and method of contact, details about donations you make to us, events, or activities you sign up for or attend and any other information you provide us with.
If you contact ENCOD regarding a job or volunteer position and send us your CV, we will include your personal and curricular data in our databases to manage your request. We might use your data in future recruitment processes.
The legal base for processing this data is to respond to your requests for information, manage the recruitment processes, and respond to your doubts or queries.
We will process your personal data because we have your consent.
5. If you donate or pay us for a service or product.
If you donate we will collect and process data relating to the financial transaction.
When you donate within the EU, in addition to collecting your first and last name, email address, mailing address, and credit card information, we will also ask for your tax identification number.
We will use your data to process credit card payments and keep a record of your donation. Our legitimacy for the processing of your data personal is based on your consent and our legal obligations established by the Spanish Law 49/2002 of December 23, 2002, on the tax regime of non-profit entities, and other tax regulations that may apply.
We will share your donation data with the tax authorities to comply with our legal obligations regarding charitable donations such as the Law 10/2010 of April 28th on the prevention of money laundering and terrorism financing.
ENCOD uses PayPal as a payment processor to process donations and store payment information. PayPal complies with EU data protection regulations and standards and/or have certified their services under the EU-US Privacy Shield. You can view their privacy and security policies here.
If you make a donation through a fundraising site, the service provider might share your details with us. We use this data to keep a record of your donation. The legal basis for this processing is your consent or a contractual obligation, depending on the platform. We encourage you to read their privacy policies when donating.
Do we share your personal data with third parties?
ENCOD will only use your data within ENCOD for the purposes for which it was collected. ENCOD will never sell, lease, or trade this information to third parties.
We may need to share data with service providers or other organizations that help us run our projects and store and manage the data. In all cases, ENCOD will remain the controller of your data and the service providers will be the data processors acting only on our instructions. We sign agreements with all the organizations and professionals we share data with to ensure that they comply with applicable data regulations. These partners or service providers may never use your data for their own commercial purposes or disclose it to third parties without our consent.
ENCOD reserves the right to disclose your personal data to third parties, organizations, or public authorities if necessary to comply with our legal obligation (e.g., to inform tax authorities about your donation) or to enforce or apply any other agreement or to protect the rights, property or safety of ENCOD, visitors, subscribers to our newsletters, donors or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction purposes.
If you access our Support Services, the team of professionals who care for you may share information with other professionals in the following circumstances:
-
- If there is sufficient reason to believe that a third party is required to ensure protection (in connection with abuse, neglect, exploitation, or abandonment), your data may be shared with a local agency providing social services that the situation requires.
-
- If you manifest a serious threat or intent to kill or seriously injure a person or group of persons who can be personally identified, and if there is sufficient reason to believe that you may carry out such a threat, reasonable steps will be taken to prevent any harm. These reasonable measures may include notifying the potential victim of the threat and the relevant authorities.
-
- If there is sufficient reason, based on the professional judgment of the service team, to suspect that there is a child abuse situation.
Do we transfer your personal data to countries outside the European Economic Area?
Some of our suppliers (data processors) are based outside the European Economic Area, so we may transfer your personal data to third countries. We always ensure that these transfers comply with the requirements of the GDPR. You give us your consent to transfer this data.
Use and transfer of data for statistical and research purposes
ENCOD has a legitimate interest in processing anonymized and pseudo-anonymized data of individuals who use its website, those who access the Support and Training Services, or who are part of the ENCOD community.
We process this data to ensure that our programs, services, and initiatives have a greater impact and for research purposes.
Occasionally, we might share this information with organizations and institutions with which we partner with for research purposes. In any case, we will ensure that our partners abide by the same security and privacy standards as ENCOD and in no case attempt to re-identify the persons concerned.
How long do we keep your data?
We will only retain the information we collect about you for as long as it is necessary for the purposes set out above, or as needed to comply with our legal obligations.
The period for which we retain your data will vary depending on the type of information and the purposes for which we process it. In general, we will retain our records for up to 6 years after your relationship with ENCOD has ended, to comply with our legal obligations. When we no longer need to use your personal data, it will be deleted from our systems and records or anonymized so that we can no longer identify you.
For more information, please refer to the following table:
Purpose of treatment | Retention period |
To provide you with our services | We will process your data for as long as you use our services. If you stop using the services, we will retain your personal data for a period of 6 years. |
Commercial communications/ newsletter | We will process your personal data until you withdraw your consent by unsubscribing from our newsletters or you object to the processing of your personal data. |
Form data | We will process the personal data you provide for a period of 2 years. |
Claims | We will process your personal data for 6 years after you have filed a complaint. |
Profiles of non-registered specialists | We will process your personal data until you object to the processing. |
Donations and purchases data | ENCOD will keep your data for as long as you are a donor, and if you stop donating as long as you do not request the deletion of your data, and in any case for the time necessary to comply with the legal retention and reporting obligation established by the legislation on associations, tax, prevention of money laundering and terrorist financing or any other regulations affecting the donations received. |
What are my rights regarding the processing of my data?
Under the GDPR you have the following rights:
-
- you have the right to be informed about the processing of your personal data (i.e. for what purposes, what type of personal data, to which recipients it is disclosed, storage periods, any third party sources from which it was obtained, automated decision making, including profiling, and the logic, relevance and intended consequences). Reading this Privacy Policy is part of your right to information,
-
- you have the right to lodge a complaint with ENCOD by sending an e-mail to office@encod.org or to its supervisory authority Gegevensbeschermingsautoriteit, Drukpersstraat 35, 1000 Brussel, https://www.dataprotectionauthority.be, if you believe that we are processing your personal data in an unlawful manner,
-
- you have the right to request a copy of the personal data we process about you,
-
- you may ask us to erase (if you believe we are not entitled to retain it) or correct (if you believe it is inaccurate) your personal data,
-
- you can object to the processing of your personal data or (where we rely on your consent to the processing) withdraw your consent,
-
- you have the right to restrict the processing of your personal data, and / or
-
- you may request your data portability.
You may contact ENCOD (see contact details in this policy) if you wish to assert any of these rights. We will comply with our legal obligations regarding your rights as a data subject.
Any request for access to your personal data must be made in writing, we will endeavor to respond to you within a reasonable period and, in any event, within one month (or such other period as we may immediately communicate to you in the case of complex or numerous requests). We reserve the right to charge a reasonable fee (reflecting the costs of providing the information) or to refuse to respond when requests are manifestly unfounded or excessive: in this case, we will explain the situation to you and inform you of your rights.
Our aim is to ensure that the information we hold about you is accurate at all times. To help us keep your information up to date, you will need to tell us about any changes to your personal data. Upon your request, we will take reasonable steps to ensure that the data is accurate and will rectify any inaccurate personal data promptly and in any event within one month of your request.
Automated decisions and profiling
No automated decisions are made. We do not use any profiling system or tool to process your data.
How do we protect your information?
We ensure that appropriate technical, physical, electronic, and administrative security measures are in place to protect your personal data from unauthorized access. We follow industry-accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. Unfortunately, the transmission of information via the Internet (including e-mail) is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data shared via our website, platform, or e-mail; you assume the risk of such transmission. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
Changes in our privacy policy
The rules governing privacy and e-commerce change frequently. Therefore, ENCOD reserves the right to update this Privacy Policy from time to time to reflect changes in regulations and our privacy practices generally. We encourage you to periodically review this Privacy Policy. If changes are significant, we will notify you by prominently posting a notice on our website.
Links to other websites
Our website or social media channels may contain links to other sites, including social media buttons. While we try to include only links to websites that share our high standards and respect for privacy, we are not responsible for the content, security or privacy practices employed by other websites. Sharing an external link does not constitute an endorsement of their website or the contents provided in them. Once you access another website from our website, you are subject to the terms and conditions of that website, including, but not limited to, its Internet privacy policy and practices. Please review these policies before submitting data to these websites.
LAST UPDATE: December 15, 2021
COOKIES POLICY
In accordance with the provisions of Article 22.2 of Law 34/2002 of July 11, 2002, on Information Society Services and Electronic Commerce (LSSI-CE) in force, European Coalition for Just and Effective Drug Policies (hereinafter, ENCOD) must comply with the obligation to inform about the cookies we use and their purposes.
What are Cookies?
Cookies are small files that are downloaded to your computer or other devices that you use to browse our website. Almost all professional websites use cookies. Generally, a cookie includes the following information: the name of the website it came from; how long the cookie will remain on your computer or device; and a value (usually a randomly generated unique number). Some cookies may include additional data related to your time zone or the language used to browse websites.
What kind of cookies do we use?
Some cookies are always active when you visit us, and you cannot disable them unless you change your browser settings. We call these cookies necessary, and we use them to ensure that our digital services work properly, enable the basic functions of our website and the management of the various forms available on the website. We base the use of technical cookies on our legitimate interest (art. 6, para. 1f RGPD) in maintaining the functionality of our website and making it enjoyable and secure for the people who use it.
We also use functional or customization cookies to make your experience with our website better. These allow you to access the service with some general characteristics predefined in your terminal or defined by you. These include language, browser type, content design, geolocation of the terminal or the regional configuration from which it is accessed. For example, we use cookies so that when you make a comment on our website, we can save your name and e-mail address.
We also use performance or analytics cookies to observe how our website and its services are used and to obtain usage statistics. Statistical evaluations allow us to improve the functionality of our pages. For example, analytics cookies show us which parts of the site present difficulties for visitors to our website and which sub-pages are most frequently visited. They also help us to continually improve our content to provide you with relevant and interesting information.
For more information on analytics cookies, see the chapters SendinBlue newsletter provider and Online marketing and analytics tools.
We also use third-party cookies. These cookies may track how different websites, including ours, are used. Examples include Google Analytics statistical services.
You can change your personalized settings and disable these cookies at any time by using the cookie settings banner at the bottom of the page when you first visit our website. If you have already accepted cookies and wish to reset them, please delete the cookies from your browser and reload the page. The banner will show you the configuration options again. In the “Disable cookies” section of this document you will find how to do this depending on the browser you use.
How do we use cookies?
To make the best use of our website, we recommend that you set your device or computer to accept all cookies. However, using your device settings, you can disable or limit certain types of cookies.
We use cookies for a variety of reasons as detailed below:
-
- To provide you with a better user experience, cookies are used to improve your experience with our services. Cookies can help in several ways, including ensuring our websites load faster, remembering how you used our website in the past, and making sure our pages are optimized for your browser or device.
-
- To improve security, we use some cookies that allow us to make our website secure.
-
- To improve of our website, we use cookies to improve our services and analyze the way people use our website making it more useful and accessible.
-
- To create outreach and fundraising campaigns, we use some cookies to send you communications regarding our outreach and fundraising campaigns in cooperation with our marketing partners (e.g. SendinBlue).
How long are these cookies stored for?
Depending on the type of cookie, some are stored for a short period of time while others are stored for longer periods. You will find more detailed information below.
Session cookies: these cookies only last for the duration of your web browsing of session. These cookies are automatically deleted when you close your browser.
Persistent cookies: these cookies last even if your browser is closed, or your device is turned off and are active for a period defined by the cookie itself. We use persistent cookies when we need to know who you are for more than one browsing session. For example, we use them to remember your preferences for the next time you visit.
Third-party cookies.
We use third-party cookies to pursue our legitimate interests and improve our website for our users.
We use social media buttons and/or plugins on this website that allow you to connect with your social network in various ways. For these to work, social networking sites such as Youtube, Facebook, or Twitter, will set cookies through our website used to enhance your profile on their site, to contribute to the data they have about you, and any other purposes described in their respective privacy policies.
Newsletter provider SendinBlue
If you subscribe to our newsletter, your email address, last name, first name and country will be transferred to the SendinBlue database owned by Sendinblue SAS, 7 rue de Madrid, 75008 Paris, France. This company is our email marketing, marketing automation and communications and community management service provider. SendinBlue uses the data collected exclusively to send information on our behalf. Only ENCOD manages and maintains its newsletter data (content and subscription information).
Online marketing and analysis tools
On our website we work with modern analysis methods and tools to understand the behaviour of our website visitors. This information helps us to continuously improve our website and to display attractive and relevant information. For this purpose, we only receive and use anonymous data that does not allow us to identify individual users.
Below we present the analytics services and technologies we use for these purposes. We also show you how to prevent these services from profiling you on our website.
The analytics and marketing tool and functions we use are third-party services. On our behalf, they collect and statistically process data about how users use our website.
We process this data based on our legitimate interest (art. 6, para. 1f GDPR) to continuously improve our website and to display interesting and relevant information.
Use of various Google services
On our website we use various services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA (“Google”).
When you use these services, Google stores cookies on your terminal equipment via your web browser. However, Google is subject to compliance with the provisions of the EU-US Privacy Shield and Swiss-US Privacy Shield agreements. According to the information provided by Google, the data collected is used to provide the services and to ensure that these services function properly.
Google Analytics with anonymization feature
We use Google Analytics. Google Analytics is widely used by many professional websites around the world. This tool helps us to understand, predict and adjust our website for users and helps us to manage our databases and improve our SEO.
Google Analytics is an analysis tool that statistically processes data about the use of our website by users. It sends information to Google’s servers about the pages viewed and the steps taken by the user (e.g., the duration of the visit, the sequence and URL of the visits and pages viewed, the page from which the user came and information about the device used, operating system, browser, and settings, as well as the approximate location). It uses cookies and similar means, such as so-called tracking pixels, to recognize users by anonymous characteristics, such as random identification numbers, and to allocate visits across different devices and sessions. On our website, IP addresses are abbreviated with the additional code “anonymizeIP”. They are therefore automatically anonymized before they are transmitted to Google.
More detailed information can be found in the Google Data Protection Documentation.
You can disable Google Analytics for your browser using an Add-on.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. With reCAPTCHA we check whether it is a person or a computer that makes certain entries in our contact or newsletter forms. With reCAPTCHA we counteract the increase of machine registrations in user accounts and newsletters. Currently, reCAPTCHA is the best protection against such attacks (bot attacks).
As soon as you access the website, reCAPTCHA analyzes your interactions using the following features:
-
- IP address of the terminal device used
-
- date and time spent on the website
-
- mouse movements on reCAPTCHA surfaces and tasks requiring image identification
-
- data identifying the browser and the type of operating system being used
-
- Google account, if you are signed into Google
The data collected during the analysis is sent to Google. According to Google, Google does not use the information collected by reCAPTCHA for targeted advertising.
Google Maps
Our website also uses the Google Maps service. Thanks to this service we can show you an interactive map on the website, which allows you to use the map function conveniently.
If clicking on the map navigation embedded in our website opens Google Maps in a new tab, please note that you are subject to the Google Maps / Google Earth Terms of Use, including the Google Data Protection Statement, if you use Google Maps.
Google Tag Manager
We use the Google tag manager. This service flexibly integrates so-called “tags”, which allow you to transfer the desired analyzed data in code to Google Analytics. It captures the IP address of incoming http requests and saves it for a short time to correct integration errors. The tag manager does not collect personal information and does not access them. The data is always anonymized.
Our website also uses Google Analytics performance reports related to demographics and interests, as well as reports on Google Display Network impressions. You can disable Google Analytics for display advertising and customize ads on the Google Display Network by visiting the ad settings at this link: https://adssettings.google.com.
Disable cookies.
You can prevent the setting of cookies by adjusting your browser settings.
Please note that disabling cookies will affect the functionality of this and many other websites you visit. Disabling cookies will generally result in also disabling certain functions and features of our services and therefore, it is recommended that you do not disable cookies.
Instructions on how to do this can be found in the table below:
Browser | Link to configuration | How you can manage Cookies |
Google Chrome | https://support.google.com/chrome/answer/95647?hl=en-GB&p=cpn_cookies | You must click on the three dots in the upper right corner and open “settings”. Then click on “security and privacy” to manage cookies. |
Safari | https://support.apple.com/en-us/HT201265 | You must go to the “preferences” settings page and click on “security”. In the “security” section you can manage cookies. |
Microsoft Edge | https://support.microsoft.com/en-us/search?query=enable%20cookies%20in%20edge | You must click on the three dots in the upper right corner and open “settings”. In the settings site, click on “privacy, search and services” to manage cookies. |
Mozilla Firefox | https://support.mozilla.org/en-US/kb/websites-say-cookies-are-blocked-unblock-them | You must click on the three bars in the upper right corner and open “options”. In the site option click on “security and privacy” to manage cookies. |
Opera | https://help.opera.com/en/latest/web-preferences/#cookies | You must click on ‘settings’, then click on advanced, and click on Privacy and Security and click on Site Settings. Once there click on Cookies and Site Data to manage cookies. |
For more information on the processing of personal data, we recommend you visit our “Privacy Policy” section.
LAST UPDATE: December 15, 2021