European Coalition for Just and Effective Drug Policies (ENCOD)
Effective Date: February 2026
The Privacy Policy ENCOD explains how the European Coalition for Just and Effective Drug Policies collects, uses, and protects personal data under the GDPR and Belgian law.
We respect your privacy. Therefore, we collect only the data we truly need. In addition, we explain clearly how we use it and how you can control it.
What Is Covered in the Privacy Policy ENCOD
This Privacy Policy ENCOD explains:
• Who controls your data
• What data we collect
• Why we process it
• How long we keep it
• Who we share it with
• Whether we transfer data outside the EU
• What rights you have
1. Who Controls Your Data?
The data controller is:
European Coalition for Just and Effective Drug Policies (ENCOD) VZW
Guldensporenstraat 61
2140 Antwerpen/Borgerhout
Belgium
Registration number: 0472.682.681
Email: office@encod.org
ENCOD decides why and how your personal data is processed. Therefore, we are responsible for protecting it.
2. How We Collect Personal Data
We collect personal data when you:
• Visit www.encod.org
• Subscribe to our newsletter
• Contact us
• Donate
• Register for events
• Apply for a job or volunteer role
• Interact with us on social media
In addition, we may process information that is already public. However, we never collect more than necessary.
We also do not knowingly collect data from children under 18 without parental consent.
3. What Data We Collect
Depending on your interaction, we may collect:
• Name
• Email address
• Postal address
• Donation details
• Communication content
• Event participation details
• Technical data such as IP address
• Recruitment information such as CV data
We collect this data only when relevant. In other words, we do not gather unnecessary information.
4. Why We Process Your Data
We process personal data for clear and lawful reasons.
a. Based on Consent
For example, we process data when you subscribe to our newsletter or accept cookies. You can withdraw consent at any time.
b. To Perform a Contract
For example, we process donations, event registrations, and applications.
c. To Meet Legal Obligations
For example, we comply with accounting and tax laws.
d. Based on Legitimate Interest
We also process data to:
• Improve website performance
• Ensure security
• Manage communications
• Evaluate advocacy impact
However, we always balance our interests with your rights.
5. Website Use and Analytics
When you visit our website, we collect technical data. For example, we may collect browser type and anonymized IP address.
We use analytics services provided by:
Google LLC
These tools help us understand how visitors use the site. As a result, we can improve accessibility and content.
However, analytics cookies are only activated after you give consent. Therefore, you remain in control.
6. Newsletter and Supporter Data
If you subscribe to our newsletter, we collect your email address. In some cases, we may also collect your name and country.
We use:
Brevo
to send emails.
In addition, we may use:
Salesforce
to manage supporter information securely.
Both providers act under GDPR-compliant agreements. Where data is transferred outside the EU, we apply Standard Contractual Clauses.
You may unsubscribe at any time. Therefore, you stay in control of your communications.
7. Donations and Payments
When you donate, we collect only the information needed to process the payment.
This may include:
• Name
• Contact details
• Payment information
• Tax number if required
Payments may be handled by:
PayPal
We do not store full credit card details. Moreover, we never sell or trade donor information.
8. Data Sharing
We share data only when necessary. For example, we may share data with:
• Hosting providers
• Email service providers
• Payment processors
• Tax authorities
However, all partners must follow GDPR rules. In addition, they may not use your data for their own purposes.
9. International Transfers
Some providers operate outside the European Economic Area. Therefore, data may be transferred abroad.
In such cases, we apply:
• Standard Contractual Clauses
• Contractual safeguards
• Technical security measures
As a result, your data remains protected.
10. How Long We Keep Data
We keep data only as long as needed.
For example:
• Newsletter data: Until you unsubscribe
• Donation records: Up to 6 years
• Contact form data: 2 years
• Recruitment data: Up to 2 years
After that, we delete or anonymize the data.
11. Your Rights
Under the GDPR, you have the right to:
• Access your data
• Correct inaccurate data
• Request deletion
• Restrict processing
• Object to processing
• Withdraw consent
• Request data portability
• File a complaint
You may contact us at office@encod.org.
You may also contact:
Gegevensbeschermingsautoriteit
We respond within one month.
12. Automated Decisions
We do not use automated decision-making or profiling.
13. Data Security
We apply technical and organizational measures to protect your data.
For example, we use secure hosting and access controls. However, no internet system is completely risk-free.
14. Updates to the Privacy Policy ENCOD
We may update this Privacy Policy ENCOD from time to time. Therefore, we encourage you to review it regularly.
The latest version is always available on www.encod.org.