This privacy policy will explain how our organisation uses the personal data we collect from you when you use our website.

The topics covered:

Contact data
What are your data protection rights?
Cookies
What data do we collect?
How do we collect your data?
How will we use your data?
Data sharing with third party recipients
How do we store your data?
How long do we store your data?
Questions, comments and concerns
How to contact the appropriate supervisory authority
Changes to our privacy policy
Version history

1. Contact data

Our contact data is:

World Ethical Data Forum Ltd
Madison Building
Midtown
Queensway
GX111AA Gibraltar

Telephone: +30 698 580 84 60
E-mail address: contact@worldethicaldata.org

Our Data Protection Officer is: Sander Venema, who can be contacted at privacy@worldethicaldata.org for any questions about this privacy policy or your personal data. If you have any questions or concerns about our use of your personal information, please refer them to the DPO, or alternatively, send them using the contact form on our website, or to the email addresses stated above.

2. What are your data protection rights?

WEDF would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request WEDF for copies of your personal data.
The right to rectification – You have the right to request that WEDF correct any information you believe is inaccurate. You also have the right to request WEDF to complete the information you believe is incomplete.
The right to erasure – You have the right to request that WEDF erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that WEDF restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to WEDF's processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that WEDF transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact our Data Protection Officer at privacy@worldethicaldata.org.

3. Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

This website does not use any cookies, except for visiting our donation page, or when visiting a page with an embedded Vimeo video. In the case of the donation page, cookies will also be set by our external payment provider to process the payment. This only happens when donating.

In all other areas of the website, no cookies from us, or third parties are placed, with the exception for Vimeo, to enable the Vimeo embedded video player to work. We don’t serve any ads.

3.1 How to manage cookies

You can set your browser not to accept cookies, and you can also remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

4. What data do we collect?

The following table contains the data this website collects. The column “Legal Basis?” refers to a legal basis mentioned in Article 6 of the GDPR.

What?	For what purpose?	Legal basis?
Your e-mail address and name	For the purpose of being able to e-mail you, at your express opt-in consent, about news relating to our event. This information is only collected when you fill in our “registration” form.	Consent
Other personal information (address, phone number, etc.)	For the purpose of being able to donate. The address information is used for invoicing purposes and for fraud preventing purposes in relation to your donation.	Consent, Contract
Your IP address, date & time of access, URL of the page being viewed, URL of the page that was viewed prior to the current page (referrer), Files on our site that were clicked and downloaded, Pages generation time (the time it takes for webpages to be generated by the web server and then downloaded by the user), User Agent string and HTTP request information	For the purpose of detecting and responding to security incidents. This information is stored in our log files and is only accessible to our system administrators.	Legitimate interests
Payment information (credit card number, CCV code, etc.)	This information is directly collected by our payment processor, and we do not store or process this information in any way, shape or form. Our payment processor requires this information in order to process donations.	Contract

Here's an overview of the exact details on the cookies we set and what purposes they serve:

Name cookie	Purpose	Set by	Lifetime
`__cf_bm`	Functional; to read and filter requests from bots (source: https://cookiedatabase.org/cookie/cloudflare/__cf_bm/)	Vimeo	30 min
`vuid`	Statistics; to store the user's usage history (source: https://cookiedatabase.org/cookie/vimeo/vuid%e2%80%a8%e2%80%a8/)	Vimeo	2 years

5. How do we collect your data?

With the exception of the data in our web server’s log files, you directly provide us with the data we collect. We collect and process data when you:

Register for any of our events on this website.
Voluntarily complete a form or provide feedback via our contact form or via e-mail.
When you choose to donate.

6. How will we use your data?

We collect your data so that we can:

Process your registration for the event.
E-mail you with news about our events.
Process your donation.
For the purpose of detecting and responding to security incidents.

When we processes your donation, we may send your data to and use the resulting information from our payment provider in order to process the payment.

7. Data sharing with Third Party recipients

We share your personal data with the following third party recipients for the purpose of enabling us to deliver our services, subject to conditions described below:

If you provide your e-mail address on to the ‘registration’ form, or pre-register for events, or subscribe to our newsletters, we will store your e-mail address in a mailing list provided to us by Send in Blue (7 rue de Madrid, 75008 Paris, France) in order for us to be able to inform you via e-mail about news related to our events. You can always unsubscribe using the link at the bottom of each e-mail sent. For more information, read Send in Blue's GDPR policy and privacy policy.
We use Element as our event platform, an open source Matrix client. For more information, please read Element's privacy policy.
We also may share some of your information with our payment processor if necessary for the proper processing of your donation. This only happens if you decide to donate.

In all other cases, your information will not be shared with any third parties.

8. How do we store your data?

We store your data in various formats on the server, for example in a database or in log files. Passwords you provide us will be stored in hashed form. We take all appropriate and reasonable technical and organisational measures to protect your personal data from unauthorised access or disclosure, misuse or destruction. Because passwords are stored in hashed form, we cannot re-send you your passwords. In case you lost your password, we provide a password reset form which will send you a link to a password reset form in order for you to be able to regain access to your account.

9. How long do we store your data?

For the log files, we store your data for a maximum of 7 days. This provides us with the necessary time frame to respond to security incidents.

For the e-mail address and personal information, we store your data until the event has come to a conclusion. This allows us to inform you about the event. Also the information may be necessary to combat fraud. If you previously made an account, if you choose to delete your account this information will be deleted as well. If you are subscribed to any newsletters, your e-mail address will be kept until you choose to unsubscribe by using the 'unsubscribe' link below every e-mail.

For the username & password, this data will be stored until you choose to delete your account with us.

The payment information is not stored or processed by us in any form, shape or format. This data is used by our payment processor only to process the payment.

10. Questions, comments or concerns

Should you have any questions, comments or concerns about the way we handle any privacy matter, please contact our DPO Sander Venema at privacy@worldethicaldata.org or use our contact form or contact details at the top of this privacy policy to send us a message.

11. How to contact the appropriate supervisory authority

Should you wish to report a complaint or if you feel that WEDF has not addressed your concern in a satisfactory manner, you have the right to lodge a complaint at the Data Protection Authority (DPA), which for Gibraltar is the Gibraltar Regulatory Authority (GRA).

12. Changes to our privacy policy

WEDF keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 10 August 2022. A record of the changes made is kept under section 13. Version History.

13. Version History

Version	Date published	Comment
2.2	2022-08-10	Rewritten sections to better reflect the new changes to the website.
2.1	2022-07-08	Clarified rights explanations
2.0	2022-06-11	Removed Motomo Analytics; fixed spelling errors.
1.9	2022-06-04	Removed Typeform, Eventbrite & Swapcard from third parties.
1.8	2021-07-30	Corrected spelling/grammar error
1.7	2021-03-25	Removed language about social media campaign tracking
1.6	2021-03-25	Added Typeform to third parties
1.5	2021-03-17	Added EventBrite to third parties
1.4	2021-03-13	Added Swapcard to third parties
1.3	2021-01-11	Added language about social media campaign tracking
1.2	2020-10-30	Added more detailed cookie information, corrected address
1.1	2020-10-29	Added Matomo analytics explanation
1.0	2020-07-05	Initial publication