Privacy Policy

IFOAM EU is committed to protecting your privacy

To ensure that we communicate with our supporters and members through their preferred channels, and to enable us to share updates about our work, we need to collect different types of information, including personal data. We understand the trust that our supporters place in us when sharing their data, and we will always do our utmost to respect that trust and protect their personal information. 

Our full privacy policy is explained below, but the main points to note are: 

  • We will only ever ask for what we really need to know
  • We will collect and use the personal data that you share with us transparently, honestly and fairly
  • We will always respect your choices around the data that you share with us and the communication channels that you ask us to use
  • We will put appropriate security measures in place to protect the personal data that you share
  • We will never sell your data

Should you have any questions regarding this policy, please contact gdpr [@] ifoam-eu.org.
 

Privacy notice and policy 

This is the privacy policy of IFOAM EU.
IFOAM EU is both a controller and a processor of your information under the conditions of the General Data Protection Regulation (GDPR) which enters into force 25 May 2018. 
 

Contact information 

The IFOAM EU Office is located at: 
Rue du Commerce 124, 
1000 Brussels
Belgium
Tel: +32 2 280 12 23

You can contact gdpr [@] ifoam-eu.org for all GDPR related questions.
 

Introduction 

At IFOAM EU we take your privacy very seriously and we’re committed to protecting your personal information that you’ve shared with us. 

The statement below explains how we collect and use the information which you give us.

Our aim is to safeguard your privacy whilst providing a personalised and valuable experience. Collecting personal information is necessary if we are to satisfy the expectations and requirements of our supporters

Our commitment to you: 

  • We will collect, process and use the personal data that you share with us in a way that is fair, transparent, and honest
  • We will only hold and use the personal data that you share with us in the ways you say we can
  • You have the right to amend or withdraw your consent about the ways in which we hold and use your personal data at any time
  • We will always respect your personal data rights as detailed in current data protection legislation
  • As a responsible organisation, we will always comply with our responsibilities and obligations as detailed in current data protection legislation
  • Where we have your consent to do so, we may share the information that you provide to us with other organisations with which we are working; for example, with IFOAM Organics International.  We will ask for your consent to do this unless you’re inside the groups which we consider as legitimate interest groups. If you don’t want us to share your data with other organisations, you simply need to tell us. You can also amend your consent at any time by contacting IFOAM EU. We will update the data that you have shared with us regularly, and ensure it is accurate
  • We will log all changes that we make to the personal data that you share with us. You can ask to see the record of the changes at any time
  • We will do all that we can to protect the personal data that you share with us through reasonable technical and organisational safeguards and measures
  • We will make sure we manage your data in line with the rights that you have under the GDPR including the right to object or restrict the ways in which we process your data, and your right to request the erasure of your data

All the data we use is held in accordance with the requirements laid out in current data protection legislation. If you have any requests concerning your personal information or any questions about how we manage our data, please contact gdpr [@] ifoam-eu.org.
 

Ways in which we use your personal information 

In some areas of our website and other communications, we ask you to provide personal information that will enable us to enhance your site visit or contact you with information you request or that may be of interest to you, e.g. when you subscribe to our emails or newsletters. We also collect your details when you email or call us with an enquiry or complaint so we can respond effectively to you. We also collect information about the things you do on the website. This includes personal information such as your name, postal address, phone number and email address. 

We keep your personal information only for as long as required for the purposes for which it’s supplied. Where your information is no longer required, we will always make sure it is disposed of in a safe and secure manner. 

We will only ever use your data in line with our commitments to you. 
 

Our communications 

We will only ever contact you directly using the methods for which you have given your clear consent. 

We want to give you as much control over the ways we communicate with you as possible. If you’d prefer we did things differently – or even stop contacting you entirely – all communications from us will always explain how to opt-out of future communications. Our aim is to give you complete control over how we use your personal data that you share with us. 
 

How we hold and process your personal data 

To ensure that we communicate with you through your preferred channels (e.g. post, email, phone or text message), you can update your preferences at any time. To change your preferences, please contact gdpr [@] ifoam-eu.org

To be compliant with GDPR, we need to have a legal basis through which we may hold and process your data. Having completed the relevant assessments, IFOAM EU is using legitimate interest as our legal basis for communication with the following groups: our members, employees of our members, policymakers, journalists, members of one of IFOAM EU’s internal working groups. For newsletter subscription and events’ registration emails sent to our contacts outside of the above groups, our legal basis for processing will be consent.  
 

Sharing your data 

We will never sell your details to other organisations.  

If you’ve given your specific consent for us to share your data, we may share your contact details with other organisations that we work with, for example IFOAM Organics International. 
 

Keeping your details up to date 

The accuracy of your information is important to us. If you change your home or email address, or if any of the other information we hold is inaccurate or changes in any way, or even if you simply wish to check that the data you have shared with us is up to date, please contact gdpr [@] ifoam-eu.org.
 

Security  

We know how much trust you place in us when you share your personal data. Because of that we place great importance in keeping your personal information safe and protected. This applies both to the physical security of the data that we hold, and digital security features that we use.  

We take care to protect your personal information. We take steps to ensure that access to personal information is restricted to employees who need it and that all IFOAM EU staff who handle personal information are fully trained and kept up-to-date on our data management, security and privacy practices. Our employees are notified and reminded about the importance we place on privacy, and what they can do to ensure your information is protected. 
 

Website tracking  

As part of our security measures, every time our website is accessed, we record the date, time and the IP address used. In some circumstances this may mean that record is linked to the personal data you have shared. Sometimes the device used to access the website (e.g. a mobile phone, tablet, laptop) may provide us with further information, such as the device and operating system. Using this information helps us to improve our site performance for example by understanding the times of day and days of week at which we see peak traffic, and to assess the popularity of different areas of the site. 
 

Use of cookies 

Cookies are small pieces of information sent by a web server to a web browser, which enables the server to collect information from the browser. Like many websites IFOAM EU uses cookies to provide you with a more personalised web service, including monitoring the performance of our web pages, building a profile of the ways in which you use our website and finding people with similar profiles to you, which helps us to provide personalised content on social media sites you visit. 
 

Changes 

We may make changes to this policy from time to time. If we change our Privacy Policy we will post the changes on this page. When we make significant changes to this policy we will communicate with our supporters to tell them what has changed. Please revisit the policy when you want to confirm how we use your personal information. 

This policy was last revised 23 May 2018. 
 

Access to your personal information 

Under the GDPR, you have the right to request and be sent: 

  • confirmation that your data is being processed; 
  • access to your personal data; and 
  • other supplementary information that we hold about you.  

You can make a request by contacting gdpr [@] ifoam-eu.org . We will not charge you for providing the information that you request. We will respond to your request within one calendar month of the request, unless there are exceptional circumstances. 
 

Your rights and acceptance of this policy 

By sharing your consent preferences, and using our sites, you consent to the collection and use of information by IFOAM EU in accordance with our Privacy Policy. If you do not agree to this policy, please do not use our sites. 

Any personal information submitted via our websites is treated in accordance with the current data protection legislation. 
 

Information retention 

We will hold your personal information on our systems for as long as is appropriate for the activity that you gave your consent to. If you ask for your personal information to be deleted we will manage your request in a transparent way, and in line with our data retention policy.  
 

Email 

Whilst we will take all reasonable steps to protect and secure your personal data, we cannot guarantee the confidentiality of any messages transmitted between you and us via email as these are potentially accessible by the public. We will not be liable to you or anyone else for any loss relating to any email message sent by you to us or by us to you. 
 

Sensitive information 

When using or subscribing to our services, you may choose to provide us with information which is defined as sensitive personal information under the terms of the GDPR. Examples of sensitive information include details of your ethnicity or state of health. As with all the personal information which you provide to us, we shall use and store this information carefully in accordance with this privacy policy. We will always explain why we are collecting this kind of information if we ever ask for it, and we will always ask for your consent to use this data. 

This privacy policy is governed by the law of Belgium.