Privacy Notice

Please read this Privacy Notice carefully to understand how we collect, use and store your personal data. We may update this Notice from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on our website. Where appropriate, we will inform you of significant changes by suitable means (for example, by email or website notice).

CONTENTS

  • Who we are
  • What personal data we collect and why
  • Our legal bases
  • Who we share your data with
  • How long we keep your data
  • How we keep your data safe
  • Your rights and how to contact us
  • Changes to this notice
  • Complaints (Belgian Data Protection Authority)

I. Who we are

Embrace the Earth is an international non-profit organisation registered under Belgian law. In this Privacy Notice, "we", "us" and "our" refer to Embrace the Earth. For the purposes of the GDPR, we are the data controller.

Address is: Rode-Kruislaan 39, 3200 Aarschot, Belgium.

Contact email: info@embracetheearth.eu 

For privacy-related questions please contact us at info@embracetheearth.eu 

II. What personal data we collect and why

Depending on how you interact with us, we may collect the following personal data:

  • Contact details: your name and email address (and, if you choose to provide it, your organisation, address and phone number).
  • Communications: the messages you send us and your communication preferences (e.g. whether you want to receive updates).
  • Event participation (if applicable): registration details and attendance information.
  • Photos/videos (only if applicable): images or recordings from our events, where you have been informed in advance and, where required, you have given consent.
  • Website usage (if applicable): basic technical data (e.g. device/browser information and IP-related data) collected through cookies and embedded third-party services, in line with our Cookie Notice and your consent preferences.

We use personal data only for limited purposes, depending on how you interact with us:

  • To respond to your enquiries when you contact us (e.g. by email or contact form).
  • To manage event registrations and attendance and to share practical information related to an event you signed up for.
  • To run and improve our website (e.g. security, basic analytics, and performance), in line with our cookie settings.
  • Photos/videos at events (if applicable): to document and communicate about our activities where participants have been informed in advance and, where required, have given consent.

III. Our legal bases

We process personal data on the following legal grounds:

  • Consent (Article 6(1)(a) GDPR): where you have given us permission, for example when registering for an event, agreeing to receive updates, or allowing us to use non-essential cookies and third-party services (such as embedded videos, maps or social media tools) in line with your preferences, or where photos/videos are taken and consent is required.
  • Legitimate interests (Article 6(1)(f) GDPR): where processing is necessary for the functioning of our organisation, such as responding to enquiries, organising events, ensuring the security and basic operation of our website and IT systems, provided that your rights and freedoms are not overridden.
  • Legal obligation (Article 6(1)(c) GDPR): where we are required to comply with applicable laws (e.g. accounting or administrative requirements).

IV. Who we share your data with

We do not sell your personal data and we do not share it with third parties for their own marketing purposes.

We may share limited personal data with trusted service providers who help us operate our website and organise our activities, including:

  • Website hosting and IT providers
  • Email and productivity tools used to manage communications and event registrations
  • Zoom Video Communications, Inc., which we use to organise and host webinars and online events

These service providers process personal data on our behalf and are required to protect it in accordance with applicable data protection laws.

We may also disclose personal data where required by law.

International transfers

Some of our service providers (such as Zoom) may process personal data outside the European Economic Area (EEA). Where this occurs, appropriate safeguards are in place, such as the European Commission's Standard Contractual Clauses or other lawful transfer mechanisms.

V. How long we keep your data

We only keep personal data for as long as necessary for the purposes for which it was collected.

  • Enquiries and email communications: We retain correspondence for as long as necessary to respond to your request and for a reasonable period thereafter for administrative purposes.
  • Event registrations and webinar participation: We retain registration data for as long as needed to organise the event and for a limited period afterwards for record-keeping purposes.
  • Photos and recordings (if applicable): We retain these for as long as they are relevant to our activities, unless you request their removal where applicable.
  • Website technical data: Retained in accordance with our hosting provider's standard log retention practices.

Where we are required to keep data for legal or accounting purposes, we will retain it for the period required by law.

VI. How we keep your data safe

We take appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

In particular, we:

  • limit access to personal data to authorised volunteers only, on a need-to-know basis;
  • use password-protected accounts and devices and keep software up to date where possible;
  • store information in trusted tools/services used for our communications and events;
  • take reasonable steps to ensure data is backed up and protected against loss.

Please note that no method of transmission over the internet or electronic storage is completely secure.

VII. Your rights and how to contact us

Under the GDPR, you have the right to:

  • access your personal data;
  • request correction of inaccurate or incomplete data;
  • request deletion of your data (in certain circumstances);
  • request restriction of processing (in certain circumstances);
  • object to processing based on legitimate interests;
  • withdraw consent at any time (where processing is based on consent);
  • request data portability (where applicable).

To exercise your rights, or if you have any questions about this Privacy Notice, please contact us at: info@embracetheearth.eu 

You also have the right to lodge a complaint with the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit).

VIII. Changes to this notice

We may update this Privacy Notice from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on our website. Where appropriate, we will inform you of any significant changes by suitable means.

IX. Complaints (Belgian Data Protection Authority)

If you have concerns about how we process your personal data, please contact us first at info@embracetheearth.eu and we will do our best to resolve the issue.

You also have the right to lodge a complaint with the Belgian Data Protection Authority (Autorité de protection des données / Gegevensbeschermingsautoriteit).