EFB PRIVACY POLICY

WHAT IS THIS?

EUROPEAN FUND FOR THE BALKANS – Representative Office of Network of European Foundations (EFB) respects your rights to privacy, and this Privacy Policy reflects these rights the new General Data Protection Regulation (GDPR) (when applicable) and the Data Protection Act in effect in the Republic of Serbia (DPA) where EFB is operating. This Policy is prepared for our external contacts, partners, visitors of our website, participants in our programmes and other persons with whom EFB comes into contact whose data we collect and process. This Privacy Policy explains when, why and how we collect personal data, how we use it, conditions under which we may disclose it to others (when necessary and under certain conditions) and how we keep it secure and confidential. Please read it carefully and contact us if you have any questions or concerns by emailing to Elena Petkovska Gjorgjievska calling us at +381 (0)11 32 39 877 or writing to us at European Fund for Balkans, Majke Jevrosime 20, 11000 Belgrade, Serbia. This policy may change from time to time so please check this page occasionally to ensure that you’re all right with any changes. Please see: Changes to this policy.

WHO WE ARE

EFB is the representative office of Network of European Foundations, incorporated and operating in the Republic of Serbia, with the office at 35 Resavska Street, 11000 Belgrade, Tax no. 105140294, ID no. 17697595.

HOW AND WHAT PERSONAL INFORMATION DO WE COLLECT

As a data controller, we may obtain, collect and process information about you in the following manner:

+    Personal information you give to us: this is the information about you that you give to us entirely voluntary, by entering information via:

·       When you provide your contact details to us when requesting information about EFB or our programmes, either via telephone, online or face-to-face;
·       When you register to attend events organized by EFB;
·       When you sign up for our Newsletter;
·       Correspondence over phone, via email or in another manner;
·       When you conclude contracts or agreements with us.

+    Personal information we collect about you: we may automatically collect the following information:
·       your visits to our sites, including, but not limited to, traffic data, location data, weblogs and other communication data, and resources you access,
·       technical information, automatically collect, including anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. Please see cookies for further information.

Personal information we may receive from other sources: we obtain certain personal information about you from sources outside our which may include NEF or other third-party sources.

The remaining provisions of this policy also apply to any personal information we obtain from these sources.   The personal data we collect might include your name, job title, address, email address, the organization you work for and your phone number.

WHY AND HOW WE USE YOUR PERSONAL DATA

We process your personal information lawfully for:
·       the purpose of handling communication and exchange of information with our websites users;
·       the purpose of managing our partners, users or visitors, especially responding to your requests or by regularly sending you news and information on our activities and our initiatives that might arouse your interest;
·       any other specific purpose we describe when we collect the information. We may use and process your personal information principally:

WHY AND HOW WE USE YOUR PERSONAL DATA

EFB is the representative office of Network of European Foundations, incorporated and operating in the Republic of Serbia, with the office at 35 Resavska Street, 11000 Belgrade, Tax no. 105140294, ID no. 17697595.

where you have provided your CONSENT, freely and explicitly, and for specific and legitimate purposes.

You may, at any time, withdraw your consent given to us for use of your information.

where it is necessary for us to pursue our LEGITIMATE INTERESTS as an organization, provided that your interests or your fundamental rights and freedoms are not overriding, taking into consideration your reasonable expectations, based on your relationship with us.

The table below describes how we may use this data and what we understand to be the lawful basis for our processing:

   
Purpose Lawful basis for processing
To facilitate your attendance on our events or seminars Consent; for the performance of a contract or an agreement
Send you information which you have requested and that may be of interest to you. This may include information about events, newsletters, publications and updates Consent
Seek your views or comments on our work Consent
   

where it is necessary for us to COMPLY WITH A LEGAL OBLIGATION and especially:

·       to assist public authority or criminal investigation body;
·       to identify you when you contact us in connection to legal matter;
·       to verify the accuracy of data we hold about you.

where it is required for the PERFORMANCE OF A CONTRACT we have with you, or because you have asked us to take specific steps before entering into a contract. This will include information that we process in order to enable you to make use of our site and the services we provide through it.

WHOW LONG WE KEEP YOUR PERSONAL INFORMATION

We keep our retention periods for personal information under review. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, i.e. to achieve the purpose for which we use that information, or as long as is set out in a contract or agreement concluded between you and us or for the period of our obligations under the law. We routinely update our data to ensure those who are not engaged in our work be removed.   We do not retain personal information in an identifiable format for longer than is necessary.

WHO HAS ACCESS TO YOUR PERSONAL INFORMATION

We may share your information with NEF for internal administrative purposes or in connection with their activities. We will not share your personal information with any third party to use for their own marketing purposes. However, we may disclose your personal data if required to do so by law. We may disclose your information to our third-party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include cloud service providers (such as hosting and email management) or travel agencies, hotels, administrative services or other third parties who provide services to us and assist us in the operation of our organization and website. When we use third party service providers, we only disclose personal information that is necessary for them to provide their service and we always have a contract in place that requires them to keep your information secure and confidential, and not to use it other than in accordance with our specific instructions.

Other ways we may share your personal information

We may transfer your personal information:

·       if we’re under a duty to disclose or share it in order to comply with any legal obligation or when this disclosure is required by applicable laws, court orders or government regulations, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers;
·       to protect the rights, privacy, safety or our property;
·       if you have consented to the disclosure. However, we will always undertake measures aimed at ensuring that your privacy rights continue to be protected.

WHERE WE STORE YOUR PERSONAL INFORMATION

Your information is stored either in our databases or in the databases of our service providers. When we use a third-party processor, your personal data may be transferred outside the European Economic Area (EEA). However, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like New Zealand) or to a third party where we have approved transfer mechanism in place to protect your personal information, for example by entering into European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties) – when GDPR is applicable. Data can be transferred from the Republic of Serbia to a state party to the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data or to another country after Commissioner for Information of Public Importance and Personal Data Protection authorized such transfer.

YOUR RIGHTS

·       Subject to applicable laws and certain exemptions, restrictions or circumstances, you have a number of rights under GDPR (where applicable) and DPA, including the right: v  To access your personal information; v  To correct, modify and update your personal information; v  To erase your personal information or restrict its processing; v  To withdraw your consent; v  To object to our use of your personal information for automated decisions made about you; v  To ask us to transfer your personal information in a structured data file (data portability); v  To file a complaint with a supervisory authority and seeking a judicial remedy. ·       These rights may be exercised by written request to the contact details below. A reply will be provided to you within a reasonable delay, in accordance with the applicable regulations. ·       If you do not want to receive communications from us about our work, events, surveys and other information which we think you might be interested in, you can unsubscribe on each communication itself. Alternatively, please contact us using contact details in the end of this Privacy Policy. ·       If you would like to exercise any of your rights under DPA or GDPR (where applicable), or if you changed your email address or believe that any other information we hold is inaccurate or out-of-date, please contact us via email or office address given in the end of this Privacy Policy. ·       If you are concerned about the way we have collected and used your personal data, please contact us as described above and we will do our best to help. If you are unhappy with how we have handled your personal data, you have the right to contact the Commissioner for information of public interest and personal data protection in Serbia. ·       The accuracy of your information is important to us and you have a choice whether you wish to receive information from us.

SECURITY AND CONFIDENTIALITY

We aim at always keeping your data as safe and secure as possible. Once we have received your personal information, we put in place reasonable and appropriate measures and controls to prevent as much as possible any accidental or unlawful destruction, loss, alteration or unauthorised access. Non-sensitive details (such as your email address) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, we cannot guarantee security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.

COOKIES

Like many other websites, our website use Google Analytics cookies to obtain an overall view of the volumes and habits of our visitor on our website. “Cookies” are small pieces of information sent to your device and stored on its hard drive to allow our site to recognise you when you visit. It is possible to switch off cookies by setting your browser preferences. For more information about cookies and how to switch them off on your device, please visit the applicable Google Privacy & Terms.

CHANGES TO THIS POLICY

We may review this policy from time to time and we will notify you of any changes thereof by posting an updated version on this page with the note if the date of the most recent revision.

CONTACT US

Our Data Protection Officer is Elena Petkovska Gjorgjievska. Please direct any queries about this policy or the way we process your personal information to our Data Protection Officer using our contact details below. For data protection queries you may contact us on email [info@balkanfund.org], call us at +381 (0)11 32 39 877 or write to us at European Fund for Balkans, Majke Jevrosime 20, 11000 Belgrade, Serbia.

Scroll