WHO WE ARE
EFB is the representative office of Network of European Foundations, incorporated and operating in the Republic of Serbia, with the office at 35 Resavska Street, 11000 Belgrade, Tax no. 105140294, ID no. 17697595.
HOW AND WHAT PERSONAL INFORMATION DO WE COLLECT
As a data controller, we may obtain, collect and process information about you in the following manner:
+ Personal information you give to us: this is the information about you that you give to us entirely voluntary, by entering information via:
· When you provide your contact details to us when requesting information about EFB or our programmes, either via telephone, online or face-to-face; · When you register to attend events organized by EFB; · When you sign up for our Newsletter; · Correspondence over phone, via email or in another manner; · When you conclude contracts or agreements with us.
+ Personal information we collect about you: we may automatically collect the following information: · your visits to our sites, including, but not limited to, traffic data, location data, weblogs and other communication data, and resources you access, · technical information, automatically collect, including anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. Please see cookies for further information.
Personal information we may receive from other sources: we obtain certain personal information about you from sources outside our which may include NEF or other third-party sources.
The remaining provisions of this policy also apply to any personal information we obtain from these sources. The personal data we collect might include your name, job title, address, email address, the organization you work for and your phone number.
WHY AND HOW WE USE YOUR PERSONAL DATA
We process your personal information lawfully for: · the purpose of handling communication and exchange of information with our websites users; · the purpose of managing our partners, users or visitors, especially responding to your requests or by regularly sending you news and information on our activities and our initiatives that might arouse your interest; · any other specific purpose we describe when we collect the information. We may use and process your personal information principally:
where you have provided your CONSENT, freely and explicitly, and for specific and legitimate purposes.
You may, at any time, withdraw your consent given to us for use of your information.
where it is necessary for us to pursue our LEGITIMATE INTERESTS as an organization, provided that your interests or your fundamental rights and freedoms are not overriding, taking into consideration your reasonable expectations, based on your relationship with us.
The table below describes how we may use this data and what we understand to be the lawful basis for our processing:
Lawful basis for processing
To facilitate your attendance on our events or seminars
Consent; for the performance of a contract or an agreement
Send you information which you have requested and that may be of interest to you. This may include information about events, newsletters, publications and updates
Seek your views or comments on our work
where it is necessary for us to COMPLY WITH A LEGAL OBLIGATION and especially:
· to assist public authority or criminal investigation body; · to identify you when you contact us in connection to legal matter; · to verify the accuracy of data we hold about you.
where it is required for the PERFORMANCE OF A CONTRACT we have with you, or because you have asked us to take specific steps before entering into a contract. This will include information that we process in order to enable you to make use of our site and the services we provide through it.
HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We keep our retention periods for personal information under review. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, i.e. to achieve the purpose for which we use that information, or as long as is set out in a contract or agreement concluded between you and us or for the period of our obligations under the law. We routinely update our data to ensure those who are not engaged in our work be removed. We do not retain personal information in an identifiable format for longer than is necessary.
WHO HAS ACCESS TO YOUR PERSONAL INFORMATION
We may share your information with NEF for internal administrative purposes or in connection with their activities. We will not share your personal information with any third party to use for their own marketing purposes. However, we may disclose your personal data if required to do so by law. We may disclose your information to our third-party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include cloud service providers (such as hosting and email management) or travel agencies, hotels, administrative services or other third parties who provide services to us and assist us in the operation of our organization and website. When we use third party service providers, we only disclose personal information that is necessary for them to provide their service and we always have a contract in place that requires them to keep your information secure and confidential, and not to use it other than in accordance with our specific instructions.
Other ways we may share your personal information
We may transfer your personal information:
· if we’re under a duty to disclose or share it in order to comply with any legal obligation or when this disclosure is required by applicable laws, court orders or government regulations, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers; · to protect the rights, privacy, safety or our property; · if you have consented to the disclosure. However, we will always undertake measures aimed at ensuring that your privacy rights continue to be protected.
WHERE WE STORE YOUR PERSONAL INFORMATION
Your information is stored either in our databases or in the databases of our service providers. When we use a third-party processor, your personal data may be transferred outside the European Economic Area (EEA). However, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like New Zealand) or to a third party where we have approved transfer mechanism in place to protect your personal information, for example by entering into European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties) – when GDPR is applicable. Data can be transferred from the Republic of Serbia to a state party to the Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data or to another country after Commissioner for Information of Public Importance and Personal Data Protection authorized such transfer.
SECURITY AND CONFIDENTIALITY
We aim at always keeping your data as safe and secure as possible. Once we have received your personal information, we put in place reasonable and appropriate measures and controls to prevent as much as possible any accidental or unlawful destruction, loss, alteration or unauthorised access. Non-sensitive details (such as your email address) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal data, we cannot guarantee security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
Like many other websites, our website use Google Analytics cookies to obtain an overall view of the volumes and habits of our visitor on our website. “Cookies” are small pieces of information sent to your device and stored on its hard drive to allow our site to recognise you when you visit. It is possible to switch off cookies by setting your browser preferences. For more information about cookies and how to switch them off on your device, please visit the applicable Google Privacy & Terms.
CHANGES TO THIS POLICY
We may review this policy from time to time and we will notify you of any changes thereof by posting an updated version on this page with the note if the date of the most recent revision.
Our Data Protection Officer is Elena Petkovska Gjorgjievska. Please direct any queries about this policy or the way we process your personal information to our Data Protection Officer using our contact details below. For data protection queries you may contact us on email [firstname.lastname@example.org], call us at +381 (0)11 32 39 877 or write to us at European Fund for Balkans, Majke Jevrosime 20, 11000 Belgrade, Serbia.