top of page

Let`s Sustain GDPR COMPLIANCE POLICY

Effective Date: March, 2024

Introduction

The Let`s Sustain e.V is committed to protecting the privacy and personal data of all individuals, including event participants, partners, employees, and stakeholders. This GDPR Compliance Policy outlines how Let`s Sustain processes, stores, and protects personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

 

Scope

This policy applies to:

  1. Participants registering for Projects, events, or conferences organized by Let`s Sustain.

  2. Employees, contractors, and volunteers involved in event management and operations.

  3. Partners, sponsors, and vendors supporting Let`s Sustain events.

  4. Visitors and users interacting with Let`s Sustain through our website or digital platforms.

This policy applies to all personal data collected, processed, or stored by Let`s Sustain, regardless of location or source.

 

What Data We Collect

Let`s Sustain collects and processes the following categories of personal data:

  1. Personal Identification Data: Name, address, email, phone number, and passport details.

  2. Event-Related Information: Registration details, ticket purchases, session preferences, and event participation data.

  3. Financial Data: Payment information for event registrations and ticket sales.

  4. Media and Marketing Data: Photographs, videos, and testimonials for promotional purposes.

  5. Technical Data: IP addresses, cookies, and browsing activity on Let`s Sustain’s website.

 

How We Use Personal Data

Let`s Sustain processes personal data for the following purposes:

  1. Event Registration and Management: To facilitate event participation, ticket sales, and communication with attendees.

  2. Communication and Marketing: To send event updates, newsletters, and promotional offers with explicit consent.

  3. Payment Processing: To securely process ticket purchases and manage refunds where applicable.

  4. Compliance with Legal Obligations: To comply with applicable laws, including tax regulations and government reporting.

  5. Media Usage: Photographs and videos captured during events may be used for promotional purposes across Let`s Sustain’s platforms.

 

Legal Basis for Processing

Let`s Sustain processes personal data under the following legal bases:

  1. Consent: Data subjects explicitly provide consent for specific purposes, such as receiving newsletters or marketing communications.

  2. Contractual Necessity: Processing is required to fulfill our contractual obligations (e.g., event registration and participation).

  3. Legal Obligation: Compliance with applicable laws and regulations.

  4. Legitimate Interest: Data processing necessary for legitimate interests, such as improving event operations and participant engagement.

 

How We Protect Personal Data

Let`s Sustain takes appropriate technical and organizational measures to protect personal data from unauthorized access, loss, alteration, or misuse, including:

  1. Encryption: Sensitive data is encrypted both in transit and at rest.

  2. Access Control: Personal data is accessible only to authorized personnel.

  3. Regular Audits: We conduct regular data protection audits and assessments to ensure compliance.

  4. Data Retention Policy: Personal data is retained only as long as necessary for the purposes outlined in this policy or as required by law.

 

Data Subject Rights

Under the GDPR, data subjects have the following rights:

  1. Right to Access: You have the right to request access to your personal data that we hold.

  2. Right to Rectification: You may request corrections to inaccurate or incomplete data.

  3. Right to Erasure: You can request the deletion of your personal data, subject to legal requirements.

  4. Right to Restriction of Processing: You can request that we restrict the processing of your data under certain circumstances.

  5. Right to Data Portability: You have the right to receive your personal data in a structured, commonly used format.

  6. Right to Object: You can object to the processing of your data based on legitimate interests or direct marketing.

  7. Right to Withdraw Consent: You can withdraw your consent to data processing at any time.

To exercise these rights, please contact [Insert Contact Email].

 

Third-Party Sharing and Transfers

Let`s Sustain may share personal data with third parties under the following circumstances:

  1. Event Partners and Vendors: Data may be shared with event venues, sponsors, and vendors to facilitate event operations.

  2. Payment Processors: Payment information is shared securely with Stripe and other payment gateways.

  3. Legal Obligations: Data may be disclosed to regulatory authorities when required by law.

  4. International Transfers: If data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or equivalent frameworks.

 

Cookies and Website Tracking

Our website uses cookies and tracking technologies to enhance user experience and analyze website traffic. You can manage your cookie preferences through your browser settings.

 

Data Breach Notification

In the event of a data breach, Let`s Sustain will notify affected individuals and relevant authorities within 72 hours of becoming aware of the breach, in accordance with GDPR requirements.

 

Updates to this Policy

We may update this GDPR Compliance Policy from time to time to reflect changes in legal requirements or business operations. Any updates will be posted on our website, and significant changes will be communicated directly to participants or partners.

bottom of page