Data Protection Policy

Privacy policy

1. Data protection at a glance

General Information

The following information gives a simple overview of what happens to your personal information when you visit our website. Personal data are all data with which you can be personally identified. For detailed information on the subject of data protection in GEN, please refer to our full Privacy Policy.

Data collection on our website

Who is responsible for the data collection on this website?

The data processing on this website is done by the website operator, GEN. You can find our contact details in the imprint of this website.

How do we collect your data?

Some of your data will be collected in part as you contact us. This can be, for example, data that you enter in a contact form or as you register for the Summit.

Other data is automatically collected by our IT systems when you visit the website. These are mainly technical data (e.g. internet browser, operating system or login time). This data will be collected automatically as soon as you enter our website, similar to most sites that you visit online.

What do we use your data for?

Some of the data is collected in order to ensure the correct function of the website. Other data can be used to analyse user behaviour and optimize content.

What rights do you have regarding your data?

You have the right to receive free information about the origin, recipient and purpose of your stored personal data at any time. You also have the right to request correction, blocking or deletion of such data. You can contact us at any time at the address indicated in the imprint for further questions about the subject of data protection. In addition, you are entitled to a right of appeal to the competent supervisory authority.

Third-party tools and analysis tools

When you visit our website, your surfing behaviour can be evaluated statistically. This is mainly done with cookies and with so-called analysis programs. The analysis of your surfing behaviour is usually done anonymously; the surfing behaviour cannot be traced back to you. You can disagree with this analysis or prevent it from being used by certain tools. Detailed information can be found in the following privacy policy.

You can disagree with this analysis. We will inform you about the possibilities for contesting data in this privacy statement.

2. General notes and mandatory information

Privacy

The operators of these sites take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations and this data protection declaration.

When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This privacy statement explains what data we collect and what we use it for. It also explains how and for what purpose that happens.We would like to point out that data transmission on the Internet (e.g. when communicating via e-mail) can have security gaps. It is not possible to completely protect the data from access by third parties.

Note to the responsible body

The responsible body for the data processing on this website is:

Global Ecovillage Network
The Park, Findhorn
Forres Moray
IV 36 3TZ – UK

Telefone: +44 (0) 1309 – 692194
E-Mail: [email protected]

The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Revocation of your consent to data processing

Many data processing processes are only possible with your express consent. You can revoke consent at any time. It will be enough to send an informal message to us by e-mail. The legality of the data processing until the revocation remains unaffected by the revocation.

Right of appeal to the competent supervisory authority

In the case of data protection violations, the person concerned is entitled to a right of appeal to the competent supervisory authority.

Link to the Data protection authority: (Insert Link)

Right to Data transferability

You have the right to receive your data, which we process automatically on the basis of your consent or in the performance of a contract, delivered to you or to a third party in a common, machine-readable format. If you require the direct transfer of data to another person responsible, this is only possible if it is technically feasible.

SSL or TLS encryption

This page uses SSL or TLS encryption for security reasons and to protect the transfer of confidential content, such as orders or inquiries that you send to us as a page operator. An encrypted connection is recognized by the fact that the browser’s address bar changes from “http://” to “https://” with a lock icon in your browser line.

If SSL or TLS encryption is enabled, the data that you transmit to us cannot be read by third parties.

Information, blocking, deletion

You have at all times the right to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to correction, blocking or deletion of this data. For this as well as for further questions about personal data you can contact us at any time at the address given in the imprint.

Opposition to advertising mails

The use of contact data published within the framework of the imprint obligation for the transmission of advertising and information materials not expressly requested is hereby rejected. The operators of the sites expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.

3. Data collection on our website

Cookies

Internet pages use so-called “cookies” to track user information. Cookies do not cause any damage to your computer and do not contain viruses. Cookies are used to make our site more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer which your browser stores.

Most of the cookies we use are so-called “session cookies”. They will be deleted automatically at the end of your visit. Other cookies remain stored on your device until you delete them. These cookies allow us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, accept  cookies for certain cases or generally exclude, and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this site.

Cookies, which are necessary for the execution of the electronic communication process or for the provision of certain functions desired by you (e.g. shopping cart function) are based on article 6 paragraph 1 GDPR saved. The website operator has a legitimate interest in the storage of cookies for the technically flawless and optimized provision of its services. As far as other cookies (e.g. cookies for the analysis of your surfing behaviour) are stored, these are treated separately in this data protection declaration.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referred URL
  • Hostname of the accessing computer
  • Server Request time
  • IP Address

This data is not merged with other data sources. The basis for data processing is Article 6 (1) lit. (b) GDPR, which authorises the processing of data in order to fulfil a contract or pre-contractual measures.

Contact

If you send us inquiries via the contact form, your details will be stored in the request form, including the contact information you provided there for the purpose of processing the request and in case of connection questions with us. We do not pass on this data without your consent.

The processing of the data entered in the contact form is therefore exclusively based on your consent (art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. An informal message will be enough if sent to us by e-mail. The legality of the data processing operations until the withdrawal is not affected by the revocation.

The data entered by you in the contact form will remain with us until you ask us for deletion, revoke your consent to the storage or the purpose for the data storage is omitted (e.g. after completion of your request). Mandatory statutory provisions – in particular retention periods – remain unaffected.

4. Social media

Share content via plugins (Facebook, Twitter, and others)

The content on our pages can be shared in social networks such as Facebook, Twitter or others. This page uses the Shariff wrapper. This tool does not establish direct contact between the networks and users until the user clicks on one of these buttons.

This tool does not automatically transfer user data to the operators of these platforms. If the user is logged on to one of the social networks, when using the social buttons of Facebook, Twitter, and others, an information window appears, in which the user can confirm the text before sending.

Our users can share the content of this page in social networks without the need to create complete profiles by the network operators.

7. Plugins and tools

Vimeo

Our website uses plugins of the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.

When you visit one of our sites equipped with a Vimeo plug-in, you will be connected to the servers of Vimeo. This tells the Vimeo server which of our pages you have visited. Also, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or you do not have an account with Vimeo. The information that Vimeo collects is sent to the Vimeo server in the United States.

When you are logged in to your Vimeo account, you enable Vimeo to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your Vimeo account.

For more information about how to handle user data, see the Vimeo privacy statement at: https://vimeo.com/privacy.

Google Web Fonts

This page uses Web fonts provided by Google to provide a uniform representation of fonts. When you call up a page, your browser loads the required web fonts into your browser cache to display text and fonts correctly.

For this purpose, the browser you are using must connect to the Google servers. This makes Google aware that our website has been accessed via your IP address. The use of Google Web fonts is in the interest of a uniform and appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of article 6 (1) lit. F GDPR.

If your browser does not support Web fonts, a standard font is used by your computer.

For more information about Google Web fonts, see https://developers.google.com/fonts/faq and Google’s privacy policy: https://www.google.com/policies/privacy/.

Zoom

For the holding of the webinars we use Zoom (https://zoom.us). Data is processed outside the EU. A first name and email address are required for participation. The specified data will only be used for the respective webinar and is then not used any further. For more information on the Zoom privacy policy, see: Https://support.zoom.us/hc/en-us/articles/360000126326-Official-Statement-EU-GDPR-Compliance

 

Security

Limit Login Attempts Reloaded

To ward off brute force attacks we use the WordPress plugin “Limit login attempts reloaded”. This will store all logged IP addresses encrypted in the WordPress database. The use of Limit login attempts reloaded is in the interest of protecting our online offer. This constitutes a legitimate interest within the meaning of article 6 (1) lit. F GDPR.