Our Privacy Policy
Last update: September 2021
Democratic Society (‘Demsoc’) is a Brussels based international association operating in all countries of the European Union. Our registered address is: Cantersteen 10, 1000 Brussels, Belgium.
We are registered with the Data Protection Agency in Belgium.
Privacy and data protection are really important for Democratic Society. As such, we are committed to explaining very clearly how we will use any personal data we hold about you.
We have set out how we will collect and use personal data below. However if you have any concerns or question please contact our Data Protection Officer, and we’ll respond as soon as we can – and certainly within a month. You can contact us via email at dataprotection@demsoc.org, or post at:
Democratic Society, Cantersteen 10, Brussels 1000, Belgium.
The summary our policy, we don’t sell your data and will only share your data as outlined below, other than when required to by law. We only collect data to deliver the work we are funded to do so, to understand how to improve our websites and newsletter, to support our membership activities and democratic participation, and to support the further development of our work. Where we can, we will seek your consent before processing and collecting your data.
This privacy policy may change from time to time, in line with legislation or changes in our internal ways of working. We will not explicitly communicate these changes, but instead recommend you check this page occasionally for any updates.
More general information about the current laws and lawful bases for data collection can be found on the Data Protection Agency’s website.
What data we collect and how we use it
1. Our newsletter
If you subscribe to our newsletter, your name and email address will be added to our mailing list, which is hosted with Mailchimp. Note that Mailchimp may transfer personal data outside the EU, and please contact Mailchimp with questions or concerns about this.
We only use data from this mailing list to send regular newsletters, and if consent is given, to get in touch directly about activities we think might of interest. We do however gather statistics related to email opening and clicks to help us monitor and improve our newsletter. Likewise, we invite you to update your profile and provide us with additional information such as country of origin, to help us better understand our audience.
If you subscribe to our mailing list, we will retain your data until you unsubscribe, or otherwise ask us to remove your details. To help you unsubscribe every newsletter contains a quick and easy unsubscribe link in its footer.
When you unsubscribe from a newsletter managed via Mailchimp, your details remain on the list of past recipients. Mailchimp states: “Subscribers who unsubscribe themselves can’t be deleted from your list”. Provided you are still a subscriber at the point when you contact us your details can be permanently removed from the list – please get in touch with us at hello@demsoc.org if you would like this to happen.
In subscribing to the newsletter, you are consenting to the terms laid out above. The lawful basis for this is termed ‘GDPR 6(1)(a) – Consent of the data subject’.
2. Signing up to an event
We use Eventbrite to handle ticketing for some of our events. We ask for as little personal information as possible to support your attendance, such as name, email address, and whether you have any accessibility needs or dietary requirements. We will use this data to ensure we meet (wherever possible) any accessibility needs or dietary requirements, to manage ticketing, to send reminders about the event beforehand, or to send a follow-up subsequently.
Eventbrite transfers personal data outside the EU. For more information on this and to see their data retention policies, please see their privacy policy. If you sign up to attend an event of ours, we will retain any data you have provided for up to 3 months after the event, or up to 3 months after any project the event is linked to has finished – whichever is longer.
By signing up to our events, you consent to your data being used in the above ways, and the lawful basis for this is termed ‘GDPR 6(1)(a) – Consent of the data subject’.
3. Participants and clients
For those who
- have contacted us,
- have commissioned us for work or
- been part of processes that we have run and expressed an interest in staying involved in our work,
we store essential information to allow us to stay in touch (including some demographic characteristics where these are provided as part of a process). We may proactively contact these people with new opportunities for participation or information on our work and goals, on the legal basis of our legitimate interest.
4. Job Applicants
If you apply for a job with us, we will store your CV and cover letter in our internal document storage. Only those who are directly involved in the recruitment process will be able to access them. After the recruitment process has ended, we will delete all cover letters, and all CVs unless we have your consent to retain them. Where we do retain CVs, we will delete them after a period of a year. We may also retain a list of names of who applied for positions, but with no other data attached. We consider the lawful basis for storing and processing this data to be our ‘legitimate interest’.
5. Project Work
We undertake a wide range of project work – from designing and delivering collaborative and democratic processes, supporting the development of networks, through to research through workshops and interviews. Where we’re doing this, we will give you full details about how we will use and look after your personal data. In most instances, we will use a consent form that explains this, the lawful basis for processing your data, and your rights – including how to revoke consent.
6. Members
Democratic Society is a membership organisation, and processes data of our members to help us stay in contact with these members, and to process membership dues.
In addition to this, we use Mailchimp to send infrequent emails to members. Note that Mailchimp may transfer personal data outside the EU, and please contact Mailchimp with questions or concerns about this.
We consider the lawful basis for storing and processing this data to be our ‘legitimate interest’.
7. Cookies
Like many other websites, we use cookies and Google Analytics to help us make our websites better. These tools are very common but they do have privacy implications. When you visit sites that use these tools, you are potentially telling companies such as Google that you visited, as well as some information about how your web browser is configured.
We sometimes place small data files on your computer or mobile phone when you visit our site, known as cookies. This information can be useful for you. For example, if you leave a comment on the blog, cookies ensure that the next time you comment, you won’t have to re-enter your credentials.
We use Google Analytics to collect information about how people use this site. We do this to make sure we understand how we could do it better. Google Analytics stores information such as what pages you visit, how long you are on the site, how you got here, what you click on, and information about your web browser. IP addresses are masked (only a portion is stored) and personal information is only reported in aggregate. We do not allow Google to use or share our analytics data for any purpose besides providing us with analytics information, and we recommend that any user of Google Analytics does the same.
If you don’t want to share your browsing activities on this site with other companies, you can install opt-out browser plugins, such as the official browser plugin for blocking Google Analytics.
Your rights
You have a number of legal rights regarding your data. For a detailed summary of your rights, please see the Information Commissioner’s website. To exercise any of your rights, we would prefer you contact Mel Stevens, our Data Protection Officer through email at dataprotection@demsoc.org, or by sending a letter to us (addresses above).
We will respond as quickly as we can and must do so within a month. You can also exercise any of your rights to any of our team when you see us in person, or on the phone, via email, or via our professional social media accounts.
Right of access: You have the right to access a copy of your personal data, to see what information we hold about you.
Right to rectification of data: If you believe any personal data we hold about you is incorrect or incomplete, you can request we rectify this.
Right to revoke consent: You have the right to revoke consent at any point regarding activities detailed above. We have identified under activities above how to do this and will make sure we do so.
Right to erasure: You have the right to request that we delete the data we hold about you. There may be instances in which there are legitimate reasons for us to continue to hold data, but wherever possible and whenever we are relying upon your consent to hold and process your data, we will delete what we hold.
Right to object: You have the right to object or complain about how your personal data is processed. If you have any concerns about how we handle your data, please contact us. You also have the right to complain to the Information Commissioner’s Office (UK residents), or the DPA (European residents)
However, please do contact us first, so that we can try to help.