Privacy notice

About Social Platform

Social Platform (“we” or “us”) is the largest network of European rights and value-based civil society organisations working in the social sector. Our mission is to advocate for policies that bring social progress to all in the European Union. We apply a human-rights approach to all of our work to fight for a socially just and cohesive Europe that promotes equality, diversity, solidarity, democracy and human dignity.

Should you require additional information about our processing of your personal data, or would like to exercise any of your rights (as further detailed below) you can contact us at privacy@socialplatform.org.

1. What is the purpose of this policy?

Social Platform is committed to ensure the privacy and security of your personal data in accordance with applicable data protection laws, including the GDPR. Social Platform is the data controller of most of the personal data you provided to us, which means that we are responsible for the processing of your personal data, as we decide why and how your personal data is processed.

This policy will explain the privacy principles we follow when you visit and browse this website (www.socialplatform.org) or subscribe to our newsletter. In particular, we want to tell you why and how we collect, process and store your personal data, what our role as “data controller” involves and what our obligations are.

We also want to inform you about the rights you have in connection to your personal data. We encourage you to read this policy in its entirety to understand what we do with your personal data, and your privacy rights.

Overall, the purpose of this policy is to provide the information required under applicable data protection laws (including the GDPR) in a transparent manner, including:

why and how we collect, process and store your personal data;
what our role as “controller” of your personal data involves; and
what your rights and our obligations are in relation to this processing.

2. When does this policy apply?

This policy applies each time we collect, use, store or process your personal data as a data “controller”, for instance when you visit and browse the website or sign up to our newsletter.

3. How do you get my personal data?

We may collect your personal data whenever:

you visit and browse our website;
you sign up to our newsletter;
you send us your resume;
you register for certain services and provide us with your information; or
you contact us and provide us with your information.

We may also collect data (using cookies, trackers and tags) about how you use our website, for example, the website from which you have just accessed our site, the sections of our website you browse, and other actions taken on our website.

Cookies are small files placed on the hard drive of your computer that allow us to, among other things, recognize repeat visitors, measure frequency of visitor use, store user preferences, diagnose problems with our server, and to track information and usage behaviour. We also use cookies to allow the embedding of links and videos to other websites. Most browsers are initially set up to accept cookies; however, you can reset your browser to block all cookies from being loaded onto your computer or to indicate when a cookie is being sent. Please be aware that refusing cookies can affect the performance of websites and may cause some parts of our website not to function properly. To find out more about the types of cookies and other tracking techniques we use, please review our cookie policy.

We also receive aggregated statistical information (such as general distribution of gender, location and age range of site visitors) from certain social media platforms, including Facebook, LinkedIn and Twitter, to measure the effectiveness of our posts and messages, but we do not receive any personal data from these providers. If you have questions about how these platforms collect and use your personal data, we recommend for you to read their privacy policies.

4. What type of personal data do you collect?

We may collect different types of personal data, such as:

information that may identify you personally (g., your name and email address);
information relating to you visiting our website (g., IP address, browser and device information, which parts of the website you like to visit, the time spent on our website);
additional personal data that you provide to us separately through one of our online forms, via e-mail or via other communication channels; and
additional personal data you provide to us separately for attendance at one of our events, as required by EU subsidies rules (g., gender, date of birthday, ID number and nationality).

5. Why and on which grounds do you collect my personal data? And for how long do you store my personal data?

We collect and use your personal data for, amongst other things, the following reasons:

to be able to register you for our services;
to register you as a subscriber to our newsletter and send you newsletters;
to improve the performance of our website, to improve the security, user-friendliness and interoperability of our website, as well as identifying usage trends and fraud prevention;
to determine the most popular and unpopular areas of our website and to help us better understand how users interact on our website;
to enable us to process your donations made via the Social Platform website;
to reach a broader audience with our initiative and website; and
to comply with applicable law or court or governmental orders.

For different types of personal data, the time period for which we actually keep your personal data depends on the purposes for which we collected your personal data. For example, we may store your personal data to send you our newsletter for as long as you have not unsubscribed. However, we generally will not store your data for longer than is strictly necessary and in any case not longer than 10 years after collection. We will delete your personal data if we do no longer need it for the purposes for which it was collected initially, and you can also request from us at any time to delete your personal data (subject to certain exceptions) by following the procedure set out under section [9] below (“What are my rights?”).

Purpose and Legal Basis of the Processing and Retention Period

We may collect personal data from you for one or more of the purposes detailed below. Personal data will only be processed to the extent necessary to achieve that purpose.

We may also use personal data for additional purposes where you have given us your consent. We will use your personal data only when we have a valid legal basis to do so.

Purpose of Processing6	Legal Basis of Processing	Retention Period
Registering you for an event.	Performance of a contract.	Ten years after the end of the reporting year during which the event took place, in line with European Commission requirements.
Registering for our services via the Social Platform website.	Performance of a contract.	Ten years after the end of the reporting year during which the event took place, in line with European Commission requirements.
Send you newsletters.	We have obtained your prior consent.	As long as you have not unsubscribed or informed us you no longer wish to be contacted. Outdated email addresses are removed
To determine the most popular and unpopular areas of our website.	We have obtained your prior consent or the processing is necessary for our legitimate interests.	No longer than strictly necessary and in any event not longer than 24 months after collection.
To improve the performance, security and inter-operability of our website.	Processing is necessary for our legitimate interest.	No longer than strictly necessary and in any event not longer than 24 months after collection.
To enter into a contract with you, to perform under a contract we have entered into with you or to enforce our Terms of Use/Terms of Service (as applicable).	Processing is necessary to enter into a contract or to perform our contractual obligations towards you.	Ten years after the end of the reporting year during which the contract expired or was terminated, in line with European Commission requirements.
Compliance with law, court or governmental orders (e.g., to reply to an official request from a public or judicial authority with the necessary authorization).	Processing is necessary to comply with our legal obligations.	For as long as required pursuant to the applicable legal obligation.

Whenever our processing of your personal data is based on your consent, you have the right to withdraw your consent, or to object to the processing of your personal data for that purpose, at any time. If you withdraw your consent or object to the processing, you will no longer receive personalized communications from us. We will delete all personal data that was collected on the basis of consent only (other personal data collected based on other legal bases such as our legitimate interest, will be retained). In certain circumstances, however, we may not be able to delete your personal data in its entirety, for example where we must keep track of certain information to comply with legal obligations.

6. Who else will receive my personal data?

We may disclose your personal data to our employees.

In addition, our website uses cookies (to find out more, please see our cookie policy and in that context we may transfer your personal data to certain third party processors such as Google, Facebook and Twitter, as well as our attorneys, accountants and advisors or other unaffiliated third party companies who provide us with assistance or advice or are under contract to perform services for or on our behalf provided that their use of personal data disclosed by us will be limited to performing services for us or on our behalf.

If you want to receive a full list of third parties with whom we may share your personal data, please contact us at privacy@socialplatform.org.

We exercise appropriate due diligence in the selection of third parties and take all steps reasonably necessary to ensure that they process your personal data securely, only as instructed by us and for no other purposes, as well as that any transfer that may occur outside the EEA is in accordance with applicable data protection laws (including the GDPR).

7. Will you transfer my personal data to other countries?

Your personal data may also be processed in other countries, including outside of Europe, where data processing and privacy regulations may not offer the same level of data protection. We will make sure that any transfer of your personal data is compliant with applicable data protection laws (including the GDPR), even if it travels outside of Europe.

If your personal data is transferred outside the EEA to a country that is not considered as providing an adequate level of data protection (as confirmed by an adequacy decision from the European Commission), subject to certain exceptions, we will generally enter into EU standard contractual clauses approved by the European Commission prior to such transfer to ensure the required level of protection for the transferred personal data. You may request additional information in this respect and obtain a copy of the relevant safeguard we have put in place by contacting us at privacy@socialplatform.org. A current list of non-EEA countries that are considered to provide an adequate level of data protection can be found on the European Commission’s website here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.

8. What happens if I do not provide my personal data?

You are not legally required to provide us with your personal data. However, any refusal on your part to provide any such data could prevent us, depending upon the circumstances, from providing certain services to you.

9. What are my rights?

You have the following rights:

you may request that we erase your personal data if it is no longer necessary for us to keep it in connection with the purposes for which it was collected (however, in certain circumstances, we may not be able to delete your personal data in its entirety, for example where we must keep track of certain information to comply with legal obligations);
you may request the restriction of the processing of your personal data in certain circumstances (for instance, where you believe the personal data that we hold is inaccurate – in this case, processing can be restricted, while personal data is being rectified);
you may change your mind if you had previously agreed to us processing your personal data;
you may object to the use of your personal data for direct marketing purposes; and
you may object to the processing of your personal data for other purposes in certain cases where we process your personal data relying on another legal basis than your consent.

We will comply with such requests, withdrawals or objections as required under the applicable data protection laws (including the GDPR).

You also always have the right to file a complaint with the competent data protection authority.

In addition, you also have the right to data portability. This is the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format and request the transmission of such personal data to you or a third party, without hindrance from us and subject to your own confidentiality obligations.

Exercising your rights

Please send an email to privacy@socialplatform.org if you want to:

exercise any of your abovementioned rights;
opt out of email or other communications from us and/or change your communication preferences;
ask any questions in relation to how we process your personal data; or
make a complaint regarding how we process your personal data.

In certain circumstances, where necessary, we may request additional information to confirm your identity. You are not required to pay any charge for exercising your rights.

10. Other websites

The website may contain links to third-party websites which are not operated by Social Platform. We will endeavour to link only third-party websites that share our high standards and our respect for privacy. However, we are not responsible for the content or privacy practices employed by these third-party websites. If you have any questions about such third parties’ practices with respect to the processing of your personal data, you should contact the responsible provider directly.

11. Security of personal data

At Social Platform several security controls are in place to protect your personal data from unauthorised access, use or disclosure.

Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the web page.

Your data is saved online and offline. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example sending monthly updates on EU policies) are granted access to personal data. The computers/servers in which we store your personal information are kept in a secure environment.

12. How will I be informed of updates to this policy?

You will be notified in advance of any future updates to this policy, both through the website (via a pop-up or otherwise) and/or through our other usual communication channels (for example by email, if available).

This policy was last updated in July 2023.

Cookie	Duration	Description
lang	session	LinkedIn sets this cookie to remember a user's language setting.
S	1 hour	Used by Yahoo to provide ads, content or analytics.
__cf_bm	29 minutes	Cloudflare set the cookie to support Cloudflare Bot Management.

Cookie	Duration	Description
_gat	1 minute	Google Universal Analytics sets this cookie to restrain request rate and thus limit data collection on high-traffic sites.
__utma	1 year 1 month 4 days	Google Analytics sets this cookie to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	30 minutes	Google Analytics sets this cookie to determine new sessions/visits. __utmb cookie is created when the JavaScript library executes and there are no existing __utma cookies. It is updated every time data is sent to Google Analytics.
__utmc	session	Google Analytics sets this cookie to enable interoperability with urchin.js, an older version of Google Analytics and is used in conjunction with the __utmb cookie to determine new sessions/visits. It is deleted when the user closes the browser.
__utmt	10 minutes	Google Analytics sets this cookie to inhibit the request rate.
__utmz	6 months	Google Analytics sets this cookie to store the traffic source or campaign by which the visitor reached the site.

Cookie	Duration	Description
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
vuid	1 year 1 month 4 days	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos on the website.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
NID	6 months	Google sets the cookie for advertising purposes; to limit the number of times the user sees an ad, to unwanted mute ads, and to measure the effectiveness of ads.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
COMPASS	1 hour	Description is currently not available.
uv_2874821686796249763	1 day	Description is currently not available.
uv_3113291211026632736	1 day	Description is currently not available.