Protection of data as a fundamental principle
The security of our users’ personal data is very important to us. You can be assured that we will handle your data with extreme care and sensibility in order to ensure a high standard of security. As a matter of course, we abide by the provisions of the EU-Directive 95/46/EC on data protection and the national data protection laws. As a result personal data is only collected and processed within the bounds set up in these privacy policies. Privacy when using Adhocracy1. European Servers
Data on the platform will be exclusively saved on European servers, for which the European data protection law applies. 2. Registration
By registering at (Name of the platform) you agree to the data processing procedures described in this declaration of privacy, which allows us to collect, process, and use your personally identifiable data (See also Chapter 4.7 c). 3. Use by minors
If you are a minor (under 18 years old), you declare through registration that your parents or legal custodians are in agreement with your use of the platform and the data processing operations described in this Privacy Statement.4. Retraction
You can of course rescind your agreement at any moment. Your retraction can be sent to us via mail or via email to (Contact info of the respective partner of the EUth project or central contact person for the platform; in the original firstname.lastname@example.org). After doing so, you will receive information in writing or electronically regarding the nature of the data we have saved related to your person: to receive this information simply request it by email. 5. Manner and extent of the collection and processing of personal data
We collect and process data when you register with us and take advantage of our offered services. Similarly, and to a certain extent, we save the data that concerns the use of our services. Additionally, we of course save the data from postings made on our servers, in order to make this data (the so-called content data) available to others too (to the extent which the user specifies). Here we distinguish the following data:
a) Stock data
When you register with us, we ask you to give us the following data: an email address, a password (the password is never shown in clear text), as well as a username.
The above-mentioned data is your “stock data.” We require these stock data so as to manage our user accounts and to contact the users if necessary. We explicitly request that when choosing a username you use a pseudonymous name or email address, so third parties and individuals cannot ascertain your real name from this information.
Of course, our input screens are http-encrypted to avoid third parties reading your input.
b) Usage Data /Usage profile/Cookies
In principle, you can use our websites without disclosing personally identifiable data. However, through the use of our websites a variety of data are accumulated. With regards to this data the following applies:
1. When our websites are visited by registered users or even visited by other Internet users, we save certain data in so-called 'log files.' A log file is made up of an IP-address, the beginning and end times of the visit, information regarding the amount of data transferred, and information about the sub-pages of (Name of platform) which were loaded. We save and collect the log files for security reasons, in order to more accurately identify and understand a case of abuse or misuse of our services. For this reason we specifically save your IP- address for a maximum of 14 days for security approval when you post something on the website.
2. Among various information collected through the use of log files, we acquire information as to how our service is used. For example, we can learn which websites are especially popular and which sites are most used, and how internal website navigation takes place etc. The results of this analysis are wholly statistical and anonymous at the end of their processing, because we delete the IP-addresses after their 14-day storage period. We use this data then to editorially and technically optimise our services and for scientific investigation within the framework of the EUth project (see information about the project, template in Chapter 8.1, and links). For example, this means that we do not know what usage behaviour you prefer, rather, that a certain and unknown user has a certain behavioural usage. We have no operating reason or interest whatsoever in identifying a specific individual through their IP- address. The data collection, storage and use in accordance with chapter 4.6 can be objected to at any time - apart from storage for security reasons.
c) Content data
After your user account is cleared you have the ability/possibility to make posts, to comment, etc. If so desired, you can complete your user profile by adding information about yourself and by uploading a profile picture. This information and your posted opinions can be traced back to you by
any third party individual using the website. Similarly, the user profile data and posting data is information that we must save. Be mindful of which personal data you disclose, as it can be called up by anyone using the Internet.
Whether or not you post anything or complete your user profile with additional information is fully up to you. However, you should only fill out your profile after you have thought over the consequences of its use and after you have briefed yourself on all of the information concerning the use and option settings in your user profile (see below). In regards to your user photo, we ask you not to use a photo that has a realistic representation of your person, so as to maintain consistency with your desired anonymity as shown by your choice of a pseudonym. 6. Forwarding of data to third parties, publicity, science
We only forward data to third parties, if one the following situations emerges:
- It is necessary to carry out the existing contractual relationship with you or to enforce our claims and rights,
- It concerns binding legal orders of governmental institutions, especially law enforcement and regulatory authorities and the transmission to respond to threats to public safety and order and to prosecute criminal offences
- And/or we are otherwise required by law to do so.
All of your postings, votes, and comments on (Name of platform) are public and are 'forwarded' or passed on, in the sense that they are a part of online participation. What you post is wholly up to you. Due to the fact that your posting is tied to your username, which is available to be viewed by all who have an internet connection, we ask you once again, to choose a pseudonymous username, through which you can’t be identified. Be reminded that a search engine may recover your posts. Be aware that content is easily accessible on the Internet, and be reminded of the public nature of your posts. The participation projects on the platform will remain accessible afterwards in the archive. Retired users are also featured in contributions (however <username> is replaced by an <anonymous> profile).
c) Scientific research as part of the EUth project
Your user behaviour is analysed anonymously by the EUth project (link here to information about the project). This anonymous data will be passed on by partners of the project and in a pool of research data generated with public funding to Horizon 2020 (EU-funding programme for research and innovation). Horizon 2020 is a programme through which the European Commission promotes R&D projects at European level, i.e. with the participation of several European countries. It will run from 2014 to 2020.
7. Logging in with external users’ accounts
If you have an account though a third party developer that offers the ability to log on to (Name of platform) through the use of one of their accounts (such as logging in with an OpenID account), just enter your particular login details into the provided fields on the login page. The login will be carried out and processed by our server, but the actual login process occurs through the third party service provider. From this log-in we receive and hold on to a user ID that states that you are logged in with this ID. This information suffices for us to grant you direct access to your account on OPIN. During this process we receive and hold on to information that a certain verified user would like to log into (name of platform) and a rather unusable ID (a user handle). Whether we receive any additional information depends on the respective third party service provider and what settings the user has set up regarding their information through that specific third party service provider. Depending upon the service provider and your respective settings, we could receive a variety of data; most often that is in the form of an email address and a username. During this entire process we also take note of the fact that you logged in through the use of an external profile. The above-mentioned rules are also valid for your visit to our website via these avenues. 8. Links to other websites
Our website contains links to websites from other service providers who do not have any official connection with our service. After a link is followed, we no longer have any influence over the processing of data possibly transferred over to third parties through clicking on the link itself (which could be information concerning your IP address or the URL of the link). We do not have any control over the actions of third parties. As a result of this, we cannot assume any responsibility for the processing of such data by third parties.
Our website also contains share buttons and links to social media sites and the like. For these, OPIN applies a double-click solution which activates the transfer of data to social media sites only after the user has given his or her consent to this. If a user wants to share content from OPIN or clicks on a link to a social media site, he or she is asked to click a second time in order to enable the functionality and the transfer of data to the respective other sites and services.9. Disclosure, revision, deleting, blocking
Upon written request we can provide you with information about which personal data which concerns you are saved on our servers. The user can delete the user profile at any time. 10. Security
We make use of technical and organisational security measures, in order to ensure that the personally identifiable data of our users is protected from being lost, inappropriately changed, or incorrectly accessed by third parties. Our security measures include: encryption of data in TLS; automatic recording of changes, including the identity of the processor; ensuring that only a small number of employees of the Liquid Democracy e.V. have access to the server; Server operation in the fail-safe and protected data centre Hetzner Online AG; regular data backup on physically separate servers. In every case, our website only allows specific persons that we have expressly authorised access to your personally identifiable data insofar as to fulfil the above mentioned goals of their protection. 11. Messaging
a) Messaging between users
Within the software it is possible for you to send other users private messages. It is also possible to receive messages from other users. Unless you explicitly publish the contents of a message, these messages will remain unpublished and are not read by us. We however maintain the right within legal boundaries to hold these messages on our servers.
b) Messaging sent from us to you
With your registration you accept in the terms and conditions that we can contact you in exceptional cases via your provided email address (for example, for scientific inquiry related to the EUth project and for the continued development of the platform). We pledge not to send you advertisement of any form in these emails. 12. Analysis Services
If you do not agree with the storage and analysis of data from your visit then you can object to this storage and use at any time, with just a click of a mouse. In this case, a so-called opt-out cookie is stored in your browser, which means that Piwik has not collected any session data. Caution: If you delete your cookies, this means that even the opt-out cookie will be deleted and may need you to re- activate it 13. Objection
Here you can decide whether a unique web analytics cookie may be stored in your browser in order to allow the operator of the website to collect and analyse various statistical data. If you want to decide against this, click the link below to drop the Piwik opt-out cookie in your browser. Privacy when using the FlashPoll App
Data protection in the use of FlashPoll app is regulated as part of the "Developing a Municipal FlashPoll Tool" project in the "Manual for Successful Mobile Participation" in the Chapter "FlashPoll and Privacy" (p.22).12 It provides for the protection of localisation data and the answers given via the app. 1. European Servers
Data on the platform will be exclusively saved on European servers, for which the European data protection law applies. 2. Consent
Through downloading and using the app, users consent to the use of their localisation data and anonymous responses within the use of the app (Disclaimer, similar terms and conditions). 3. Protection of localisation of data, separation of data
Location data will only be used in order to make surveys site-specific, since the user answers questions about specific, local issues via the app (e.g. "What should be built here? A, B or C?") Localisation is used separately from anonymous responses, users cannot be identified by answers. User recognition is not used, a random ID encryption takes place immediately, so there is no possible inference from responses to user ID or users themselves. No user profiles are created from the answers, localisation data or user ID. 4. Anonymisation
All responses are made automatically anonymous when using the FlashPoll app and the user ID can not be used to draw conclusions about participants. Android owners use their Google account to download the FlashPoll app, this can not utilise any other user information from Google Accounts and also gives no information to Google.
5. No transfer of data to third parties
Localisation data and responses are handled sensitively; they are used only in the context of the project and will not be passed on to third parties. Answers will only be used anonymously.