Ru

Donate

Privacy note for members and supporters of Civil Society Forum e.V. (CSF)

Overview of the processing of personal data of members and supporters of the assosiation

Civil Society Forum e.V.
Badstraße 44
13357 Berlin
+49(0)30 460 645 40
privacy(at)csf-ev.org

In this context, we generally process the following categories of personal data: name, email address (private or business), telephone number (private or business), organisation, position, address (business). We process your data for the following purposes in particular:

  • Membership administration (member management, collection of membership fees)
  • Communication with members (invitations to meetings, information about association activities)
  • Organisation of association events
  • Holding of general meetings and elections
  • Distribution of association publications
  • Fulfilment of legal obligations

The data processing described above is carried out on the basis of Art. 6(1)(b) GDPR (performance of a contract, organisation of events) and Art. 6(1)(f) GDPR (protection of legitimate interests, based on our interest in preparing the event in the best possible way).

  • 6(1)(b) GDPR (performance of a contract): to implement membership
  • 6(1)(c) GDPR (legal obligation): to fulfil legal obligations
  • 6(1)(f) GDPR (legitimate interest): to safeguard the legitimate interests of our organisation
  • 6(1)(a) GDPR (consent): for certain processing operations that go beyond membership (e.g. publication of photos, sending newsletters)

We process your data for the following purposes in particular:

  • Master data (name, address, date of birth)
  • Contact details (telephone number, email address)
  • Membership data (date of entry, membership number, membership status)
  • Bank details
  • Participation data (attendance at meetings, election results)
  • Functions and offices within the association
  • Communication history
  • Payment data (contribution history)

Within CSF, only persons who need your data to perform the tasks assigned to them will have access to it.

In addition, service providers or other persons who support us in the performance of our tasks may also have access to your data. These are service providers or persons in the following categories:

  • Hosting service providers for the operation of our servers (IONOS)
  • Service providers for the registration process (SeaTable GmbH)
  • Service providers for the provision of a video conferencing system (Zoom)
  • Email delivery service providers for sending emails (IONOS, Intuit (MailChimp Newsletter))
  • Banks and payment service providers for processing payments
  • Consultancy firms for support with legal, tax or business matters like external evaluation
  • Government agencies and public authorities (including for the fulfilment of tax obligations)

Service providers used by us must meet special confidentiality requirements. They only have access to your data to the extent and for the period necessary to perform their tasks.

For certain service providers such Intuit, Mailchimp (USA) for newsletter distribution or Zoom as video conferencing system data may be transferred to the USA under appropriate safeguards in accordance with Art. 46 GDPR (Standard Contractual Clauses). Intuit (Mailchimp) and Zoom Video Communications Inc. are certified under the EU-U.S. Data Privacy Framework. This ensures that these services provide an adequate level of data protection when processing data in the United States.
Beyond this, no personal data will be transferred to countries outside the EU or EEA.

We only store your personal data for as long as is necessary to fulfil the above-mentioned purposes or as required by statutory retention obligations:

  • During membership: For the duration of membership
  • After termination of membership:
    • Basic data: 3 years after termination of membership
    • Financial data: 10 years in accordance with tax law retention requirements
    • Minutes of general assembly meetings: Permanently (historical archive)

Under the GDPR, data subjects have the following rights:

 

  • Right to access (Art. 15 GDPR): The right to obtain information about the personal data being processed.
  • Right to rectification (Art. 16 GDPR): The right to request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17 GDPR): The right to request deletion of data under certain circumstances.
  • Email delivery service providers for sending emails (Intuit, MailChimp)
  • Right to restriction of processing (Art. 18 GDPR): The right to request restriction of data processing under specific conditions.
  • Right to data portability (Art. 20 GDPR): The right to receive data in a structured, commonly used, and machine-readable format.
  • Right to object (Art. 21 GDPR): The right to object to the processing of data if based on legitimate interest.
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR): The right to file a complaint with a data protection supervisory authority.
  • Right to withdraw consent: The participant has the right to withdraw their consent at any time with future effect, without affecting the lawfulness of the processing carried out based on the consent before the withdrawal. The easiest way to withdraw your consent is to send an email to privacy(at)csf-ev.org.
Donate

Want to become a member of the Civil Society Forum?

Just drop us a message stating the organisation you represent and a brief description of your motivation. We’ll follow up with the application form and other details and gladly answer any questions you may have.