Home > Data Protection Policy

Data Protection Policy

Data Controller

Data Controller Information

Company Name: Mediators Beyond Borders International
Registered Address: 2001 L Street NW, Suite 500, Washington, DC 20036

Email: info@mediatorsbeyondborders.org
Email: info@mediatorsbeyondborders.org

Data Processing

Purpose of Data Processing

The personal data collected during all touchpoints with MBBI (donations, events, membership, newsletter sign up, etc) will be processed for the purpose of:
– Managing event logistics, communication, and notifications.
– Ensuring compliance with legal and security requirements.
– Sending relevant updates and post-event information.

Legal Basis for Processing

The processing of personal data is based on:
– The necessity for contract execution (Art. 6(1)(b) GDPR) – for event participation.
– Legitimate interests (Art. 6(1)(f) GDPR) – for event security and communication.
– Explicit consent (Art. 6(1)(a) GDPR) – for marketing and promotional activities, if applicable.

Data Retention Period

Personal data will be stored for:
– The duration of the event and in perpeutity following until you unsubscribe, opt-out, or ask to be removed
– Legal or compliance purposes as required by applicable laws.

Data Sharing and Third Parties

Personal data will never be shared:
– Only MBBI staff have access to our CRM system, which is password protected and securely stores on NeonOne.

Rights & Security

Data Subject Rights

As a data subject, you have the right to:
– Access, correct, or delete your personal data.
– Restrict or object to processing.
– Withdraw consent at any time without affecting the lawfulness of prior processing.

Security Measures

We implement technical and organizational measures to ensure data security, including encryption, access controls, and secure storage.

Agreement

Data Processing Agreement
  1. The data controller entrusts the processor with processing personal data solely to the extent necessary for the proper execution of the event registration, donor management, membership management, and maintaining all email-based communication.
  2. For the purpose of fulfilling contractual obligations, the processor may process the following personal data:
    – First and last name, company name, job position, email address, phone number, and address.
    – Data will be provided in the CRM system Neon, collected via event, membership, donation, or subscription registration form.
  3. The processor is authorized to perform the following actions concerning the entrusted data:
    – Collecting and verifying data.
    – Updating or correcting incorrect or outdated data.
    – Supplementing missing but necessary data.
    – Processing data to generate reports for the data controller.
  4. The processor is not allowed to entrust data processing to a third party without prior written consent from the data controller.
Agreement

By submitting the registration form, you confirm that you have read and understood this Data Protection Policy. MBBI reserves the right to update this policy as needed.

Compliance

  1. The processor commits to adhering to the Polish Personal Data Protection Act of May 10, 2018, and the EU GDPR (Regulation 2016/679).
  2. Compliance with the Regulation of the Minister of Internal Affairs and Administration of April 29, 2004, regarding the technical and organizational security of IT systems processing personal data is mandatory.
  3. The processor declares that:
    – Personal data may be processed for contact purposes related to future service orders.
    – The data controller retains the right to access, amend, or request deletion of their data.
    – Before data processing begins, appropriate technical and organizational security measures will be implemented.
  4. The processor guarantees that personal data is protected against unauthorized access, loss, or modification.
  5. Only authorized personnel, as per Article 37 of the Polish Personal Data Protection Act, may process personal data.
  6. All personnel processing personal data are bound by confidentiality agreements.
  7. Continuous monitoring of staff compliance with security requirements is ensured.

Contact for Data Protection Matters

For any inquiries or requests regarding your personal data, please contact our Data Protection Team at:
Email: info@mediatorsbeyondborders.org