Privacy Policy of Code Club Luxembourg

Introduction

Code Club Luxembourg (“we”, “our”, “us”) commits to protecting the privacy of our members, volunteers, and anyone whose personal data we process. We collect your personal data to ensure the management and administration of our workshops and events, to communicate with you about our activities, track participation, and improve our services and offers. This privacy policy explains how we collect, use, disclose, and protect your personal data.

Definitions

• Personal data: It refers to any information relating to an individual who can be identified directly or indirectly. This can include items such as the name, surname, email address, phone number, or other information you might provide when registering for our workshops or events.
• Processing: It is any operation or set of operations performed on personal data. This includes, but is not limited to, collection, recording, organization, structuring, storage, use, viewing, and deletion of this data.
• Data controller: It’s the entity that determines how and why personal data is processed. In the context of this policy, the data controller is Code Club Luxembourg.

Scope of the Policy

This Policy pertains to everyone whose data Code Club Luxembourg processes, including but not limited to our members, volunteers, parents or guardians of minors, event participants, and our website visitors.
Please note that this policy does not apply to legal entities, only to individuals.

Types of Data Collected

We may collect and process the following information:

• Name and surname
• Email address
• Phone number
• Information about the workshops you attended or led
• Other data you might provide through forms, and any other relevant information we might require.

When minors participate in our workshops, we may also gather pertinent information about their participation, with the consent of parents or legal guardians.

When and How Do We Collect Your Data?

Direct Collection: Most of the time, we obtain your personal data directly from you. You might provide us with information in various contexts, such as:

• When you register as a member or volunteer.
• When you sign up for a workshop or event we organize.
• When you fill out forms we provide, online or in paper.
• When you contact us through the different communication means we offer (e.g., email, phone).

Collection via Third Parties: We may obtain information about you via third parties, especially for minors who register for our workshops when data is provided by their parents or legal guardians.

External Sources: Although less common, we might gather information about you from partners or associated organizations, especially if you’ve participated in joint events or programs.

We commit to using this data only for the purposes for which it was collected and to guarantee its safety and confidentiality.

Obligation to Provide Data

When engaging with Code Club Luxembourg, some information may be necessary for ensuring safety, smooth functioning of activities, and appropriate communication. Here are some situations where we might need your data:

1. Registration for a workshop or activity: To ensure safety and organization, we might need data like name, age, and contact details for each participant. We may also need contact details of a parent or guardian for minor participants.
2. Becoming a volunteer or member: For those wishing to contribute as volunteers or become members, additional information might be needed for coordination and safety reasons.
3. Subscription to newsletters or updates: To receive regular updates from us, a valid email address would be required.

It’s important to highlight that the provision of personal data is typically voluntary. However, in some situations, not providing necessary information might limit your ability to participate in certain activities or receive certain services.

Legal Bases for Data Processing

Every personal data processing action we undertake is based on a specific legal ground in accordance with the GDPR:

1. Consent: When you voluntarily register for our workshops, events, or our newsletter, we process your data based on your explicit consent. This consent is free, informed, and can be withdrawn at any time.
2. Contract Execution: If you are a member, a volunteer, or a partner, we might process your data in the context of contract execution. For instance, this could apply when you commit to leading a workshop or providing a service.
3. Legitimate Interest: We process some data for our legitimate interests, like improving our services, ensuring our workshops’ and events’ safety, or for administrative needs. We always strive to balance our interests with your rights and freedoms.

Use of Data

Your data is used to:

• Ensure the management and administration of our workshops and events.
• Communicate with you about our activities.
• Track participation.
• Improve our services and offers.

Data Sharing

We don’t share your data with third parties for commercial reasons. However, we might collaborate with partners or service providers who have access to your data to provide specific services on our behalf (e.g., website hosting). These partners are bound to process your data confidentially and securely.

International Data Transfers

Our main data processing activities take place within the European Economic Area (EEA). However, some of our cloud service providers might store data outside the EEA. In such cases, we rely on these providers’ GDPR compliance statements to ensure that your data receives adequate protection.

We do not intend to actively transfer your data outside the EEA, except when using these specific services. We commit to monitoring the situation and reviewing our practices if necessary to ensure your data’s protection.

Data Retention Period

We commit not to keep your personal data longer than necessary for the purposes for which it was collected. The retention period varies according to the nature of the data and the reason it was collected: • Data related to workshop participation: This information is kept for the duration of the workshop, then an additional 6 to 12 months to manage any administrative and follow-up tasks. • Contact or member information: This data is retained as long as you are an active member of Code Club Luxembourg. After that, we might keep your information for an additional 1 to 2 years for reasons related to your membership, unless otherwise indicated by you. • Accounting or tax data: In accordance with Luxembourg law, this data is retained for a period of 10 years.

Please note that we regularly review our retention policies to ensure they remain compliant with current regulations and our operational needs.

Your Rights

In accordance with the GDPR, you have the right to access your data, correct it, request its deletion, limit its processing, and object to its processing. You can exercise these rights by contacting us at dataprotection@codeclub.lu.

We commit to responding to your requests within the timeframes set by the GDPR, typically within one month from the receipt of the request, unless exceptions apply. If, for any reason, we cannot respond to your request within this timeframe, we will inform you of the reasons for the delay.

Security

Regardless of the size of our organization, your data’s security is a priority. We take proactive steps to protect your information: • Secure storage: We store electronic information in secure environments, protected by passwords with limited access. • Training: Our volunteers and employees are educated about data confidentiality importance and are trained to handle personal data safely. • Regular updates: We ensure the software and applications we use are regularly updated to benefit from the latest security patches. • Limited access: Only authorized personnel have access to personal data, and this access is restricted based on necessity. • Third-party review: If we use third-party providers, like Google Workspace, we rely on their reputation and commitment to data protection.

We are committed to ensuring your data’s protection and confidentiality with the seriousness and attention it requires.

Use of Our Website

Cookies and similar technologies: Our site mainly uses cookies for functional reasons, especially to allow our team to stay connected to the administrative section. These cookies do not collect personal information about you and are not used for marketing or tracking purposes. If you want to learn more about cookies and how to manage them, we invite you to check your browser settings.

Links to other sites: Our site may contain links to other external websites. Please note that we are not responsible for the privacy policies of these third-party sites. We encourage you to read the privacy policies of each site you visit. Our privacy policy only applies to information collected by our website.

Updates to This Policy

We reserve the right to occasionally update this privacy policy to reflect legal, technological, or organizational changes. In the event of major changes affecting how we process your personal data or your rights as a user, we will actively inform you, either by notification on our website or by email, whichever is more appropriate. We encourage you to regularly review this policy to stay informed about how we protect your data.

Data Protection Contact Point

If you have questions or concerns about this privacy policy or the processing of your personal data by Code Club Luxembourg, please send your requests to our official data protection contact point at the following address: dataprotection@codeclub.lu.

Who to Contact in Case of Conflict?

In case of concerns about the processing of your personal data by Code Club Luxembourg, please contact us first. If you are not satisfied with our response or believe your concerns haven’t been resolved, you have the right to file a complaint with the Data Protection Authority at the following address:

National Commission for Data Protection
Complaints Service
1 Avenue du Rock’n Roll
L-4361 Esch-Sur-Alzette
Phone: +352 26 10 60-1
Email: info@cnpd.lu

Date of the last modification of this policy.