Privacy Statement Movement On The Ground (MOTG)

Movement on the Ground (MOTG) processes personal data and uses cookies for this website. In this Privacy Statement, we inform you of the purposes for which personal data are processed and how you can exercise your privacy rights, and provide other information that could be important for you.

This Privacy Statement applies to all activities of MOTG, including the activities via the website. This Privacy Statement provides the most relevant information on each subject.

MOTG treats personal data with care and acts within the limits of the law, including the General Data Protection Regulation (GDPR) and the Dutch implementation act, “Uitvoeringswet algemene verordening gegevensbescherming” (Uavg).

Controller and accountability

MOTG is the controller of personal data and regards it as essential that the personal data of its employees, volunteers, donators and of refugees are handled and secured with the greatest possible care. We also want to be open about the way in which we process your data.

Whose personal data does MOTG collect?

In the processes referred to above, MOTG gathers data from different categories of data subjects. These are:

    A. (Job) applicants
    B. Employees
    C. Volunteers
    D. Refugees
    E. Liaisons
    F. Donators
    G. Website visitors
    H. Residents

Which personal data does MOTG collect?

Different personal data are gathered in each process. The most common data are:

    A. Name and last name
    B. Business contact details (business e–mail address, business phone number, etc.)
    C. Private contact details (e–mail address, phone number, etc.)
    D. Home address details (street, zip code, city, etc.)
    E. Curriculum Vitae (only when provided by you)
    F. Date of birth or age
    G. Employee registration number / personnel number
    H. Copy of passport
    I. Social Security Number / ID number (or any other government issued number)
    J. Marital status
    K. Salary details
    L. Financial data (bank account number, credit card data, bank statements, etc.)
    M. Analytics data (web analytics)
    N. Purchase information
    O. Location data (GPS tracking) MOTG gathers (personal) data directly from you, and where applicable, MOTG also receives personal data from third parties, in as far as this is in compliance with the law.
    P. Logging information (username, access records of information systems, IP address)

For which purposes does MOTG process your personal data?

MOTG uses your personal data that we gather for its (business) operations and for correct implementation of its statutory tasks and obligations.

The main purposes for which MOTG processes personal data are:

    A. Recruiting: Engaging and recruiting of new potential candidates and employees and volunteers
    B. Human Resources purposes (employee & volunteer management): this includes personnel management, performance reporting, retirement planning, e–learning initiatives, benefits, travel planning, expenses, payroll processing, et cetera.
    C. Conclusion and execution of agreements with volunteers, employees, donors suppliers and business partners: this purpose addresses the processing of personal data necessary to conclude and execute agreements with customers, suppliers and business partners and to record and financially settle delivered services, products and materials to and from our company.
    D. Relation engagement, relationship management and marketing: this purpose addresses activities such as maintaining and promoting contact with relations, donators, suppliers and business partners, account management, client service, recalls and the development, execution and analysis of market surveys and marketing strategies.
    E. Health, safety and security: this purpose addresses activities such as those involving occupational safety and health, the protection of company and employee assets, and the authentication of employee, customer, business partner and/or supplier status and access rights.
    F. (Organizational) analysis and development and management reporting: this purpose addresses activities such as conducting employee surveys, managing mergers, acquisitions and divestitures, and processing employee data for management reporting and analysis. Website & app analytics is also addressed by this purpose.
    G. Development and improvement of products and/or services: this purpose includes processing that is necessary for the development and improvement of our products and/or services, research and development.”
    H. Collecting gifts
    I. Providing information to (local) authorities: e.g. sending a weekly list of people who will enter the campus”

MOTG processes personal data via its website and app, such as personal data acquired via contact forms. All processing activities are recorded in a register of processing activities. This gives MOTG a complete and up-to-date overview of all processing activities.

Our legal bases for processing

Organisations need a lawful basis to collect and use personal data under data protection law. The law allows for six ways to process personal data (and additional ways for sensitive personal data). Four of these are relevant to the types of processing activities that MOTG carries out.

This includes information that is processed on the basis of:

    ● A person’s consent (e.g. to send you newsletters by e-mail);
    ● When it’s necessary for the performance of a contract (e.g. to process your data in case of a donation);
    ● When it’s necessary for compliance with a legal obligation (e.g. to process a gift aid declaration); and
    ● Our legitimate interests (please see below for more information).

Our legitimate interests include:

    ● Administration and operational management; including responding to solicited enquires, providing information and services, research, events management, the administration of volunteers and employment and recruitment requirements.
    ● Charity Governance; including delivery of our charitable purposes, statutory and financial reporting and other regulatory compliance purposes;
    ● Fundraising and Campaigning; including administering campaigns and donations, and sending direct marketing and thank you letters by post.

How does MOTG ensure confidential & secure handling of personal data?

MOTG treats personal data as confidential. MOTG takes appropriate technical and organisational measures to protect personal data. MOTG shares personal data only in accordance with this Privacy Statement and with third parties only if this is warranted and takes place with care.

MOTG uses appropriate security technology for optimal protection of your personal data against unauthorised access or unauthorised use. We report (attempts at) abuse. MOTG also takes organisational measures to protect personal data against unauthorised access.

Sharing data with third parties

On the instructions of MOTG, third parties may provide certain parts of the services for the execution of an agreement. MOTG enters into agreement with these processors in order to ensure that personal data are handled confidentially and with due care.

Your personal data will not be leased, sold or shared in an illegal way with third parties. MOTG may share your (personal) data with third parties if, for example, you have personally granted permission for this or if this is necessary to comply with a legal obligation.

MOTG provides personal data to enforcement authorities or fraud control organisations if this is necessary in order to comply with a statutory obligation.

The categories of third parties with which MOTG shares data are:

    A. Government agencies, such as the IRS and local Greek camp management
    B. Accountant
    C. Banks & Payment service providers
    D. Mail provider
    E. Hosting providers

Passing on your data outside the EU

In some cases, MOTG provides personal data to countries outside the EU. This takes place in the following situations when we make use of our mail & hosting providers. Appropriate measures have been taken to protect your personal data, such as certification of the third party via the EU-US Privacy Shield.

How long are my data stored?

MOTG stores your personal data in compliance with the GDPR. The data are not stored longer than is strictly necessary in order to realise the purposes for which the data are collected.

How can exercise your rights of access, correction and deletion?

Bear in mind that you may be required to provide a copy of an identity document in order to verify your identity. You can make a secure copy of your proof of identity quite simply with the government ‘Kopie Id’ app which you can download in the app store.

You also have the right to submit a complaint concerning the use of your data to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).

Cookies and clicking behaviour

General visitor data, such as the most commonly requested pages, are recorded on our website. The purpose of collecting this general information on visits to the website is to optimise the design of the website for you. MOTG uses different tools for the optimal functioning of the website and to improve its user-friendliness, and in order to retrieve active feedback from users.

Third party privacy policies

The MOTG website contains links to other websites that do not belong to MOTG. We cannot accept any responsibility concerning the way in which these parties treat personal data. We therefore advise you to always inform yourself of the privacy policy of these parties or to contact them for a more detailed explanation of their policies relating to the use of personal data.

Do you still have any specific questions or comments regarding our privacy statement after reading this information? Then please feel free to contact us. You contact us via [email protected]