Europe (GDPR) Privacy Policy

Europe (GDPR) Data Privacy Policy as of December 2, 2021

Data Controller’s Contact Information

PILnet is a US-based (501(c)(3)) nonprofit organization (EIM: 20-5087783) with affiliated entities in Budapest (Hungary) and Hong Kong SAR (China).

  • Principal officer: Ms. Leila Saad, Executive Director 
  • Main address: 199 Water Street, 11th Floor, New York, NY, 10038, United States
  • Phone: Tel: +1-212-803-5380
  • Fax: +1-212-803-5381 
  • Email address (data protection matters): [email protected]

Principles of Data Processing 

This privacy policy relates to the handling of personal data by PILnet and its affiliated entities (“PILnet affiliates”).

PILnet is committed to processing your personal data based on the internationally recognized principles of lawfulness, fairness, and transparency. We collect personal data only for specific, explicit, and legitimate purposes. We process your personal data:

  • Where we have your consent; 
  • In connection with our legitimate interests and where your interests and fundamental rights do not override those interests; 
  • Where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract; and 
  • In order to comply with a legal obligation to which we are subject.

PILnet follows the principles of data minimization and accuracy while processing your personal data. Our organization implements data protection measures required by regulators primarily in the United States and European Union (EU) and European Economic Area (EEA) Member States, but pays equal attention to the development of privacy regulations in other countries. Privacy is a global concern and PILnet as a public interest organization pays special attention to this topic while executing projects and conducting its operations globally. We process personal data in a manner that ensures an appropriate level of data integrity and confidentiality. We as a data controller fulfill our obligation to be accountable for data processing activities as outlined by relevant national and supranational laws and guidelines. 

Terms Used in This Policy 

“Personal data” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. 

“Processing” means any operation or set of operations, which are performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction. 

“Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by EU or Member State law, the controller or the specific criteria for its nomination may be provided for by EU or Member State law. 

“Processor” means a natural or legal person, public authority, agency, or other body, which processes personal data on behalf of the controller. 

“Consent” of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. 

Role of PILnet

PILnet is the controller with respect to your personal data.

Purpose and Legal Basis for Personal Data Processing 

PILnet’s database contains personal data that has been submitted by individuals from around the world through an online platform operated by *Mailchimp. In case we receive your name card during a personal contact, or you write us an email or phone us by expressing your interest to be informed regularly about PILnet’s activities, we add your data to PILnet’s global pro bono database that offers targeted services for you.

PILnet’s and your interest is to stay in touch by:

  • Engaging in pro bono activities and providing content to the global legal community;
  • Sending you pro bono newsletters;
  • Inviting you to events, conferences, and trainings locally and globally; 
  • Informing you about pro bono fundraising opportunities; and
  • Offering you pro bono opportunities worldwide.

You may withdraw (unsubscribe) anytime from the global pro bono database by sending an email to [email protected], or by using the unsubscribe option posted at the bottom of PILnet’s online media releases.

*Contact information to engaged online service provider: 

Mailchimp
Attn: Privacy Officer
675 Ponce de Leon Ave NE, Suite 5000
Atlanta, GA 30308
United States

[email protected]

If you have any questions about this privacy policy or our privacy practices, please contact our data privacy manager in the following ways:

Full name of legal entity: PILnet Foundation 

Email address: [email protected]

Postal address: 1055 Budapest, Honvéd utca 22/A. 2/1

You have the right to make a complaint at any time to the Hungarian National Authority for Data Protection and Freedom of Information (HNA), the Hungarian supervisory authority for data protection issues (www.naih.hu).

We would, however, appreciate the chance to deal with your concerns before you approach the HNA, so please contact us in the first instance.

Recipients of PILnet’s Communication

PILnet generates content primarily for the global legal community that includes mainly but not exclusively legal experts, lawyers, law school and public policy educators, bar and law society officials, lawmakers, legal fellows, etc. Equally, PILnet targets primarily but not exclusively the recipients of pro bono and public interest services like representatives of local and international NGOs, grassroots community activists and groups, social entrepreneurs, and enterprises.

Data Transfers to Third Countries 

PILnet processes data in the United States and may occasionally do so by way of its offices in Budapest (Hungary) and Hong Kong SAR. PILnet’s main administrative office is based in the US and that is where it processes personal information collected through its website. When you provide personal information to PILnet, PILnet requests your consent to transfer that personal information to the US. The US does not have an adequacy decision from the European Commission, which means that the Commission has not determined that the laws of the US provide adequate protection for personal information. Although the laws of the US do not provide legal protection that is equivalent to EU data protection laws, PILnet safeguards your personal information by treating it in accordance with this GDPR Privacy Notice. PILnet takes appropriate steps to protect your privacy and implement reasonable security measures to protect your personal information in storage. PILnet uses secure transmission methods to collect personal data through its website. PILnet also enters into contracts with its data processors that require them to treat personal information in a manner that is consistent with this Notice while processing personal data PILnet strictly abides by US and EU law.

Period for Storing/Processing Your Personal Data 

The data you submitted to PILnet’s Global Pro Bono Database will be processed for 3 years starting at the time of your latest demonstrated activity. After a period of inactivity, your contact data will be deleted from PILnet’s database. You may withdraw (unsubscribe) anytime from the global pro bono database by sending an email to [email protected], or by using the unsubscribe option posted in the issues of PILnet’s online media releases. 

Profiling 

According to the EU’s regulation, profiling refers to any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. PILnet does not profile members in its Global Pro Bono Database without prior consent.

Your Rights Based on This Policy 

The right to be informed: you can approach PILnet and ask what personal data is collected about you, how it has been used, how long it will be kept, and whether it will be shared with any third parties. 

You have the right to ask PILnet for access to your personal data. 

You have the right to rectify data on yourself in case you discover that the information PILnet holds on you is inaccurate or incomplete. Your request will be executed within 30 days. 

You have the right to ask PILnet to erase your personal data in certain circumstances, such as when the data is no longer necessary, is unlawfully processed, or no longer meets the lawful basis for which it was collected. 

You also have the right to request that PILnet limit the way we use your personal data. 

You have the right to data portability as permitted to obtain and reuse personal data for your own purposes across different services. This right applies only to personal data that you provided to PILnet by a contract or based on a consent. 

You have the right to object to the processing of your personal data. 

Citizens or residents of countries other than an EEA Member State: Please seek information about your privacy rights and remedies available for you at your national data protection authority. 

If you find that your privacy/data protection rights have been violated by PILnet’s current data protection practices, you may turn to us for immediate response and remedy. PILnet investigates your request and responds to you within 30 days. If you are not satisfied with our response, you may turn to your Data Protection/Consumer Protection Authority for advice and/or complaint.

US Privacy Policy

US Data Privacy Policy as of December 2, 2021

Data Controller’s Contact Information

PILnet is a US-based (501(c)(3)) nonprofit organization (EIM: 20-5087783) with affiliated entities in Budapest (Hungary) and Hong Kong SAR (China). 

  • Principal officer: Ms. Leila Saad, Executive Director
  • Main address: 199 Water Street, 11th Floor, New York, NY, 10038, United States
  • Phone: +1-212-803-5380
  • Fax: +1-212-803-5381 
  • Email address (data protection matters): [email protected]

Principles of Data Processing 

This privacy policy relates to the handling of personal data by PILnet and its affiliated entities (“PILnet affiliates”).

PILnet is committed to processing your personal data based on the internationally recognized principles of lawfulness, fairness, and transparency. We collect personal data only for specific, explicit, and legitimate purposes. We process your personal data: 

  • Where we have your consent; 
  • In connection with our legitimate interests and where your interests and fundamental rights do not override those interests; 
  • Where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract; and
  • In order to comply with a legal obligation to which we are subject.

PILnet follows the principles of data minimization and accuracy while processing your personal data. Our organization implements data protection measures required by regulators primarily in the United States and European Union (EU) and European Economic Area (EEA) Member States, but pays equal attention to the development of privacy regulations in other countries. Privacy is a global concern and PILnet as a public interest organization pays special attention to this topic while executing projects and conducting its operations globally. We process personal data in a manner that ensures an appropriate level of data integrity and confidentiality. We as a data controller fulfill our obligation to be accountable for data processing activities as outlined by relevant national and supranational laws and guidelines. 

Terms Used in This Policy 

“Personal data” means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. 

“Processing” means any operation or set of operations, which are performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction. 

“Controller” means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by EU or Member State law, the controller or the specific criteria for its nomination may be provided for by EU or Member State law. 

“Processor” means a natural or legal person, public authority, agency, or other body, which processes personal data on behalf of the controller. 

“Consent” of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her. 

Role of PILnet

PILnet is the controller with respect to your personal data.

Purpose and Legal Basis for Personal Data Processing 

PILnet’s database contains personal data that has been submitted by individuals from around the world through an online platform operated by *Mailchimp. In case we receive your name card during a personal contact, or you write us an email or phone us by expressing your interest to be informed regularly about PILnet’s activities, we add your data to PILnet’s global pro bono database that offers targeted services for you.

 PILnet’s and your interest is to stay in touch by:

  • Engaging in pro bono activities and providing content to the global legal community;
  • Sending you pro bono newsletters;
  • Inviting you to events, conferences, and trainings locally and globally; 
  • Informing you about pro bono fundraising opportunities; and
  • Offering you pro bono opportunities worldwide.

You may withdraw (unsubscribe) anytime from the global pro bono database by sending an email to [email protected], or by using the unsubscribe option posted at the bottom of PILnet’s online media releases.

*Contact information of engaged online service provider: 

Mailchimp
Attn: Privacy Officer
675 Ponce de Leon Ave NE, Suite 5000
Atlanta, GA 30308
United States

[email protected]

 If you have any questions about this privacy policy or our privacy practices, please contact our data privacy manager by emailing [email protected].

Recipients of PILnet’s Communication 

PILnet generates content primarily for the global legal community that includes mainly but not exclusively legal experts, lawyers, law school and public policy educators, bar and law society officials, lawmakers, legal fellows, etc. Equally, PILnet targets primarily but not exclusively the recipients of pro bono and public interest services like representatives of local and international NGOs, grassroots community activists and groups, social entrepreneurs, and enterprises. 

Data Transfers to Third Countries 

PILnet processes data in the United States and may occasionally do so by way of its offices in Budapest (Hungary) and Hong Kong SAR. PILnet is voluntarily committed to following stricter standards by abiding by the requirements of the EU’s GDPR.

Period for Storing/Processing Your Personal Data 

The data you submitted to PILnet’s Global Pro Bono Database will be processed for 3 years starting at the time of your latest demonstrated activity. After a period of inactivity, your contact data will be deleted from PILnet’s database. You may withdraw (unsubscribe) anytime from the global pro bono database by sending an email to [email protected], or by using the unsubscribe option posted at the bottom of PILnet’s online media releases.

Profiling 

According to the EU’s regulation, profiling refers to any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. PILnet does not profile members in its Global Pro Bono Database without prior consent. 

Your Rights Based on This Policy 

The right to be informed: you can approach PILnet and ask what personal data is collected about you, how it has been used, how long it will be kept, and whether it will be shared with any third parties. 

You have the right to ask PILnet for access to your personal data. 

You have the right to rectify data on yourself in case you discover that the information PILnet holds on you is inaccurate or incomplete. Your request will be executed within 30 days. 

You have the right to ask PILnet to erase your personal data in certain circumstances, such as when the data is no longer necessary, is unlawfully processed, or no longer meets the lawful basis for which it was collected. 

You also have the right to request that PILnet limit the way we use your personal data. 

You have the right to data portability as permitted to obtain and reuse personal data for your own purposes across different services. This right applies only to personal data that you provided to PILnet by a contract or based on a consent. 

You have the right to object to the processing of your personal data that is collected on the basis of legitimate interests or the performance of a task in the interest/exercise of official authority. 

Information on Data Protection Authorities and Available Legal Remedies 

Contact for US citizens to the Federal Trade Commission:
US Department of Commerce
EU-US Privacy Shield
1401 Constitution Avenue, NW, Room 20001
Washington, DC 20230
United States

https://www.ftc.gov/news-events/media-resources/identity-theft-and-data-security/filing-complaint 

Contact for EU citizens to national data protection authorities:

http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080 

Citizens of other countries:

Please seek information about your privacy rights and remedies available for you at your national data protection authority. 

If you find that your privacy/data protection rights have been violated by PILnet’s current data protection practices, you may turn to us for immediate response and remedy. PILnet investigates your request and responds to you within 30 days. If you are not satisfied with our response, you may turn to your Data Protection/Consumer Protection Authority for advice and/or complaint.