As of June 29 2021
1. Data Protection principles
a. Lansen Systems is committed to processing data in accordance with its responsibilities, including under the EU General Data Protection Regulation (GDPR).
a. This policy applies to all personal data, set out in section 4 below, processed by Lansen Systems.
b. This policy shall be reviewed at least annually.
How we protect personal information
a. Lansen Systems understands that storing data in a secure manner is essential.
b. Lansen Systems stores personal data using reasonable physical, technical and administrative
safeguards to secure data against foreseeable risks, such as unauthorised use,
access, disclosure, destruction or modification.
c. Access to personal data shall be limited to internal Lansen Systems personnel.
d. Although we make good faith efforts to store information we collect securely, we
cannot guarantee the integrity and security of our network and systems, nor that our security measures will prevent third-party hackers from illegally obtaining this information.
ii. Email address(es);
iii. Postal address;
iv. Telephone number(s);
v. Job title; and
5. Personal information: Data collection
a. Lansen Systems may collect information from different sources, including:
i. Information provided directly to us when a person subscribes to our mailings;
ii. Details provided off-line (e.g. business cards). Such details will only be used
for the purpose for which they have been provided;
iii. Non-identifying information, such as statistics on website usage and content
iv. Non-identifying information on the use of our mailings, such as opened emails
and clicked-through links;
6. Personal information: Data processing
a. We may use information collected to enable us to create mailing lists to send campaigning and marketing material, including:
i. Newsletter containing press releases and articles on Lansen Systems’s work;
ii. Press releases;
iii. Open and private letters including specific advocacy calls promoting the aims
and objectives of Lansen Systems;
iv. Event invitations; and
v. Fundraising appeals.
7. Your rights
a. Any person has the right to opt out of receiving marketing communications through this link or the link at the bottom of each of our mailings. We will then delete the associated personal information promptly.
b. Any person has the right to access their personal data and any such requests made to Lansen Systems shall be dealt with in a timely manner.
c. If any person wishes to raise a complaint on how we have handled their personal information, they can contact us and we will investigate the matter and respond promptly.
8. Lawful, fair and transparent processing
a. To ensure its processing of data is lawful, fair and transparent, Lansen Systems shall maintain a Register of Systems.
b. The Register of Systems shall be reviewed at least annually.
9. Lawful purposes
a. All data stored and processed by Lansen Systems are done so on one of the following lawful bases:
iii. legal obligation;
iv. vital interests;
v. public task; or
vi. legitimate interests.
b. Lansen Systems will seek consent to store and process personal data through periodic emails, the first of which was sent on 25 May 2018.
c. When information is received by Lansen Systems after 25 May 2018 pursuant to section 5 above, Lansen Systems will seek consent to store and process personal data via email.
10. Lawful purposes: Legitimate Interest
a. Lansen Systems’s legitimate interest is to promote and protect human rights by supporting human rights defenders, strengthening international human rights systems, and leading and participating in coalitions for human rights change for the previous.
b. Lansen Systems considers that in respect of the following categories it is within the legitimate interest of Lansen Systems or those in the following categories to store and process their data:
i. United Nations experts;
ii. Regional human rights experts;
iii. Government representatives;
iv. Civil society representatives and human rights defenders; and
v. Media representatives.
c. Lansen Systems shall note the appropriate lawful basis corresponding to the data in the Register of Systems.
11. Data minimisation
i. Lansen Systems shall ensure that personal data stored and processed by Lansen Systems are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
a. Lansen Systems shall take reasonable steps to ensure personal data is accurate.
b. Steps shall be put in place to ensure that personal data is kept up to date.
13. Archiving / removal
a. To ensure that personal data is kept for no longer than necessary, Lansen Systems shall review data it stores annually, at the time this Policy is reviewed.
b. When personal data is deleted this should be done safely such that the data is irrecoverable.
a. In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, Lansen Systems shall promptly assess the risk to people’s rights and freedoms.
Contacting us about privacy concerns