Data Protection Policy
We value our relationship with you and want to explain how we process your personal data, which includes any information that could be used to identify you. This statement comprises our Data Protection Policy. It is in line with the European Union’s General Data Protection Regulation (GDPR) 2016, and with national legislation where applicable.
Who are we?
We are Independent Diplomat (ID). Our mission is to advise legitimate, marginalised governments and political groups about how to use diplomacy to secure their political goals peacefully and lawfully. We believe that our work leads to diplomatic agreements that are more sustainable over time and which contribute to peace and stability. ID is a registered charity in the UK and is a 501(c)(3) non-profit organisation in the USA.
What is covered?
ID holds a limited amount of personal data, mainly comprising contact details, which we use in the ordinary course of our operations and to support our mission. This Policy covers all ID’s personal data processing, including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (any and all of which we refer to as “processing”).
What is the legal basis for the processing?
ID processes personal data for the following reasons:
- If you are a diplomat, we collect and process your personal data in the furtherance of the mutual practice of diplomacy.
- If you are a journalist, we collect and process your personal data to communicate with you about the activities that we undertake in support of the practice of diplomacy.
- If you sign up to ID for periodic updates (including the Weekly View newsletter) or to one of the web-based platforms we manage, register for ID-sponsored events, or give us your business card, we collect and process your personal data to keep you informed and in furtherance of, and financial support for, our mission of advising and educating on the practice of diplomacy.
- If we have entered into a contractual relationship, we process your personal data as needed to fulfil our obligations under that contract.
ID processes personal data for these specific reasons. We consider this limited data processing to be within our legitimate interests to further our mission of advising legitimate, marginalised governments and political groups in the practice of diplomacy and to raise funds to support our not-for-profit activities. These are the only reasons that we will process your personal data. We do not sell, trade or otherwise exploit your personal data.
How do we protect your personal data?
We take the security of your personal data very seriously. We employ appropriate physical, technical, and administrative security and organisational measures to protect the personal data that we process from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. Our Website has a secure SSL certificate, which is a global standard security technology that enables encrypted communication between the web browser and the web server. The third parties with whom we work are also carefully selected to ensure they also have appropriate security measures in place.
How long will we keep your personal data?
We will only retain your personal data for as long as needed in order to fulfil the legitimate purposes set out in this Data Protection Policy or as required by law and thereafter will securely erase your personal data.
You enjoy important rights under the GDPR in respect of the personal data that we process. These include the rights to:
- Transparent information about the processing of your personal data.
- Access your personal data.
- Review your personal data and rectify any errors.
- Limit or stop the processing of the data.
- Have the data erased.
Should you wish to exercise any of your rights, please email us anytime at firstname.lastname@example.org letting us know what you would like us to do.
Another easy option is to simply press the “unsubscribe” button at the foot of the newsletters and communications you may receive from us or from any of the platforms that we manage.
International Data Transfers
ID implements the same safeguards to protect your data in all its locations. We have staff in the United States, United Kingdom, Belgium, and Switzerland. This means that your personal data may be transferred to and from these jurisdictions to be processed by ID. ID provides adequate safeguards in line with this Policy and the GDPR to protect your data wherever it is processed. Furthermore, we only allow third parties to process your personal data on our behalf that are located in the EEA or a jurisdiction with an adequacy finding from the European Commission.
Limited basis for disclosure of Data
We will never share your personal data with any third party without your consent, except in the following circumstances:
- As set out in this Policy, including the use of third party organisations to process data on our behalf.
- When we are required to do so by law, for example, in response to a subpoena, in response to a court order or other legal obligation, or in response to a valid request from a law enforcement agency.
- To protect the security or confidentiality of our records and systems.
- In special cases when we have reason to believe that disclosing this information is necessary to identify, contact, or bring legal action against someone who may be causing injury to or interference with our legal rights.
Use of Third Party Data Processors
You should be aware that we employ several third-party organizations to process personal data on our behalf. These third-party data processors are obligated to provide adequate protection in line with this Policy over the personal data they process on our behalf.
Web-based Platforms Managed by ID
ID also manages web-based platforms in order to complement the diplomatic advisory services it provides. These vary over time. ID implements the same safeguards to protect your data in all its locations and across all the platforms it manages.
Fundraising and Donations
Any personal data you submit when making a donation through the “Donate” section of the Website will be used by iATS Payments to process your transaction. iATS Payments will provide us with certain personal data about you (including your name, billing address, email address, donation amount, and the reason for the donation if applicable, but not your credit card number), and we will use this information to produce and send to you an acknowledgement letter and for our internal records. Please note that if you make a donation anonymously, iATS Payments will still share your name and other personal data with us for our own internal records – we will not include your name in our publications.
We also process personal data when you make a donation via personal check or through another party (such as a Donor Advised Fund or Trust), which will be used to produce and send an acknowledgement letter and for our internal records.
Job and Internship Applications
Any personal data you submit when applying for jobs or internships at ID will be used solely for recruitment purposes (including for identifying job applicants, evaluating applications, making hiring and employment decisions, processing internship applications, and contacting you by phone or in writing). We will keep this data no longer than is necessary for these processes to be completed unless required by law to do otherwise. Thereafter, it will be securely erased.
Changes to our Data Protection Policy
We urge you to review this Data Protection Policy regularly on ID’s website as we may need to update it and our website will be kept current with any changes.
This Policy was last revised on 31 August 2018.