Privacy Policy

1. General Information

This Privacy Policy explains how The Rights Without Borders Association, headquartered in Bucharest, Romania ("we", "our", or "the Association"), collects, stores, and processes personal data in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the General Data Protection Regulation – GDPR).

By using our website https://www.withoutborders.ro/, you agree to the terms described in this document. If you do not agree with these terms, please do not use our website or provide us with personal data.

2. Identity and Contact Details

3. Categories of Personal Data We Collect

Depending on your interaction with our organization or website, we may collect and process the following types of personal data:

• Full name
• Email address
• Physical address
• Phone number
• Financial data (for donations): bank account number, transaction details, cardholder's name
• Images or photographs (if provided voluntarily or taken during public events)
• Other information you voluntarily provide through our online forms, applications, or correspondence.

We do not intentionally collect or process data of individuals under 18 years of age without parental consent.

4. Methods of Data Collection

We collect data in the following ways:

• When you fill out forms on our website or contact us via email;
• When you make a donation or register as a member, volunteer, or supporter;
• When you participate in events or campaigns organized by the Association;
• Automatically, through cookies and similar technologies, when you browse our website (see section 9 below).

5. Purpose and Legal Basis for Processing

We process personal data for the following legitimate purposes:

• Managing your registration, participation, or membership in the Association;
• Processing donations and issuing receipts or acknowledgments;
• Communicating updates, news, and project information;
• Complying with our legal obligations as a non-profit entity;
• Maintaining website functionality and improving user experience;
• Protecting our legitimate interests, such as preventing fraud and ensuring data security.

The legal bases for processing your data include:

• Your consent (Art. 6 (1) (a) GDPR);
• Performance of a contract or membership relationship (Art. 6 (1) (b) GDPR);
• Legal obligations (Art. 6 (1) (c) GDPR);
• Legitimate interests (Art. 6 (1) (f) GDPR).

6. Data Retention

Your personal data will be retained only for as long as necessary to fulfill the purposes for which it was collected or to comply with legal obligations.

In general:

• Member and donor data are retained during the membership/donation period and for the minimum time required by Romanian law;
• Data used for newsletters or communication will be stored until you unsubscribe or withdraw your consent.

7. Disclosure of Personal Data

We do not sell, rent, or trade your personal information.

Your data may be shared only with:

• Authorized employees and internal collaborators of the Association;
• Payment processors or banking institutions (for donations);
• Legal authorities or regulatory bodies, when required by law;
• Service providers (e.g., hosting providers, email services), strictly under data processing agreements compliant with GDPR.

Currently, our website is in development and does not yet have an active hosting provider. Once a hosting provider is chosen, its identity and data protection practices will be updated in this policy.

8. Data Subject Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of access: to request information about how your data is processed;
• Right to rectification: to request correction of inaccurate data;
• Right to erasure ("right to be forgotten"): to request deletion of your personal data;
• Right to restriction of processing: to limit how we use your data;
• Right to data portability: to receive your data in a structured format;
• Right to object: to oppose data processing based on legitimate interest or for direct marketing;
• Right to file a complaint: with the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP).

To exercise any of these rights, please contact us at: contact@withoutborders.ro.

We may ask for additional information to confirm your identity before responding to your request.

9. Cookies and Tracking Technologies

Our website uses cookies to enhance your browsing experience, analyze traffic, and improve services.

Cookies may collect anonymous data such as IP address, browser type, and navigation behavior.

You can manage or disable cookies through your browser settings.

For more details about how cookies are used and how you can manage them, please refer to our separate Cookies Policy.

10. Data Security

We apply appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

Data transmission is (or will be) secured through encryption protocols once our hosting is established. However, as no method of transmission over the Internet is 100% secure, we cannot fully guarantee the absolute security of information sent to us.

Any data shared with us is done at your own risk, but we will take all reasonable measures to safeguard it once received.

11. Policy Updates

We may update this Privacy Policy periodically to ensure compliance with legal or organizational changes.

If we make significant changes, we will notify you by email (if possible) or through an announcement on our website.

Whenever required, we will seek your prior consent for new purposes of data use.

12. Agreement

This document represents the full agreement between the user and The Rights Without Borders Association regarding the use of this website and the processing of personal data.

13. Governing Law

This Privacy Policy, along with the use of our website, is governed by Romanian law.

Any dispute arising from or in connection with this Policy shall fall under the jurisdiction of the competent Romanian courts.