Privacy Policy

Last updated: 2024-09-02

At Gatherise, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and safeguard your information when you use our petition platform. It also explains your rights under the General Data Protection Regulation (GDPR) and other applicable European data protection laws.

Who We Are

Gatherise is an online platform that enables citizens to create, sign, and support petitions.

Data Controller: Gatherise

Contact Email: privacy@gatherise.net

What Data We Collect

We collect only the data necessary to provide our services. This may include:

  • Account Information: Name, email address, password (encrypted).
  • Petition Activity: Petitions you create, sign, or share.
  • Communications: Messages you send to us (e.g. via email, forms or user panel).
  • Technical Data: IP address, browser type, device information, cookies, and usage statistics.
  • Optional Data: If you choose to provide additional information (such as profile details).

How We Use Your Data

Your data is used only for legitimate purposes, including:

  • To operate and improve the Gatherise platform.
  • To display your signature on petitions (your name may be visible).
  • To keep you informed about petitions you signed (e.g. updates or news).
  • To communicate with you about your account or platform changes.
  • To prevent fraud, abuse, and to ensure platform security.
  • To comply with legal obligations.
  • We do not sell your personal data.

Legal Basis for Processing

We process your personal data under the following lawful bases (GDPR Art. 6):

  • Consent – when you create an account or sign a petition.
  • Contract – to provide you with our services.
  • Legal obligation – to comply with EU or national laws.
  • Legitimate interest – to ensure security, prevent misuse, and improve our services.

How Long We Keep Your Data

We retain personal data only as long as necessary for the purposes outlined here:

  • Account data: stored until you delete your account.
  • Petition signatures: retained as part of the petition record, unless you request erasure.

Sharing Your Data

We may share your data only in these limited circumstances:

  • With service providers (e.g. hosting, email delivery) under strict data processing agreements.
  • If required by law or court order.
  • With media, only if you explicitly agree.
  • We do not transfer your data outside the European Economic Area (EEA) unless adequate safeguards are in place.

Your Rights under GDPR

As an EU resident, you have the following rights:

  • Right of Access – to know what data we hold about you.
  • Right to Rectification – to correct inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”) – to request deletion of your data.
  • Right to Restriction of Processing – to limit how we use your data.
  • Right to Data Portability – to receive your data in a portable format.
  • Right to Object – to object to processing based on legitimate interests.
  • Right to Withdraw Consent – where processing is based on consent.
  • To exercise your rights, contact us at: gatherise.net@gmail.com

 

 Cookies and Tracking

Gatherise uses cookies and similar technologies to:

  • Ensure platform functionality (essential cookies).
  • Analyse usage and improve services (analytics cookies).
  • You can manage cookies through your browser settings.

Data Security

We use technical and organizational measures to protect your personal data, including:

  • Encrypted connections (HTTPS).
  • Encrypted password storage.
  • Access controls and monitoring.
  • However, no system is 100% secure. We continuously work to improve security.

Changes to this Policy

We may update this Privacy Policy from time to time. If changes are significant, we will notify you by email or through the platform.

 Contact Us

If you have any questions or complaints about this Privacy Policy or how your data is handled, please contact us:

📧 gatherise.net@gmail.com

If you believe your rights under GDPR have been violated, you also have the right to lodge a complaint with your local Data Protection Authority (DPA).