1. Data Controller

The data controller is:

Keshet Europe ETS
Lungotevere di Pietra Papa, 159
00146 Rome (Roma)
Italy

Email: privacy@kesheteurope.org

2. What Personal Data We May Collet

Depending on how you interact with us, we may collect the following categories of personal data:

• Technical and usage data

  When you visit the website, we may process technical information such as browser type, device information, approximate location derived from IP, pages visited, referral source, and general website interaction data necessary for security, performance, and website analytics.

  
  

• Information you provide directly

  We may collect personal data that you choose to provide to us, including:

  • name and surname;

  • email address;

  • phone number, if provided;

  • city, country, or organisation, if provided;

  • the content of your message or request;

  • information you submit when contacting us, joining our network, subscribing, applying for opportunities, registering for events, or requesting support.
    
    

• Membership and Participation Data

  If you apply to become a member, participate in programs, register for events, or engage with Keshet Europe activities, we may process information necessary to manage your application, participation, eligibility, communications, and organisational records.

  
  

• Communication Data

  If you email us or otherwise communicate with us, we may keep a record of that correspondence and any related follow-up.

• Special-Category Data

  Given the nature of Keshet Europe’s mission and community activities, information you choose to share with us may, in some cases, reveal special-category personal data under GDPR, including data revealing religious or philosophical beliefs or sexual orientation. We do not intentionally request more of this type of data than is necessary for the relevant purpose.

3. How We Use Personal Data and our Legal Bases

We process personal data only where we have a valid legal basis under applicable data protection law.

• To Operate, Secure, and Improve the Website

  We process technical and usage data to keep the website functional, secure, accessible, and performant, and to understand overall website use.
  Legal basis: our legitimate interests in operating and protecting the website and improving its content and performance.

  
  

• To Respond to Enquiries and Requests

  We process contact details and message content to reply to questions, handle requests, and continue conversations initiated by you.

  Legal basis: steps taken at your request before entering into a relationship or arrangement with us, and/or our legitimate interests in managing communications.

  
  

• To Manage Membership, Participation, and Organisational Activity

  We process relevant information to review applications, manage memberships, organise events or programs, communicate with participants, and administer our community and governance activities.
  Legal basis: performance of a contract or steps taken at your request before entering into a contract; our legitimate interests in administering our activities; and, where applicable, compliance with legal obligations.

  
  

• To Send Newsletters and Updates

  If you subscribe to our newsletter or similar updates, we process your contact details to send you communications you requested.

  Legal basis: your consent. You may unsubscribe at any time using the unsubscribe option in the message or by contacting us.

• To Comply with Legal Obligations and Protect our Rights

  We may process personal data where necessary to comply with legal, regulatory, accounting, tax, governance, or safeguarding obligations, or to establish, exercise, or defend legal claims.

  Legal basis: compliance with a legal obligation and/or our legitimate interests.

• Special-Category Data

  Where special-category data are involved, we will process them only where a valid condition under Article 9 GDPR applies, such as your explicit consent or another condition permitted by applicable law.

4. Source of Personal Data

We generally collect personal data:

• directly from you, when you browse the website, contact us, email us, sign up, apply, or register;

• from forms or tools used on our behalf in connection with the website;

• in limited cases, from organisational partners or event-related contacts where this is necessary and lawful.

5. Website Analytics and Linked Forms

The website uses Framer Analytics for privacy-friendly measurement of website traffic and performance. According to Framer, Framer Analytics does not use cookies and does not generate persistent identifiers.

The website also currently includes calls to action that link to forms hosted on external Typeform pages. When you use those forms, we receive the information you choose to submit for the relevant purpose. Depending on the context, the external provider may also display its own notices or terms.

For more information about cookies and similar technologies used on the website itself, please see our Cookie Policy.

6. ⁠Who We May Share Personal Data With

We may share personal data, where necessary, with:

• website hosting and infrastructure providers;

• analytics and technical service providers used to operate the website;

• service providers that help us manage communications, forms, registrations, events, or administration;

• professional advisers, such as legal, accounting, or compliance advisers, where necessary;

• competent authorities, courts, regulators, or other third parties where disclosure is required by law or necessary to protect our rights.

We do not share personal data more broadly than is necessary for the purposes described in this Privacy Policy.

7. ⁠International Data Transfers

Some service providers we use may process personal data outside the European Economic Area, the United Kingdom, or Switzerland.

Where this happens, we will take appropriate steps to ensure that personal data is protected in accordance with applicable data protection law, including by relying on adequacy decisions or appropriate safeguards such as standard contractual clauses, where required.

8. ⁠How Long We Leep Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, reporting, governance, or dispute-resolution requirements.

In general:

• technical and analytics-related data is kept only for as long as reasonably necessary for security, performance, and aggregated measurement purposes;

• enquiry and contact data is kept for as long as needed to handle the request and for a reasonable follow-up period;

• newsletter data is kept until you unsubscribe or until we decide to stop the relevant communications;

• membership, participation, and organisational records are kept for the duration of the relevant relationship and afterward for as long as necessary to meet governance, legal, accounting, or limitation-period requirements;

• special-category data, where processed, is retained only for as long as strictly necessary for the relevant lawful purpose.

9. ⁠Data security

We take appropriate technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or unauthorised access, taking into account the nature of the data and the risks involved. GDPR requires controllers and processors to implement security measures appropriate to the risk.

10. ⁠⁠External Links & Third-Party Services

Our website may contain links to third-party websites, platforms, or services. This Privacy Policy does not apply to those third-party services except where we explicitly state otherwise.

If you leave our website or use an external service linked from it, you should review the privacy information provided by that third party.

11. ⁠⁠Automated Decision-Making

We do not currently use personal data collected through the website for solely automated decision-making that produces legal effects or similarly significant effects on individuals.

12. ⁠⁠Your Data Protection Rights

Subject to applicable law, you have the right to:

• request access to your personal data;

• request rectification of inaccurate or incomplete data;

• request erasure of your personal data;

• request restriction of processing;

• object to processing carried out on the basis of legitimate interests;

• receive personal data you provided to us in a portable format, where applicable;

• withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing carried out before withdrawal;

• lodge a complaint with a competent supervisory authority.

These rights form part of the information and rights framework set out in the GDPR. If you are in Italy, you may also complain to the Garante per la protezione dei dati personali.

13. ⁠⁠How to exercise your rights

To exercise your rights or ask questions about this Privacy Policy or our data practices, please contact:

privacy@kesheteurope.org

We may need to verify your identity before responding to certain requests.

13. ⁠⁠Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or organisational changes.

Any updated version will be published on this page with a revised “Last updated” date.