Privacy Policy

Version N. 1, 05/05/2026.

This is the Privacy Policy of The Embassy of the Free Mind, domiciled at Keizersgracht 123, 1015 CJ Amsterdam, The Netherlands, PO Box 11126, 1001 GC Amsterdam (hereinafter: “We”, “Us” or “Embassy of the Free Mind). This Policy explains how we collect, process, and protect your personal data. We process your personal data in accordance with the General Data Protection Regulation (GDPR) and Dutch privacy law.

1. Scope

This Privacy Policy applies to all personal data about you that we collect and use when you:

  • Visit our website
  • Make a donation or payment
  • Become a member or subscriber
  • Register for events
  • Contact us via forms or other communications
  • Use any other services provided by us

“Personal data” refers to any information that identifies you as an individual.

2. Personal Data We Process

Depending on your interactions with us, we may process:

  • Contact details: Name, email address, postal address, and phone number.
  • Account and identification data: Login credentials (if applicable in the future), IP address, and other technical identifiers.
  • Payment information: Billing details and transaction history (processed securely via third-party payment providers).
  • Usage information: Pages visited on our website, services used, and other interaction data.
  • Communications: Messages, enquiries, or other content you submit to us.

3. Purposes and Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Execution of an agreement: To provide services you requested, including donations, membership, subscriptions, event tickets, or other purchases.
  • Legitimate interests: To improve our services, understand visitor needs, analyse website usage, and enhance user experience.
  • Consent: To send newsletters or marketing information when you have agreed to receive them. You may withdraw consent at any time.
  • Legal obligations: To comply with applicable laws, regulatory requirements, or lawful requests from authorities.

4. Use of Cookies

We use cookies to improve usability, website functionality, security, and for analytics and marketing purposes. We require prior consent for non-essential cookies, which is collected via our cookie banner. Cookie consent preferences are stored securely. For more information, see our Cookie Policy.

5. Who Receives Your Personal Data

Access to your personal data is limited to authorised employees who need it to perform their duties. We do not share your data with third parties without consent, except:

  • Service providers who process data on our behalf (e.g., payment providers, hosting, or CRM systems)
  • Public authorities, when legally obliged

All third-party processing is conducted in accordance with applicable GDPR requirements.

6. Transfer of Your Personal Data

Personal data is generally stored within the European Union. Where we use service providers outside the EEA, we ensure adequate safeguards, such as Standard Contractual Clauses or transfers to countries with adequacy decisions under EU law.

7. Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse, and to ensure data accuracy and integrity.

8. Retention of Personal Data

We retain personal data only as long as necessary for the purposes for which it was collected, taking into account:

  • Duration of our relationship with you
  • Legal obligations (e.g., financial record-keeping)
  • Administrative and operational requirements

Typical retention periods include:

  • Financial and payment data: 7 years
  • Membership and donation records: duration of relationship + administrative period
  • Contact form submissions: up to 2 years
  • Website analytics: per configured retention settings

9. Your Rights

Under GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate or incomplete data
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent at any time

You may also file a complaint with the Dutch Data Protection Authority:
Autoriteit Persoonsgegevens

10. Contact Information

For questions about this Privacy Policy or the processing of your personal data, contact us.

11. Changes to This Policy

This Privacy Policy may be updated from time to time. The most recent version will always be published on our website.