Introduction

The Organization for Global Policy & Dialogue (OGPD) is committed to protecting the privacy and personal data of all individuals, including event participants, program applicants, partners, employees, and stakeholders. This GDPR Compliance Policy outlines how OGPD collects, processes, stores, and protects personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

Scope

This policy applies to:

• Participants registering for OGPD programs, summits, or events.
• Employees, contractors, and volunteers involved in program management and operations.
• Partners, sponsors, and vendors supporting OGPD activities.
• Visitors and users interacting with OGPD through our website, mailing lists, or digital platforms.

This policy covers all personal data collected, processed, or stored by OGPD, regardless of location or source.

What Data We Collect

OGPD may collect and process the following categories of personal data:

1. Personal Identification Data: Name, address, email, phone number, date of birth, and passport details.
2. Program-Related Information: Registration details, program preferences, session participation, and attendance data.
3. Financial Data: Payment information for event registrations and ticket sales.
4. Media and Marketing Data: Photographs, videos, or testimonials captured during programs for promotional purposes.
5. Technical Data: IP addresses, cookies, and browsing activity on OGPD websites or digital platforms.

How We Use Personal Data

OGPD processes personal data for the following purposes:

• Program Registration & Management: To facilitate participation, communication, and event administration.
• Communication & Marketing: To provide updates, newsletters, and promotional content with explicit consent.
• Payment Processing: To securely handle registrations, fees, and manage refunds where applicable.
• Compliance with Legal Obligations: To comply with applicable laws, regulations, and reporting requirements.
• Media Usage: To use photographs and videos captured during events for promotion across OGPD platforms.

Legal Basis for Processing

OGPD processes personal data under the following legal bases:

• Consent: When you provide explicit consent for specific purposes, such as receiving newsletters or promotional communications.
• Contractual Necessity: Processing required to fulfill contractual obligations (e.g., program registration, participation).
• Legal Obligation: Compliance with applicable laws and regulations.
• Legitimate Interest: Processing necessary for OGPD’s legitimate interests, such as program improvement, research, or participant engagement.

How We Protect Personal Data

OGPD implements technical and organizational measures to protect personal data from unauthorized access, loss, alteration, or misuse, including:

• Encryption of sensitive data in transit and at rest.
• Access Control: Personal data is accessible only to authorized personnel.
• Regular Audits and compliance assessments to ensure compliance.
• Data Retention Policy: Personal data is retained only as long as necessary for the purposes outlined in this policy or as required by law.

Data Subject Rights

Under GDPR, you have the following rights regarding your personal data:

1. Right to Access: Request access to personal data OGPD holds about you.
2. Right to Rectification: Request corrections to inaccurate or incomplete data.
3. Right to Erasure: Request deletion of personal data, subject to legal requirements.
4. Right to Restriction of Processing: Request restricted processing under certain circumstances.
5. Right to Data Portability: Receive personal data in a structured, commonly used format.
6. Right to Object: Object to processing based on legitimate interests or direct marketing.
7. Right to Withdraw Consent: Withdraw consent to processing at any time.

To exercise these rights, please contact info@theogpd.org.

Third-Party Sharing and Transfers

OGPD may share personal data under the following circumstances:

• Program Partners and Vendors: Sharing data with venues, sponsors, and contractors to facilitate operations.
• Payment Processors: Securely sharing payment information with Stripe and other payment gateways.
• Legal Obligations: Data may be disclosed to regulatory authorities when required by law.
• International Transfers: If data is transferred outside the European Economic Area (EEA), OGPD ensures appropriate safeguards, such as Standard Contractual Clauses (SCCs).

Cookies and Website Tracking

OGPD websites use cookies and similar technologies to enhance user experience and analyze website traffic. Users may manage cookie preferences via their browser settings.

Data Breach Notification

In the event of a personal data breach, OGPD will notify affected individuals and relevant authorities within 72 hours of becoming aware, in accordance with GDPR requirements.

Policy Updates

OGPD may update this GDPR Compliance Policy periodically to reflect changes in legal requirements or operations. Updates will be posted on the OGPD website, and significant changes may be communicated directly to participants or partners.