Applicability of the GDPR
As of May 25, 2018, the European General Data Protection Regulation (GPDR) is applicable to all entities that process European consumers’ personal data. You can read more about the GDPR here https://epic.org/international/gdpr/. EPIC is a strong supporter of the GDPR and believes that strong privacy standards should apply to everyone who uses online platforms and services no matter where they live. The GDPR helps to ensure that companies operate in an accountable and transparent manner, subject to the rule of law and the democratic process.
EPIC is committed to complying with all GDPR obligations for all personal data that it controls or processes. If you would like to exercise your data protection rights under the GDPR, you can contact us at [email protected]. EPIC has also made the full text of the GDPR accessible through its Privacy Law Sourcebook here https://epic.org/bookstore/pls2016/. Contact information for European data protection authorities can be found here.
EPIC Mailing List
If you are interested in receiving the EPIC Alert newsletter, we ask for your email address so that we can send it to you. Subscribers to the EPIC Alert are not required to provide an email address linked to an actual identity. You can also read the EPIC Alert by visiting the EPIC Alert archive at our web site.
EPIC acts as a data controller in relation to personal data (our subscribers’ e-mail addresses) from the EPIC Alert list. We only process data necessary to our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. Our legitimate interests include educating subscribers (and the public) about emerging privacy and civil liberties issues, promoting EPIC’s activities, and supporting EPIC. We have also deactivated tracking features in MailChimp and require “double opt-in” for subscriptions. We also include links to modify or cancel your subscription in every message to the EPIC Alert mailing list.
You have the right to confirm whether or not your personal data we are processing your personal data. In the event you wish to view, receive a copy of, update, or delete an email address in our possession at any time for any reason, please contact [email protected] to make those changes.
EPIC acts as a data controller and processor in relation to personal data contained in our donor list. We do so only process data necessary to our legitimate interests and not overridden by donors’ data protection interests or fundamental rights and freedoms. Our legitimate interests include financial and personal support for the organization.
EPIC only processes the personal information necessary to process donations to EPIC, to send updates and fundraising requests to our donors, and to comply with applicable laws. EPIC accepts anonymous contributions which do not require any transfer of personal data. We do not rent, sell, or share our donor lists.
You have the right to confirm whether or not we are processing your personal data. In the event you wish to view, receive a copy of, update or delete a donor record in our possession at any time for any reason, please contact [email protected] to make those changes.
EPIC also routinely advocates for donor privacy. For example, in Americans for Prosperity Foundation v. Becerra (Ninth Circuit 2017) EPIC argued the tradition of donor privacy is deeply rooted in religious tradition and that the right to contribute anonymously is protected by the First Amendment.
You can read more about EPIC’s work to defend donor privacy here.
EPIC Web Site
EPIC makes information on its website freely available to Internet users without storing any personal data. We do not enable cookies. We do not collect web logs and we promote Privacy Enhancing Techniques through our Practical Privacy Tools resource https://epic.org/privacy/tools.html.
Personal Data Gathered for Events, Petitions, and Campaigns
We request, but do not require, certain personal data for events, petitions, and campaigns. We will retain the data for as long as the petition or campaign continues, or until soon after the event concludes. We will treat name information you provide as public information. We will treat email addresses as private information and will not make public. We may use the email address to contact for purposes related to the event, petition, or campaign. In the event that any information provided will be made public (such as when you sign a petition), we will notify you on the form prior to submission.
You have the right to confirm whether or not your personal data we are processing your personal data. In the event you wish to view, receive a copy of, update, or delete personal data in EPIC’s possession at any time for any reason, please contact [email protected] to make those changes.
We offer links to relevant publications in the EPIC Bookstore. The items listed there are offered for sale on Amazon.com subject to their applicable privacy policies, which are available here: https://www.amazon.com/privacy/. We also collect limited personal data from NGOs that request complimentary copies of our publications. Our use of this information is limited to processing payments and shipping publications. This information is neither made available to any third parties nor combined with any other information at our disposal. As with any other personal information you have given us, any subpoena or attempts by law enforcement to gain access to this information will be challenged. In the event that you want to view, update, or delete this information, please contact [email protected].
This policy was updated on March 15, 2019.