GDPR @ OW2
OW2's compliance with GDPR is a relatively light constraint.
- We keep a simplified registry of our processing resources, as per Recital 13 which states that "To take account of the specific situation of micro, small and medium-sized enterprises, this Regulation includes a derogation for organisations with fewer than 250 employees with regard to record-keeping.".
- We do not need to designate a Data Processing Officer as per Article 37: OW2 is not a "public authority or body", we host no processing that "require regular and systematic monitoring of data subjects", nor do we process "special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offences referred to in Article 10.".
- We must reconfirm our newsletter mailing list; as per Recital 32 "Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject's agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement.".
General Data Protection Regulation (GDPR) Notice
Who we are
We are OW2, a non-profit association dedicated to the promotion of a code base of open source software and its community. Registered RNA : W784003900 with offices at Conseil & Management, 7, Rue de Phalsbourg, 75017, Paris, France, OW2 is subjected to the laws of France and the European Union.
From whom is personal data collected?
Personal data means any information relating to an identified or identifiable natural person. At OW2 we collect personal data from four categories of stakeholders: members, users of our services, speakers and attendees to our events, and subscribers to our mailing lists.
The legal basis we have for processing your personal data
The legal basis for processing your personal data is your consent. OW2 uses the personal data that you provide to organize community activities, and deliver quality content and services as per your request. In certain circumstances we may otherwise process your personal data if we have a legitimate interest in doing so in the framework of OW2 operations and we are not infringing any of your rights and freedoms. In any case, OW2's legitimate operative interests do not supersede your interests.
What personnal data may OW2 collect?
At OW2, the data we collect is the minimum requirement to enable either the benefits of membership, usage of our services or sharing useful information. Personal data include information you provide to us and information we automatically collect.
- Information you provide to us. The different kinds of personal data collected include membership data such as name, email, address, membership category for our members, email, log-in and password for our service users, email addresses and, not always, the full name for our mailing lists subscribers, plus click statistics for our newsletter subscribers, names and emails for our event participants, and bios and photos for our speakers.
- Information we automatically collect. We also automatically collect certain technical data that are sent to us from the computer, mobile device and/or browser through which you access our services. This kind of automatic data includes, without limitation, a unique identifier associated with your access device and/or browser (including, for example, your Internet Protocol (IP) address), characteristics about your access device and/or browser, statistics on your activities on our services, information about how you came to our services and data collected through Cookies, Pixel Tags, Local Shared Objects, Web Storage and other similar technologies.
Why do we collect personal data?
We collect personal data for the purpose of running OW2 and its activities. Depending on the category of stakeholders, this includes making possible the execution of the membership contract, enabling you to securely log in our services, and sharing information across the community and its ecosystem. If you choose not to provide us with your personal information, you may hamper access to the benefits of membership, our services and useful information.
Where is the data being stored?
This data is stored on the OW2 infrastructure for all services except for few external online services such as pour newsletter e-mailing system, our event programme management system and our annual conference registration system.
Who has access to the data?
Access to personal data is granted to no one except OW2 personnel for management and operation purposes.
For how long the data will be kept?
Personal data is stored for as long as necessary to fulfil the purpose for which it is being processed and as long as the member, user, subscriber, speaker or otherwise does not require deletion.
Is the data being transferred?
We do not rent or sell your personal identifiable information to third parties. However we use third party providers for certain of our services that may store and process some personal data. These services include: our newsletter e-mailing system, our event programme management system, our annual conference registration system and a social networks management service. We also use global platforms and social networks such as Twitter, YouTube, SideShare, Google and LinkedIn.
Will your personal data be transferred to a recipient outside the EU?
OW2 uses third party online applications and services which may be provided by compute resources located outside of the EU and which may need to process personal data. We use trusworthy third party applications and services and trust that any personal identifiable information you provide will be secured with industry standard protocols and technology.
Is there any automated decision-making based on personal data?
Changes to this privacy notice
Do I have a right to a copy of my personal data stored by OW2?
Yes. Please contact the OW2 Management Office at Conseil & Management, 7, Rue de Phalsbourg, 75017, Paris, France or please send an email to the OW2 GDPR address.
You also have all other basic rights in the field of data protection such as the right to lodge a complaint with a and the right to withdraw consent at any time.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. They are also useful to provide you with more relevant information.
The cookies we use
|XWiki||These are technical cookies used to improve your browsing experience on our websites. For example, they maintain your session when you login, automatically provide your user name in the login field, remember your browsing preference settings, etc.|
|Third-party apps||We use third-party application which may collect cookies. For example, we embed videos from our official OW2 channel using YouTube’s privacy-enhanced mode. This mode may set cookies on your computer once you click on the YouTube video player, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode.|
|Social networks||Cookies from social networks such as LinkedIn, Twitter and SlideShare are used to enable you to share pages and content that you find interesting on our Websites through third party social networking and other websites. These cookies may also be used for advertising purposes too.|
Privacy protection and compliance with the GDPR constitute a sensitive endeavour. As in everything we do at OW2 it has to be a co-production between OW2 and its members and account owners in their use of OW2's services. We share as much information and resources as we can so as to facilitate cooperation between OW2 and our members and account owners in their use of our services. It may be that our web sites and forms may need fine-tuning to be fully GDPR-compliant, please feel free to contact us should you come across any web page where required GDPR-related information or notice is missing.