Privacy Policy

Privacy Policy SEA

Last Updated: June 2026

1. An Overview of Data Protection

General Information

The following information provides an overview of what happens to your personal data when you visit this website, sign or support the campaign, subscribe to updates, donate, volunteer, contact us, or otherwise interact with our online services. The term “personal data” means all data that can be used to personally identify you. This Privacy Policy explains which data we collect, for which purposes we use it, on which legal basis we process it, to whom it may be disclosed, how long it is stored, and what rights you have under applicable data protection law.

Data Recording on This Website

  • Who is responsible for data processing on this website? The data on this website is processed by the website operator. Contact information can be found below under the section “Information about the responsible party”.
  • How do we collect your data? Directly Provided: We collect data you enter into a signature form, petition form, newsletter form, donation form, volunteer form, contact form, or other online forms. Automatically Collected: Other data is collected automatically by our IT systems or after you have consented. This includes technical data such as browser type, operating system, IP address, time of access, referral source, and device information.
  • What do we use your data for? We use your data to provide and secure this website, process campaign support, verify e-mail addresses, communicate with you, organize volunteers, process donations, conduct fundraising, manage country-specific campaign structures, and comply with legal obligations. Note on Extended Use: Where you have separately consented, we may also use your data to inform you about the Save Europe Act campaign, related European civic campaigns, petitions, public initiatives, political education, media projects, events, volunteer opportunities, fundraising appeals, and follow-up initiatives operated by us or by a legal successor structure.
  • What rights do you have? You have the right to obtain information about your stored personal data, its origin, recipients, and purposes at any time. You also have the right to request rectification, restriction, or deletion of your data, object to certain types of processing, revoke consent with future effect, and lodge a complaint with the competent supervisory authority.

Analysis Tools and Third-Party Tools

When you visit this website, your browsing behavior may be statistically analyzed using the analytics tools described below. Where legally required, this only takes place after your explicit consent.

2. Hosting and Technical Infrastructure

External Hosting (Content Delivery Network)

This website is hosted externally via a Content Delivery Network (CDN). Personal data collected on this website (IP addresses, form data, technical access data, etc.) may be stored on the servers of the host or transmitted through the host’s infrastructure. External hosting serves the purpose of fulfilling contractual/pre-contractual obligations (Art. 6(1)(b) GDPR) and our legitimate interest in the secure, fast, and efficient provision of our online services (Art. 6(1)(f) GDPR). Where consent has been obtained, processing is carried out on the basis of Art. 6(1)(a) GDPR and applicable ePrivacy rules (including § 25(1) TDDDG where applicable). International Routing Note: This website is delivered via a globally distributed CDN. Depending on your geographical location, your request may be routed to an edge server located outside the European Union, and your IP address may be processed in a third country based on Art. 6(1)(f) GDPR.

Service CDN & Hosting

Provider Details BunnyWay d.o.o. Dunajska cesta 165 1000 Ljubljana, Slovenia

Purpose Content delivery, server hosting, and security.

Backend Processing

Campaign, petition, signature, support, donation, or volunteer form data submitted on this website may be processed by an external backend service. This service receives submitted data, validates it, protects against abuse, and forwards it to our internal systems. Unless otherwise stated, no personal data is permanently stored by this backend provider.

Service Backend Service

Provider Details FastAPI Labs, Inc. 2261 Market Street STE 10109 San Francisco, CA 94114, United States

Purpose Data validation, anti-abuse, and secure form forwarding.

Where personal data is transferred to a third country, we rely on appropriate safeguards under the GDPR, such as Standard Contractual Clauses (SCCs), adequacy decisions, the EU-US Data Privacy Framework, or explicit consent.

3. General and Mandatory Information

Data Protection

The operators of this website take the protection of your personal data seriously. We process your personal data confidentially and in accordance with the General Data Protection Regulation (GDPR), applicable national data protection laws, ePrivacy rules, and this Privacy Policy. Please note that data transmission on the internet (e.g., e-mail communication) may have security gaps. Complete protection against third-party access is not mathematically or logistically possible.

Information About the Responsible Party (Controller)

The controller responsible for data processing on this website is: Martin Sellner Paulinengasse 18/5/17 1180 Vienna Austria E-mail: contact@save-europe-act.com

Future Legal Entity / Legal Successor

The Save Europe Act campaign may later be operated, administered, transferred to, or continued by a dedicated legal entity (company, association, foundation, non-profit, campaign platform, or holding entity). This entity may hold and administer the campaign brand, domains, website, e-mail addresses, supporter database, CRM system, newsletter/fundraising infrastructure, and related materials. Affected persons will be informed of any transfer in accordance with data protection law. Where required, new consent will be requested before data is used for purposes not covered by the original consent.

Storage Duration

Unless a more specific storage period is stated, your personal data will remain with us until: The purpose for which it was collected no longer applies. You request deletion or object to the processing. You revoke your consent. Legal obligations to retain data (such as tax, accounting, commercial law, legal defense, fraud prevention, or consent documentation obligations) remain unaffected; deletion will take place immediately after these reasons cease to apply.

General Legal Basis for Processing

  • Consent: Art. 6(1)(a) GDPR.
  • Special Categories (Political Opinions): Art. 9(2)(a) GDPR (explicit consent).
  • Contractual/Pre-contractual Measures: Art. 6(1)(b) GDPR.
  • Legal Obligation: Art. 6(1)(c) GDPR.
  • Legitimate Interests: Art. 6(1)(f) GDPR (unless overridden by your fundamental rights and freedoms).

Recipients of Personal Data

We do not sell or rent your personal data to third parties. However, we work with external service providers where legally permitted or based on your consent:

  • Hosting & CDN providers
  • Backend & form-processing systems
  • E-mail delivery, newsletter, & CRM services
  • Analytics, IT, security, & anti-spam providers
  • Payment & donation service providers
  • Legal, tax, accounting, & translation advisers
  • Campaign, media, event, & design service providers
  • National & volunteer coordinators / partner organizations
  • Legal successor entities Where required, we conclude Data Processing Agreements (Art. 28 GDPR) or Joint Controller Agreements (Art. 26 GDPR).

4. Your Rights

Under applicable data protection law, you hold the following statutory rights:

  • Revocation of Consent: You may revoke any given consent at any time with effect for the future.
  • Right to Object (Special Cases): Right to object at any time to processing based on Art. 6(1)(e) or (f) GDPR based on your particular situation.
  • Right to Object to Direct Advertising: Right to object at any time to processing for direct advertising or fundraising communications.
  • Right to Lodge a Complaint: Right to complain to a competent supervisory authority regarding GDPR violations.
  • Right to Data Portability: Right to receive your automated data in a commonly used, machine-readable format or have it transferred to another controller.
  • Information, Rectification, and Deletion: Right to obtain clear information about your stored data, its origin, recipients, and the right to correct or erase it.
  • Restriction of Processing: Right to restrict processing if accuracy is disputed, processing is unlawful, the data is needed for legal claims, or an objection is pending.

SSL and TLS Encryption

This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content. You can recognize an encrypted connection by the https:// prefix and the lock symbol in your browser address bar.

5. Specific Data Recording Operations

Cookies

This website uses cookies (small text packages stored on your device).

  • Technically Necessary Cookies: Processed based on Art. 6(1)(f) GDPR for error-free and secure website delivery.
  • Analytical/Third-Party Cookies: Processed based on Art. 6(1)(a) GDPR (consent). You can configure your browser to reject cookies, though functionality may be limited.

Contact Form

Information submitted via our contact form is stored to process your inquiry.

  • Legal Basis: Art. 6(1)(b) GDPR (contractual request) or Art. 6(1)(f) GDPR / Art. 6(1)(a) GDPR (legitimate interest/consent).
  • Data remains with us until you request deletion, revoke consent, or the purpose expires.

6. Campaign Signature, Support, and Pre-Campaign Registration

If you sign, support, or register for the Save Europe Act campaign via this website, we process the data you provide.

Data Categories Collected

  • Full name & E-mail address
  • Country, language preference, & phone number (if provided)
  • EU citizenship status & volunteer/donation preferences
  • Submission metadata: Time, IP address, technical metadata, referral source
  • Consent tracking: Form/privacy policy version, double opt-in status, campaign/country tags

Purposes of Processing

  • Recording, validating, and administering your campaign support.
  • Preventing misuse, duplicate entries, fraud, spam, and automated bots.
  • Communicating updates regarding the status, filing, acceptance, or continuation of the campaign.
  • Preparing and transferring support data into an official European Citizens’ Initiative or related lawful civic process.
  • Managing country-specific supporter lists and regional structures.
  • Documenting accountability, consent verification, and defending legal claims.

Legal Basis

Art. 6(1)(a) GDPR (consent), Art. 6(1)(b) GDPR (performance of requested action), and Art. 6(1)(f) GDPR (legitimate administration interest). Because supporting this campaign may reveal political opinions or views, we process this data on the basis of your explicit consent pursuant to Art. 9(2)(a) GDPR.

7. Newsletter, Updates, and Broader Communication

Newsletter Data & Scope

If you subscribe to updates, we use your e-mail address and related contact data to send information regarding:

  • The Save Europe Act campaign and its political/legal continuations.
  • Thematically connected European civic campaigns, petitions, and public initiatives.
  • Political education, public debates, publications, studies, videos, podcasts, and briefings.
  • Events, conferences, webinars, and volunteer opportunities.
  • Fundraising appeals, donation campaigns, and supporter programs.
  • Thematic topics: European sovereignty, democracy, rule of law, public safety, borders, migration, civil liberties, cultural continuity, and national identity.

Legal Basis & Unsubscribing

Processing is based on your consent (Art. 6(1)(a) GDPR and Art. 9(2)(a) GDPR). You may unsubscribe at any time via the link in any e-mail or by contacting contact@save-europe-act.com.

Suppression List (Blacklist)

After you unsubscribe, your e-mail address may be stored indefinitely in a suppression list to prevent future unsolicited mailings. This serves our mutual legitimate interest in legal compliance (Art. 6(1)(f) GDPR).

8. Transactional E-mails and Double Opt-In

We utilize transactional e-mails (confirmations, double opt-in verifications, administrative notices) to secure our infrastructure and verify e-mail quality.

Service Transactional E-mail

Provider Details Plus Five Five, Inc. / Resend 2261 Market Street #5039 San Francisco, CA, United States

Purpose Automated confirmation delivery and verification management.

  • Legal Basis: Art. 6(1)(b) GDPR, Art. 6(1)(c) GDPR, and Art. 6(1)(f) GDPR. Data transfers to third countries are protected by Standard Contractual Clauses and/or the EU-US Data Privacy Framework where applicable.

9. Fundraising Communication and Donations

Fundraising Communication

If you consent, we may contact you regarding funding needs, donation campaigns, and operational expenses (legal costs, infrastructure, staffing). This applies to the Save Europe Act as well as successor civic/educational projects operated by us or our legal successor. Legal basis: Art. 6(1)(a) GDPR and Art. 9(2)(a) GDPR.

Donations and Payments

When you donate, we process: Name, e-mail, billing details, payment amount/currency/method, transaction ID, country, and recurring status.

  • Purposes: Payment administration, accounting, tax compliance, fraud prevention, financial reporting, and donor relationships.
  • Legal Basis: Art. 6(1)(b) GDPR, Art. 6(1)(c) GDPR, and Art. 6(1)(f) GDPR.
  • Tax Status: Unless expressly stated otherwise, donations are not tax-deductible.

10. Volunteers and Country Coordination

If you sign up to become active, volunteer, join a national structure, or participate in local actions, we process your contact data, location, language skills, availability, and organizational roles.

  • Purpose: Assigning you to country teams, coordinating local civic/media/educational outreach, sending volunteer materials, and organizing trainings or campaign calls.
  • Legal Basis: Art. 6(1)(a) GDPR (consent), Art. 6(1)(f) GDPR (organizational legitimate interest), and Art. 9(2)(a) GDPR (explicit consent for political affiliations).

National Structures, Partner Organizations, and Local Coordinators

We may share limited data with national coordinators, local teams, or partner organizations to facilitate localized campaign deployment. Recipients are bound by strict data protection agreements. Personal data will never be shared with partner organizations for unrelated independent marketing.

11. Third-Party Plugins, Analytics, and Tools

Fathom Analytics

We use Fathom Analytics to analyze website usage in a privacy-friendly manner. It provides aggregated metrics without using invasive cookies or tracking personally identifying individual visitors.

  • Legal Basis: Art. 6(1)(f) GDPR(legitimate interest in website optimization).

Bunny.net Stream

This website embeds video content via Bunny.net Stream (provided by BunnyWay d.o.o., Slovenia). Videos may require click-to-consent activation. Upon loading, the system processes technical access data (IP address).

hCaptcha

We use hCaptcha to distinguish human entries from automated bots to protect our infrastructure from spam, fraud, and automated attacks.

Service Bot Protection Provider Details Intuition Machines, Inc. 2211 Selig Drive Los Angeles, CA 90026, United States

Purpose Analysis of mouse movements, time spent, device parameters, and IP address.

Social Media Links and Sharing Functions

Our social sharing tools are implemented as standard text links to avoid transmitting data to third parties (X, Telegram, WhatsApp, etc.) before you actively click them. Once redirected, data processing is handled independently by those respective platforms.

12. Miscellaneous Provisions

Security Measures

We deploy strict technical and organizational measures including SSL/TLS encryption, restricted role-based access permissions, secure hosting infrastructures, anti-spam protocols, data minimization, and mandatory confidentiality agreements for all personnel.

International Data Transfers

When using services located outside the EU/EEA (e.g., USA), data transfers are legally secured via European Commission adequacy decisions, Standard Contractual Clauses (SCCs), or the EU-US Data Privacy Framework.

Children

This website is not directed at children. We do not knowingly collect personal data from minors without parental or legal guardian consent.

Changes to this Privacy Policy

We may update this policy periodically to reflect legal, technical, or organizational changes. Material changes impacting your consent will be communicated to you directly before taking effect.

13. Contact

If you have any questions about this Privacy Policy or the processing of your personal data, please contact the controller: Martin Sellner Paulinengasse 18/5/17 1180 Vienna Austria E-mail: contact@save-europe-act.com

Select your cookie preferences

We use privacy-friendly analytics for our campaign. Essential cookies (form processing, security) are always active. The optional video loads its cookies only when you click play.

Imprint Privacy Policy
Manage cookies