If you would like to contact us about the processing of your personal data or relating to any security concerns, please contact firstname.lastname@example.org
Proca is built to protect the privacy and security of supporters and users. Proca widgets do not set cookies nor collect personal information before explicit consent. Proca’s core has been audited by independent organisations and certified by the German Federal Office for Information Security (BSI), because it is used to power European Citizens’ Initiatives. It is easy for organisations using Proca to encrypt the data they collect, with the effect that collected supporter data is only accessible by the organisations who run that campaign.
We value movement generosity, no vendor lock-in and transparency of our code, and our platform is Free Software. We welcome anyone studying the code and improving it further.
Data we Collect
Data we collect falls into three different categories.
- Supporters, who take part in actions using Proca widgets, and their personal data is collected on behalf of Users.
- Users, using the Proca platform to install widgets on their websites and run campaigns.
- Visitors to our website, forum, etc.
Data processing of supporters of your campaign is detailed in the Data Processing Agreement available here:
- Data Processing Agreement – the main document
- Locations and Sub-processors – what companies we are working with to process data, and where are they located
- Technical and Organisational Measures – what we do to make sure the data is processed securely
Users and Visitors
You are a visitor when you visit our websites and webapps in domains and subdomains of fixthestatusquo.com, fixthestatusquo.org and proca.app. You are a user when you actually use our services and tools to run campaigns, as paid or free service.
Processing goals and purposes
Our websites provide:
- Promotion, information and help about our services (Visitors)
- Tools to acquire and install campaign widget, manage campaign and coalition, export collected data (Users)
- Campaign performance analytics dashboard (Users)
This data is collected, kept and processed by us and processors in EU.
The data is processed for purposes:
- Authentication and authorisation to provided services (Users)
- Providing technical support and answering inquiries (Users, Visitors)
- Business related: running the sales and delivery process of our services – from inquiry, through planning, implementation, launch, support to invoicing (Users, Visitors)
- Provide insights to our team about service usage (Users)
- Provide insights to our team to run marketing of our services (Visitors)
Data collection and categories
Visitors data is collected by passive tracking mechanism (such as website conversion tracking), in which cases you are presented with an option to opt out (click “Do not track me” on the banner at the bottom of the page).
The data we collect includes:
- Email address
- Organisation membership
- Associated campaigns which the user or their organisation is involved in
- Profile picture
- Interactions with websites and webapps (eg buttons clicked, settings changed, widget generation, etc)
- IP Address, browser data and other metrics are tracked for security and monitoring reasons and stored as standard server logs and not associated with other personal data
- IP Address, browser data and other web tracking metrics are tracked and stored in our CRM (based on consent).
Locations and processors
All user data is processed by websites and apps run and managed by us, and running on hosting/infrastructure providers in EU. These are:
All user and visitor data processed for business and marketing purposes is processed by CRM provider:
Whenever we send transaction emails or newsletter, we use these email providers
- Mailjet (EU)
Personal data related to running a business
As is normal for any business, we will store information about business contacts such as customers, partners, service providers, etc, based on the legitimate interest in doing so. We will also store personal data relating to people who apply to (or indeed do!) work or volunteer with us, based on the consent of the applicant and the legitimate interest in doing so.