Data Protection

Data Management: transparency and control
We are an open engineering based global community. Transparency to the processing and control of our member space data is paramount to us. 
Beyond the following actions of voluntary members of the subscribed membership activity of the Foundation, this policy lays down the fundamental principles of safe processing and control of member's data:
a. Moderation of member messages on Foundation's public forums
b. Privacy Controls and triggers on Member's space such as 2 Factor login authentications, Invite only subscription, Actions on Inactive Member Profiles etc.  
​
Foundation recognises the following platforms for open communication and public facing communication records by the community members.
1.Public & Private channels on Foundation's Slack Memberspace
2.Foundation's Discord Server
3.Private and Public Mailing Lists of Foundation’s projects
4.​Linkedin Page - Muellners Foundation, Linked based Newsletter, Linked based groups - Open Source Community​
5.​Twitter - Muellners Foundation​
6.Serenity Member Console
7.​Open Podcast Channels of Foundation
8.Decentralised Comm Network and Content Delivery Network of Foundation - Second.Exchange
9.​Public Discourse Forum​
10.Project and Topic based Telegram broadcast forums, maintained by Council & Committees of Open Constitution.
11.​Open Bulletin​
​
Subscribed Membership is an 'invite only'
Following data is received by the Foundation to create a guest account:
1.Email account
2.Name, Phone no. 
3.Social media accounts of members
Verified citizens of Serenity gain access to the "citizen", generally full rights to different communication channels of the Foundation.
Once, an account is created, subscribed member posts on both private and public forums of the Foundation's community.
Members guide themselves with the Foundation's code of conduct, guiding principles & moderation policy when expressing their statements in the community space. 
Following types of data are classified for all membership activity:
1.Data attributable to Foundation's Public facing records on its public forums.
2.Data attributable to Foundation's ongoing project discussion and thus attributable to Foundation's public facing records in a documentation release.
3.Private and non public personal information(NPPI).
4.Explicit Personal Expression of a Member of the Foundation's community.
5.Third party data.
For all subscribed membership activity on the above communications system of Muellners Foundation: 
a. The subscribed membership activity on any of the above communication platforms & member's privacy is protected and governed foremost by privacy laws of EU's GDPR & subsequently Internet privacy laws of Denmark. 
b. The Internet based communication platforms, forums, that the Foundation uses, maintains and are licensed to Muellners Foundation, Denmark, either through a grant, strategic partnership or a purchase agreement, ratified by the Independent Boards. 
Foundation also complies with relevant third party vendor license terms, as accorded by the service provider of the specific communications platform.
If any member wishes to complain about privacy violation or any other code of conduct violation, on any of the above communication systems, please write to [email protected]
Read about Moderation Guidelines here.
Read about How not to spam public forums of Muellners Foundation here.
Read the list of Sensitivity here.
Data Management: transparency and control
​​In accordance with Article 5 of GDPR, 
a. Foundation is responsible for processing personal data in a lawful, fair and transparent way. 
b. Foundation shall only process personal data for a limited and specific purpose. 
c. Foundation shall only process the personal data that is necessary for its purposes. 
d. Foundation shall ensure that personal data it is processing is accurate and up-to-date. 
e. Foundation shall store personal data only for as long as is necessary. 
f. Foundation shall keep personal data safe and confidential. 
g. Foundation shall be accountable for how it processes personal data. 
For the purposes of this policy; What does “processing” mean? 
“collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction” 
Foundation uses following criteria(s) as the lawful bases for processing its member’s data:
a. Consent - the member has freely permitted Foundation to process their data. The consents are digitally recorded e.g when a member joins Foundation slack or discord server, or signs up on a web url which takes the member to Foundation’s communication systems. 
b. Contract - member has voluntarily signed up and joined the membership space, and Foundation needs to process their data to carry out and maintain subscribed membership activities, within the Foundation’s guidelines. 
c. Legal obligation - the law requires the Foundation to process the member's data in a particular way: i.e for records, audit, moderation of hatred, free speech on its public forums and community space.
d. Legitimate interest - Foundation is processing a member's data to protect Foundation's statutory compliance with the laws governing the Foundation’s statutory existence in accordance with the business laws of Denmark. 
Data Protection Officer: Lara Muellner has been appointed as the Data Protection Officer of the Muellners Foundation since 19 Dec 2019 to 19th Dec 2021 
Voluntarily organised Foundation members also further appoint moderators from the community who uphold the community’s Code of Conduct.
Data Processor: Muellners ApS is appointed by the Foundation as the processor of the data controller - Muellners Foundation. Please read on Muellners ApS data processing policy here.
List of Other Third Party Data Processors and link to their data processing agreements, whose compliance is binding on the Foundation, when the Foundation accesses the license to use these third party services:
1.​Slack 
2.​Hubspot,
3.​Google Workspace​
Foundation may at times act as a data processor to another Data Controller such as a Serenity Partner organisation. If your organisation is the partner in the Serenity Program, please read the Data Protection clauses in the partner agreement that covers the rights of your organisation.
It is important to note that when members from your organisation sign up independently on the Foundation’s member space, their data protection is governed exclusively by this data protection policy.
Research Resources for community references:
1.​Legal Text of EU's GDPR:​
2.​A good read on a guide for open source communities. (Citation: Linux Foundation)
3.​Another relevant read 
4.​Danish Data Protection Act(in English) 
5.​List of Authorities in your local jurisdiction to contact and complain when any Foundation's members or global citizens privacy rights are encroached. 

READ THE FULL TEXT OF THE DATA PROTECTION NOTICE HERE:
​

Data Processing Policies - Previous

Data Processing Agreement

Notice:Data Processing and control

Last modified 24d ago

Export as PDF

Copy link

Contents

Data Management: transparency and control

Research Resources for community references: