HomePrivacy Policy

Privacy Policy

Last Updated: 25 May 2025

1. Introduction

One Planet Port (“OPP”, “we”, “us”, or “our”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, process, and protect your personal information when you interact with our website and services, in compliance with the General Data Protection Regulation (GDPR) and Dutch data protection laws.

2. Data Controller

Data Controller: One Planet Port
Data Protection Officer/Contact: Tanner Tuttle
Email: privacydata@oneplanetport.org
Location: Netherlands

3. Information We Collect

When you interact with our website or contact forms, we may collect the following types of personal data:

Contact Information

  • Name (first and last name)
  • Email address
  • Phone number
  • Organization/Company name
  • Job title or position

Communication Data

  • Messages and inquiries submitted through contact forms
  • Email correspondence
  • Feedback and survey responses

Technical Information

  • IP address
  • Browser type and version
  • Device information
  • Website usage patterns (through cookies, if consent is provided)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

  • Consent (Article 6(1)(a)): When you voluntarily provide information through our contact forms
  • Legitimate Interests (Article 6(1)(f)): To respond to your inquiries and provide requested information about our services
  • Contract Performance (Article 6(1)(b)): When processing is necessary to fulfill services you have requested

5. How We Use Your Information

We use your personal data for the following purposes:

  • Communication: Responding to your inquiries, questions, and requests
  • Service Delivery: Providing information about our programs and services
  • Relationship Management: Maintaining records of our interactions for future reference
  • Legal Compliance: Meeting our legal and regulatory obligations
  • Website Improvement: Analyzing website usage to enhance user experience (with consent)

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal data to third parties. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist in our operations (under strict data processing agreements)
  • Legal Requirements: When required by law, regulation, or legal process
  • Consent: When you have given explicit consent for specific sharing purposes

All third-party processors are required to maintain appropriate security measures and use your data only for specified purposes.

7. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this policy:

  • Contact Form Submissions: Retained for up to 3 years unless you request earlier deletion
  • Email Communications: Retained for up to 2 years for correspondence records
  • Technical Data: Anonymized or deleted within 12 months

8. Your Rights Under GDPR

As a data subject, you have the following rights:

  • Right of Access (Article 15)
    You can request information about what personal data we hold about you.
  • Right to Rectification (Article 16)
    You can request correction of inaccurate or incomplete personal data.
  • Right to Erasure (Article 17)
    You can request deletion of your personal data under certain circumstances.
  • Right to Restrict Processing (Article 18)
    You can request limitation of how we process your data in specific situations.
  • Right to Data Portability (Article 20)
    You can request transfer of your data to another organization in a structured format.
  • Right to Object (Article 21)
    You can object to processing based on legitimate interests or for direct marketing.
  • Right to Withdraw Consent
    You can withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at: privacydata@oneplanetport.org

9. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against:

  • Unauthorized access, alteration, disclosure, or destruction
  • Accidental loss or damage
  • Unlawful processing

Our security measures include:

  • Encryption of data in transit and at rest
  • Access controls and authentication systems
  • Regular security assessments and updates
  • Staff training on data protection

10. International Data Transfers

Your personal data is primarily processed within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules where applicable

11. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies. For detailed information about our cookie usage, including your choices regarding cookies, please refer to our Cookie Policy [link to separate cookie policy if available].

12. Children’s Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16 without appropriate parental consent. If we become aware that we have collected such data, we will take steps to delete it promptly.

13. Data Breach Notification

In the unlikely event of a personal data breach that poses a high risk to your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach, as required by GDPR Article 34.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will:

  • Post the updated policy on our website
  • Indicate the date of the last revision
  • Notify you of significant changes via email or prominent website notice

15. Supervisory Authority

You have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable laws.

Dutch Data Protection Authority
Website: autoriteitpersoonsgegevens.nl
Email: info@autoriteitpersoonsgegevens.nl

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

Data Protection Contact: Tanner Tuttle
Email: privacydata@oneplanetport.org
Organization: One Planet Port
Location: Netherlands

Consent Statement for Contact Forms:

“By submitting this form, I acknowledge that I have read and understood One Planet Port’s Privacy Policy and consent to the collection and processing of my personal data as described therein. I understand that I can withdraw my consent at any time by contacting privacydata@oneplanetport.org.”