Scope
This privacy statement is valid only for the service provided on cloud.apell.info.
Contact Details
The responsible entity (data controller) is:
APELL (Association Professionnelle Européenne du Logiciel Libre) ASBL
Kunstlaan 56 Avenue des Arts
1000 Brussels • Belgium
E-Mail: apell [at] apell.info
A. Data processing
1. Accessing cloud.apell.info and creation of log files
Information are collected every time cloud.apell.info is accessed or used. These data and information are stored in log files on the server and can include:
- IP address
- browser type / browser version
- date and time cloud.apell.info was accessed
- user Internet service provider
- user operating system
- referring website
- resources accessed by the User’s system through cloud.apell.info
The temporary storage of data and log files is lawful pursuant to Article 6 (1) lit. f General Data Protection Regulation (Datenschutz-Grundverordnung – DSGVO)
The IP address is temporarily stored in the system as it is necessary to provide access for the User’s computer. The IP address is retained while cloud.apell.info is being accessed.
These log files are stored to ensure functionality, and ensure the security of our IT system.
The data will be deleted when they are no longer needed. For data collected to provide access to cloud.apell.info, this will be at the end of every session.
For log files, this will occur after seven days at the latest. Some data may be preserved for a longer period of time, in which case user IP addresses are deleted or removed, rendering it impossible to link the data to any individual.
2. Cookies
cloud.apell.info uses cookies. Cookies are small data files, created and stored by the Internet browser on your computer’s hard drive. Accessing a website may result in a cookie being saved on your operating system. This cookie contains a specific string of characters that allows the browser to be clearly recognized every time the website is accessed.
The processing of personal data based on the use of cookies is lawful pursuant to Article 6 paragraph 1 lit. f GDPR (General Data Protection Regulation).
Cookies are stored on the User’s computer and transferred to us. That is why you, as the User, have full control over cookie implementation. You can deactivate or restrict cookies by changing your browser settings Cookies already stored on your hard drive can be deleted at any time. This can also be done automatically. However, disabling cookies for cloud.apell.info may result in some functions not working correctly.
3. Form and email contact
There are forms on cloud.apell.info that can be used to collect data (e.g. surveys, contact information, comments and questions to APELL) electronically. When registering, the data entered by you into the online data entry form will be transmitted. Your consent is required for the processing of this data, and you will be referred to our Privacy Statement and asked to grant your consent when you send the form.
Alternatively, contact may be initiated using an email address provided by you. In this case, the personal data provided in the email will be stored. This information will not be passed on to third parties.
This processing is lawful pursuant to Article 6 paragraph 1 lit. e GDPR, where the processing of the personal data provided by you to process your inquiry is required to discharge our duties. Communication of additional information by you is voluntary, based on your consent pursuant to Article 6 paragraph 1 lit. a GDPR.
These data are only stored for the purposes of processing that communication. The data will be deleted when they are no longer needed.
4. Login
Registered users can login on cloud.apell.info by providing personal data. The following personal data will be transmitted in the process:
- Name of user
- E-mail address
- Two-factor authentication
- Security codes
- Time-based One-time Password (TOTP)
- Universal Second Factor (U2F)
- Time of last login
- IP address
Registered users will be asked to grant consent for the processing of this data as part of the login process. The IP address of successful logins is stored together with the internal user ID. This data is needed for a neural network to detect unauthorized access, which increases the security of our accounts.
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
User login is necessary to provide specific content and services on cloud.apell.info, including the creation and administration of user accounts, participation in surveys, registering for events, and the administrative tasks associated with them.
The data will be deleted when they are no longer needed.
5. Sharing of Content
On cloud.apell.info, users can share content with other users or external persons. Among other things, files, folders, calendars, appointments, and tasks can be shared. For this purpose, each registered user is stored in a list that is searchable (limited to the group that the user belongs to). The following personal data is transmitted in the process:
- Name of the user
- Shared content
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
The data will be deleted when they are no longer needed.
6. Activities
On cloud.apell.info, changes made by users to any content are stored. This makes it possible to track who has made a change. These can be viewed by other users who have access to the respective content. The following personal data is transmitted in the process:
- Affected content
- Type of the change
- Time of the change
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
The data will be deleted when they are no longer needed.
7. File Management
On cloud.apell.info, registered users can upload, edit and delete files. The following personal data is transmitted in the process:
- Contents of the file and all associated attributes
- Time of the last change
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
The data will be deleted when they are no longer needed for the purpose they were collected or the account has been inactive for one year.
8. Calendar, Appointments, and Tasks
On cloud.apell.info, registered users can create, edit and delete calendars. This makes it possible to manage appointments and tasks. The following personal data is transmitted in the process:
- Local user name or user ID
- Contact data with all associated attributes, including but not limited to:
- Title
- Location
- Description
- Date and time
- Status
- Participants
- Tasks with all associated attributes, including:
- Title
- Description of task
- Status
- Time of the last change
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
The data will be deleted when they are no longer needed.
9. Surveys and Forms
On cloud.apell.info, users can create, edit and delete surveys and forms. This makes it possible to collect and evaluate anonymous or personal data. The following personal data is transmitted in the process:
- Local user name or user ID
- Answers of the user to the form fields
- Time of transmission
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
The data will be deleted when they are no longer needed.
10. Collabora
Registered users can edit documents on cloud.apell.info. The following personal data will be transmitted:
- Local user name or user ID
- Name of the file
- Contents of the file and all associated attributes
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
The data will be deleted when they are no longer needed.
11. Nextcloud Talk
Registered users can create video conference rooms on our website. The Nextcloud Talk service is used for this purpose. The following personal data is transmitted in the process:
- Local user name or user ID
- Name of the user
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
The data will be deleted when they are no longer needed.
B. Your Rights
You have the following rights:
- the right to information regarding personal data pertaining to you that is stored by us (Article 15 GDPR)
- the right to correction of any incorrect or incomplete personal information (Article 16 GDPR)
- the “right to be forgotten”: erasure of stored personal data insofar as the relevant data are not necessary for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or the purposes of establishing, exercising, or defending a legal claim (Article 17 GDPR)
- the right to limited processing of personal data (Article 18 GDPR)
- the right to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Article 21, GDPR);
- the right to withdraw your consent to the collection, processing, and use of your personal data at any time with future effect (Article 7 paragraph 3 GDPR) – this means that the data processing related to that consent will no longer be carried out;
- the right to lodge a complaint with a supervisory authority where you believe the processing of personal data related to you is in breach of the GDPR (Article 77 GDPR)
C. Revocation of Consent / Objecting to Processing of Personal Data
You can exercise your right to object, your right of rectification and your right to revoke consent to the processing of your personal data by contacting:
APELL (Association Professionnelle Européenne du Logiciel Libre) ASBL
Kunstlaan 56 Avenue des Arts
1000 Brussels • Belgium
E-Mail: apell [at] apell.info
See also
For the privacy statement for this website (apell.info), please see our website’s Privacy Policy.